www.grandforksherald.com Open in urlscan Pro
13.32.27.124 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.grandforksherald.com/prairie-business
Submission: On September 23 via manual (September 23rd 2024, 2:06:32 pm UTC) from US — Scanned from DE

Summary HTTP 205 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 78 IPs in 9 countries across 64 domains to perform 205 HTTP transactions. The main IP is 13.32.27.124, located in United States and belongs to AMAZON-02, US. The main domain is www.grandforksherald.com. The Cisco Umbrella rank of the primary domain is 510102.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 10th 2023. Valid for: a year.

This is the only time www.grandforksherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	13.32.27.124 13.32.27.124	16509 (AMAZON-02) (AMAZON-02)
9	3.161.82.73 3.161.82.73	16509 (AMAZON-02) (AMAZON-02)
1	18.239.208.118 18.239.208.118	16509 (AMAZON-02) (AMAZON-02)
10	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.103 18.66.112.103	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:264... 2600:9000:2646:1200:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
14	18.173.205.67 18.173.205.67	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:e30... 2a02:26f0:e300:18f::3282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.53.42.121 23.53.42.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:223... 2600:9000:223c:f800:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
1	35.166.123.140 35.166.123.140	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	3.212.31.204 3.212.31.204	14618 (AMAZON-AES) (AMAZON-AES)
2	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	44.208.72.154 44.208.72.154	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2600:1f18:44f... 2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e	14618 (AMAZON-AES) (AMAZON-AES)
1	18.245.31.92 18.245.31.92	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::714	54113 (FASTLY) (FASTLY)
6	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
5	2a02:b48:9000::1 2a02:b48:9000::1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.36.224.135 52.36.224.135	16509 (AMAZON-02) (AMAZON-02)
1	52.49.92.148 52.49.92.148	16509 (AMAZON-02) (AMAZON-02)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2600:9000:274... 2600:9000:274d:ae00:7:e536:8b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.4.15 104.26.4.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	3.72.78.234 3.72.78.234	16509 (AMAZON-02) (AMAZON-02)
8	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	138.197.50.103 138.197.50.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.35.57.188 13.35.57.188	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	54.75.138.185 54.75.138.185	16509 (AMAZON-02) (AMAZON-02)
1 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	3.215.242.153 3.215.242.153	14618 (AMAZON-AES) (AMAZON-AES)
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
3 6	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
2	52.8.140.81 52.8.140.81	16509 (AMAZON-02) (AMAZON-02)
1	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:196f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.217.66.45 34.217.66.45	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.119 18.66.102.119	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:274... 2600:9000:274d:4400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.216.50.41 52.216.50.41	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	20.50.88.242 20.50.88.242	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	34.196.228.185 34.196.228.185	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.17 63.140.62.17	15224 (OMNITURE) (OMNITURE)
2	104.44.128.13 104.44.128.13	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
205	78

4 13.32.27.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-124.fra56.r.cloudfront.net

www.grandforksherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.161.82.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-73.fra56.r.cloudfront.net

cdn.forumcomm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.208.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-208-118.bru50.r.cloudfront.net

static.forumcomm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.q0losid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mbmgivexdvpajr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.dmepyodjotcuks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.vmzqqmlpwwmazjnio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pranmcpkx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-103.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:1200:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.173.205.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-67.fra56.r.cloudfront.net

k664.grandforksherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:e300:18f::3282 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

widgets-lts.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f6cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.42.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-121.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:f800:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.123.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-123-140.us-west-2.compute.amazonaws.com

ggbepmk06k.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.212.31.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-31-204.compute-1.amazonaws.com

forumcommunications.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.208.72.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-72-154.compute-1.amazonaws.com

forumcomm.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-92.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:b48:9000::1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn-p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.224.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-224-135.us-west-2.compute.amazonaws.com

postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.92.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-92-148.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:274d:ae00:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.15 (None, )

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 3.72.78.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.197.50.103 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

x.yieldlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.57.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-57-188.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e90c9acc6816d542e6621b03cf4a936b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.138.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-138-185.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.242.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-242-153.compute-1.amazonaws.com

notifications.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.102 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

8975227.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9853337.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.8.140.81 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-140-81.us-west-1.compute.amazonaws.com

adservices.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:196f (United States)

ASN13335 (CLOUDFLARENET, US)

stereotypedsugar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.217.66.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-66-45.us-west-2.compute.amazonaws.com

capig.inforum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-119.fra56.r.cloudfront.net

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:274d:4400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.50.41 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.228.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-228-185.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net

edge.adobedc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.44.128.13 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-forum-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States) 1 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1046	3 KB
18	grandforksherald.com www.grandforksherald.com — Cisco Umbrella Rank: 510102 k664.grandforksherald.com — Cisco Umbrella Rank: 673536	270 KB
11	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 pubads.g.doubleclick.net — Cisco Umbrella Rank: 452 8975227.fls.doubleclick.net — Cisco Umbrella Rank: 178121 ad.doubleclick.net — Cisco Umbrella Rank: 151 9853337.fls.doubleclick.net — Cisco Umbrella Rank: 149454 stats.g.doubleclick.net — Cisco Umbrella Rank: 131	151 KB
10	forumcomm.com cdn.forumcomm.com — Cisco Umbrella Rank: 111983 static.forumcomm.com — Cisco Umbrella Rank: 157851	898 KB
8	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 499	4 KB
7	stereotypedsugar.com stereotypedsugar.com — Cisco Umbrella Rank: 148949	272 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 e90c9acc6816d542e6621b03cf4a936b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 167	20 KB
6	gstatic.com fonts.gstatic.com	134 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	533 KB
6	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 29831 cdn-p.cityspark.com — Cisco Umbrella Rank: 20821	19 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4515	20 B
4	adsrvr.org 1 redirects match.adsrvr.org — Cisco Umbrella Rank: 384 insight.adsrvr.org — Cisco Umbrella Rank: 962	811 B
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 471 mug.criteo.com — Cisco Umbrella Rank: 3746	1 KB
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 614	624 B
4	yieldlift.com x.yieldlift.com — Cisco Umbrella Rank: 42066	3 KB
4	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 488	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 351 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 668 aax.amazon-adsystem.com — Cisco Umbrella Rank: 469	84 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	234 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	2 KB
3	brandcdn.com tag.brandcdn.com — Cisco Umbrella Rank: 18131 adservices.brandcdn.com — Cisco Umbrella Rank: 12112	3 KB
3	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 11721 notifications.viafoura.co — Cisco Umbrella Rank: 13935 i.viafoura.co — Cisco Umbrella Rank: 11532	6 KB
3	vmzqqmlpwwmazjnio.com cdn.vmzqqmlpwwmazjnio.com — Cisco Umbrella Rank: 54955	509 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	3 KB
3	amazonaws.com ggbepmk06k.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 146524 paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 40463	5 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1878 mab.chartbeat.com — Cisco Umbrella Rank: 3021	26 KB
2	azurewebsites.net prod-forum-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 187336	1 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 788	485 B
2	pranmcpkx.com cdn.pranmcpkx.com — Cisco Umbrella Rank: 35796	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 11626	126 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 529	1 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1714	129 KB
2	postrelease.com postrelease.com — Cisco Umbrella Rank: 956 jadserve.postrelease.com — Cisco Umbrella Rank: 1052	606 B
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 563 t.pubmatic.com — Cisco Umbrella Rank: 2668	87 KB
2	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 3167	22 KB
2	blueconic.net forumcommunications.blueconic.net — Cisco Umbrella Rank: 168442	2 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3762	498 B
2	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 11683	62 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 803	21 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3714
1	adobedc.net edge.adobedc.net — Cisco Umbrella Rank: 3657	717 B
1	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 6075	927 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1581	201 B
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 442	65 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 650	481 B
1	inforum.com capig.inforum.com — Cisco Umbrella Rank: 168311	370 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 948	307 B
1	quantserve.com pixel.quantserve.com — Cisco Umbrella Rank: 1050	456 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 327	40 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 946	723 B
1	t.co t.co — Cisco Umbrella Rank: 844	627 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2535	325 B
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 25305	765 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 863	15 KB
1	dmepyodjotcuks.com cdn.dmepyodjotcuks.com — Cisco Umbrella Rank: 60757	49 KB
1	mbmgivexdvpajr.com cdn.mbmgivexdvpajr.com — Cisco Umbrella Rank: 61961	23 KB
1	friends2follow.com forumcomm.friends2follow.com — Cisco Umbrella Rank: 246377
1	q0losid.com cdn.q0losid.com — Cisco Umbrella Rank: 51086	1 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3894	183 KB
1	weather.com widgets-lts.media.weather.com — Cisco Umbrella Rank: 77636	139 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3931	34 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	8 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 318	33 KB
1	azureedge.net loader-cdn.azureedge.net — Cisco Umbrella Rank: 57094	11 KB
205	64

	Domain	Requested by
25	btlr.sharethrough.com	cdn.forumcomm.com
14	k664.grandforksherald.com	www.grandforksherald.com k664.grandforksherald.com az416426.vo.msecnd.net
9	cdn.forumcomm.com	www.grandforksherald.com
8	fastlane.rubiconproject.com	cdn.forumcomm.com
7	stereotypedsugar.com	www.grandforksherald.com stereotypedsugar.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagmanager.com	www.grandforksherald.com www.googletagmanager.com cdn.dmepyodjotcuks.com
5	cdn-p.cityspark.com	cdn.cityspark.com cdn-p.cityspark.com
4	region1.analytics.google.com	1 redirects www.googletagmanager.com
4	9853337.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	rtb.openx.net	cdn.forumcomm.com
4	x.yieldlift.com	cdn.forumcomm.com
4	htlb.casalemedia.com	cdn.forumcomm.com
4	connect.facebook.net	www.grandforksherald.com connect.facebook.net
4	www.grandforksherald.com	cdn.forumcomm.com
3	www.facebook.com	connect.facebook.net www.grandforksherald.com
3	insight.adsrvr.org	1 redirects www.grandforksherald.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net az416426.vo.msecnd.net
3	cdn.vmzqqmlpwwmazjnio.com	loader-cdn.azureedge.net cdn.vmzqqmlpwwmazjnio.com
3	fonts.googleapis.com	www.grandforksherald.com cdn-p.cityspark.com
2	prod-forum-proxy-connext.azurewebsites.net	cdn.vmzqqmlpwwmazjnio.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	paywall-ad-bucket.s3.amazonaws.com	www.grandforksherald.com
2	cdn.pranmcpkx.com	cdn.vmzqqmlpwwmazjnio.com
2	adservices.brandcdn.com	tag.brandcdn.com adservices.brandcdn.com
2	www.google.de	www.grandforksherald.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	8975227.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	id5-sync.com	ads.pubmatic.com
2	mug.criteo.com	www.grandforksherald.com
2	gum.criteo.com	1 redirects
2	cdn.confiant-integrations.net	www.googletagmanager.com cdn.confiant-integrations.net
2	az416426.vo.msecnd.net	loader-cdn.azureedge.net cdn.vmzqqmlpwwmazjnio.com
2	c.amazon-adsystem.com	www.grandforksherald.com c.amazon-adsystem.com
2	forumcommunications.blueconic.net	k664.grandforksherald.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	cdn.viafoura.net	www.grandforksherald.com
2	unpkg.com	1 redirects www.grandforksherald.com
2	static.chartbeat.com	www.grandforksherald.com
1	region1.google-analytics.com
1	edge.adobedc.net	assets.adobedtm.com
1	adobedc.demdex.net	assets.adobedtm.com
1	ping.chartbeat.net
1	assets.adobedtm.com	widgets-lts.media.weather.com
1	static.adsafeprotected.com	www.grandforksherald.com
1	i.viafoura.co	www.grandforksherald.com
1	capig.inforum.com	connect.facebook.net
1	lb.eu-1-id5-sync.com	ads.pubmatic.com
1	t.pubmatic.com	ads.pubmatic.com
1	pixel.quantserve.com	cdn.cityspark.com
1	cdn.jsdelivr.net	cdn.cityspark.com
1	d1eoo1tco6rr5e.cloudfront.net	tag.brandcdn.com
1	ad.doubleclick.net	www.grandforksherald.com
1	analytics.twitter.com	www.grandforksherald.com
1	t.co	www.grandforksherald.com
1	notifications.viafoura.co	cdn.viafoura.net
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	e90c9acc6816d542e6621b03cf4a936b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	api-mg2.db-ip.com	cdn.mbmgivexdvpajr.com
1	pubads.g.doubleclick.net	www.grandforksherald.com
1	tag.brandcdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	jadserve.postrelease.com	s.ntv.io
1	postrelease.com	s.ntv.io
1	ads.pubmatic.com	s.ntv.io
1	mab.chartbeat.com	static.chartbeat.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	api.viafoura.co	cdn.viafoura.net
1	cdn.dmepyodjotcuks.com	loader-cdn.azureedge.net
1	cdn.mbmgivexdvpajr.com	loader-cdn.azureedge.net
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	forumcomm.friends2follow.com	www.grandforksherald.com
1	ggbepmk06k.execute-api.us-west-2.amazonaws.com	www.grandforksherald.com
1	cdn.q0losid.com	loader-cdn.azureedge.net
1	cdn.cityspark.com	www.grandforksherald.com
1	s.ntv.io	www.grandforksherald.com
1	widgets-lts.media.weather.com	www.grandforksherald.com
1	ak.sail-horizon.com	www.grandforksherald.com
1	cdnjs.cloudflare.com	www.grandforksherald.com
1	www.googletagservices.com	www.grandforksherald.com
1	loader-cdn.azureedge.net	www.grandforksherald.com
1	static.forumcomm.com	www.grandforksherald.com
205	85

This site contains links to these domains. Also see Links.

Domain
advertising.forumcomm.com
issuu.com
gfherald.wufoo.com
grandforksherald.column.us
www.agweek.com
www.inforum.com
classifieds.forumcomm.com
www.jobshq.com
homeshq.com
motors.grandforksherald.com
www.forumcomm.com
www.homeshq.com
twitter.com
www.instagram.com
www.facebook.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
web.production.forum-communications.brightspot.cloud Amazon RSA 2048 M03	`2023-12-10` - `2025-01-08`	a year	crt.sh
static.web.production.forum-communications.brightspot.cloud Amazon RSA 2048 M02	`2024-08-12` - `2025-09-10`	a year	crt.sh
static.forumcomm.com Amazon RSA 2048 M03	`2024-09-13` - `2025-10-11`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
x886.forumcomm.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
www.weather.com DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-18`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-23` - `2025-07-24`	a year	crt.sh
viafoura.com Amazon RSA 2048 M03	`2024-07-09` - `2025-08-07`	a year	crt.sh
api.sail-personalize.com Amazon RSA 2048 M02	`2024-03-25` - `2025-04-22`	a year	crt.sh
sni2fb3egl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-20` - `2025-05-21`	a year	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon RSA 2048 M02	`2024-05-02` - `2025-05-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-02` - `2024-09-30`	3 months	crt.sh
*.blueconic.net Amazon RSA 2048 M02	`2024-05-08` - `2025-06-06`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
friends2follow.com Amazon RSA 2048 M02	`2024-08-10` - `2025-09-08`	a year	crt.sh
sni3842egl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-10` - `2025-05-09`	a year	crt.sh
sni3842bgl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-10` - `2025-05-09`	a year	crt.sh
sni3842cgl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-10` - `2025-05-09`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
cdn-p.cityspark.com R11	`2024-08-11` - `2024-11-09`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M03	`2024-07-31` - `2025-08-30`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.brandcdn.com Amazon RSA 2048 M02	`2024-07-02` - `2025-07-30`	a year	crt.sh
confiant-integrations.net WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
db-ip.com WE1	`2024-09-10` - `2024-12-09`	3 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
casalemedia.com E5	`2024-08-15` - `2024-11-13`	3 months	crt.sh
x.yieldlift.com R10	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-26` - `2024-11-20`	3 months	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M03	`2024-09-08` - `2025-10-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
t.co E6	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.de WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
stereotypedsugar.com WE1	`2024-09-16` - `2024-12-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
quantserve.com R11	`2024-08-23` - `2024-11-21`	3 months	crt.sh
*.eu-1-id5-sync.com R10	`2024-09-01` - `2024-11-30`	3 months	crt.sh
capig.inforum.com R10	`2024-09-06` - `2024-12-05`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
sni2bf2agl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-03` - `2025-09-03`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 08	`2024-09-08` - `2025-09-03`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
adobedc.demdex.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-22` - `2024-11-21`	a year	crt.sh
edge.adobedc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-21` - `2024-11-20`	a year	crt.sh
*.azurewebsites.net Microsoft Azure RSA TLS Issuing CA 08	`2024-05-24` - `2025-05-19`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.grandforksherald.com/prairie-business
Frame ID: 160C68C0C74CA6E6F50C334830B4E60D
Requests: 180 HTTP requests in this frame

Frame: https://forumcomm.friends2follow.com/f2f/widget/html/cube2/97/0/12/140/1/1/1/9/9/1
Frame ID: 924846957AED3651E4B5B4E0921B8A90
Requests: 1 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: 28790ADBE9382C685FFC10CD72935067
Requests: 1 HTTP requests in this frame

Frame: https://e90c9acc6816d542e6621b03cf4a936b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3D21513576DC508FAA0DABF5C25F285
Requests: 1 HTTP requests in this frame

Frame: https://8975227.fls.doubleclick.net/activityi;dc_pre=COO_46ee2YgDFUQiBgAdjq4mMQ;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9185118308z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business
Frame ID: 424250923B57054E6651A9008FF4FCD8
Requests: 1 HTTP requests in this frame

Frame: https://9853337.fls.doubleclick.net/activityi;dc_pre=CO7y5Kee2YgDFZNKQQIdsDItng;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business
Frame ID: A8D8C678BAEA4DC6170473657C5E0930
Requests: 1 HTTP requests in this frame

Frame: https://9853337.fls.doubleclick.net/activityi;dc_pre=CL7x5Kee2YgDFTxkQQIdQcUIYw;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purchased%20(quantity);u2=event%20name;u3=purchase%20date;u4=purchase%20time;u5=inventory%20type;ps=1;pcor=1990504168;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business
Frame ID: 75EB6B2158F475D379DF9B35C8F4486F
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe
Frame ID: CB2E3BD465BE01B418D46B1EED8567A2
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Frame ID: F7B2376BA208366B33684C01A0727C7E
Requests: 14 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=333755&cv_ck=eae32df2-4435-4823-b544-af4698d2a0d5&m=www.grandforksherald.com&r=
Frame ID: 23C55A02BE0F9A6F582799D623E99CE9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB1E9656B99490B05BD76ACE2F8685E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prairie Business Magazine | Grand Forks Herald

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

205
Requests

97 %
HTTPS

32 %
IPv6

64
Domains

85
Subdomains

78
IPs

9
Countries

4118 kB
Transfer

14450 kB
Size

60
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://advertising.forumcomm.com/locations/grand-forks/
Title: 📣 Advertise With Us

Search URL Search Domain Scan URL

URL: https://issuu.com/gfherald/docs/final_with_links_gfpb_2024-09-06_zmee
Title: PB September Edition

Search URL Search Domain Scan URL

URL: https://gfherald.wufoo.com/forms/rn6gc3n0rik0cl/
Title: 40 Under 40 Nominations

Search URL Search Domain Scan URL

URL: https://advertising.forumcomm.com/?utm_source=grand_forks_website_menu&utm_medium=menu_category&utm_campaign=advertise_with_us
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://advertising.forumcomm.com/services/digital-advertising/?utm_source=Grand_forks_website_menu&utm_medium=menu_category_dropdown&utm_campaign=advertise_with_us&utm_content=digital_advertising
Title: Digital Advertising

Search URL Search Domain Scan URL

URL: https://advertising.forumcomm.com/services/print/?utm_source=grand_forks_website_menu&utm_medium=menu_category_dropdown&utm_campaign=advertise_with_us&utm_content=print
Title: Print Advertising

Search URL Search Domain Scan URL

URL: https://advertising.forumcomm.com/services/commercial-printing/?utm_source=grand_forks_website_menu&utm_medium=menu_category_dropdown&utm_campaign=advertise_with_us&utm_content=commercial_print
Title: Printing Services

Search URL Search Domain Scan URL

URL: https://advertising.forumcomm.com/services/tv/?utm_source=grand_forks_website_menu&utm_medium=menu_category_dropdown&utm_campaign=advertise_with_us&utm_content=tv
Title: TV Advertising

Search URL Search Domain Scan URL

URL: https://advertising.forumcomm.com/services/Video-production/?utm_source=grand_forks_website_menu&utm_medium=menu_category_dropdown&utm_campaign=advertise_with_us&utm_content=Video%20Services_production
Title: Video Services

Search URL Search Domain Scan URL

URL: https://grandforksherald.column.us/place
Title: Place a Public Notice

Search URL Search Domain Scan URL

URL: https://advertising.forumcomm.com/newsletter-sign-up/?utm_source=grand_forks_website&utm_medium=menu&utm_campaign=newsletter_sign_up
Title: Get Our Advertising Newsletter

Search URL Search Domain Scan URL

URL: https://www.agweek.com/
Title: Agweek

Search URL Search Domain Scan URL

URL: https://www.inforum.com/wdayplus
Title: WDAY+

Search URL Search Domain Scan URL

URL: https://classifieds.forumcomm.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://www.jobshq.com/
Title: JobsHQ

Search URL Search Domain Scan URL

URL: https://homeshq.com/
Title: HomesHQ

Search URL Search Domain Scan URL

URL: https://motors.grandforksherald.com/
Title: Motors

Search URL Search Domain Scan URL

URL: https://issuu.com/gfherald/stacks/d36f805e44e54d8eaa77589aaea25042
Title: Archive

Search URL Search Domain Scan URL

URL: https://advertising.forumcomm.com/locations/grand-forks/?utm_source=grand_forks_website_footer&utm_medium=location_page_link&utm_campaign=Advertise_with_us
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://advertising.forumcomm.com/newsletter-sign-up/?utm_source=grand_forks_website&utm_medium=footer&utm_campaign=newsletter_sign_up
Title: Get Our Advertising Newsletter

Search URL Search Domain Scan URL

URL: https://www.forumcomm.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.homeshq.com/
Title: HomeHQ

Search URL Search Domain Scan URL

URL: https://twitter.com/gfherald
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gfherald/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GrandForksHerald
Title: Facebook

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/grand-forks-herald/id1494519679

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.whiz.grandforksherald

Search URL Search Domain Scan URL

URL: https://www.forumcomm.com/
Title: Forum Communications Company

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js HTTP 302
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

Request Chain 80

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.grandforksherald.com%2F&domain=www.grandforksherald.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=6c6XZnxiODFHTGt0bDYzNUtYZ1RqbERTMHAxL1V4NW1xZEFmTmhpQkVuV0trN2xSVURLNmlETDVTNkNJMWtaQUNCd2tpc2kzTHAxeDBFUHlqdXZDMC9scmpJbU1tdWJSU2lrdUQ3QnloeU5KYlA0MnZKZm9rTDVnUjg5cE5TSkF2S01oWUJ4YlY4V1VJM2RFTEorOEFubmtQakVvTGVWZndQSWhCeDhZZXZKZGZaZzF5NXpFZ0F5Q1ZqdHpSOVEvWlo0cU9xZldrZFpFVWdRWktqMVVSN2hGb0ZhWDRPN0dacEp1K1BiSjVnQ1pLTTU1ZTYwT240ZHYvYjVUWmNUMFZoZjk2VWRDeUMwU3lscUQ5L1VKcS9WNWdsZz09fA&cppv=2

Request Chain 88

https://8975227.fls.doubleclick.net/activityi;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9185118308z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business HTTP 302
https://8975227.fls.doubleclick.net/activityi;dc_pre=COO_46ee2YgDFUQiBgAdjq4mMQ;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9185118308z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business

Request Chain 90

https://9853337.fls.doubleclick.net/activityi;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business HTTP 302
https://9853337.fls.doubleclick.net/activityi;dc_pre=CO7y5Kee2YgDFZNKQQIdsDItng;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business

Request Chain 91

https://9853337.fls.doubleclick.net/activityi;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purchased%20(quantity);u2=event%20name;u3=purchase%20date;u4=purchase%20time;u5=inventory%20type;ps=1;pcor=1990504168;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business HTTP 302
https://9853337.fls.doubleclick.net/activityi;dc_pre=CL7x5Kee2YgDFTxkQQIdQcUIYw;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purchased%20(quantity);u2=event%20name;u3=purchase%20date;u4=purchase%20time;u5=inventory%20type;ps=1;pcor=1990504168;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business

Request Chain 99

https://insight.adsrvr.org/tags/c8hchs6/56sogo3/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe

Request Chain 204

https://region1.analytics.google.com/g/collect?v=2&tid=G-N18WFR4G74&gtm=45je49j0v871606135z8851263945za200zb852250614&_p=1727100384401&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=401790398.1727100385&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1727100385&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&dt=Prairie%20Business%20Magazine%20%7C%20Grand%20Forks%20Herald&en=g2i_page_view&_c=1&ep.FCC_ContentType=page&ep.FCC_PublishDate=&ep.FCC_SectionName=prairie-business&ep.FCC_ArticleSource=&ep.eng_author=Not%20Set&ep.title=Prairie%20Business&ep.section=Not%20Set&ep.cmn_user_state=Unknown&ep.eng_content_type=website&ep.eng_meter_level=Free&ep.eng_meter_level_determine_method=Dynamic&ep.eng_meter_rule_name=Section%20Fronts&ep.eng_conversation_name=Traffic%20from%20Outside%20the%20U.S.&epn.eng_conversation_views=1&ep.eng_conversation_views_left=unlimited&ep.eng_conversation_paywall_limit=unlimited&ep.eng_conversation_date_started=2024-09-23T14%3A06%3A30Z&ep.eng_conversation_date_expiratation=&ep.eng_conversation_date_ended=Not%20Set&ep.gtm_release=1.2.75.6&up.fingerprint_id=0164128067ab8bfff4008ba07d47b5e8&tfd=6817 HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=401790398.1727100385&dbk=18287507740685849781&dma=1&dma_cps=syphamo&en=g2i_page_view&gtm=45je49j0v871606135z8851263945za200zb852250614&npa=1&tid=G-N18WFR4G74&dl=https%3A%2F%2Fwww.grandforksherald.com%3F

205 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request prairie-business Show response
www.grandforksherald.com/ 223 KB
39 KB 315ms
9ms Document
text/html 13.32.27.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-124.fra56.r.cloudfront.net

Software

istio-envoy / Brightspot

Resource Hash

bea34da91cff61cefe1ca6f00b05890f7454c1eda4c599b02eb4ab54fcc35e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 197
content-encoding: gzip
content-length: 39227
content-type: text/html;charset=UTF-8
date: Mon, 23 Sep 2024 14:03:07 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-id: kf5_Rd1alnuzMdsCMEdFGDI5HHV4S_H7BhOQJxQe1HlPLAPT2gMWWA==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
x-envoy-decorator-operation: brightspot-frontend-verify.web.svc.cluster.local:80/*
x-envoy-upstream-service-time: 305
x-powered-by: Brightspot

GET
H2 200 All.min.ab563333c23c7f3cc546c73dfbde1ee3.gz.css
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/ 381 KB
47 KB 116ms
22ms Stylesheet
text/css 3.161.82.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/All.min.ab563333c23c7f3cc546c73dfbde1ee3.gz.css
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e3df56c95a77409f149cd4eb0796ac9dbde4cce0edda4d7d537d3774436a674

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "614f2c7f342438493438a7222d23bad9"
age: 599904
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 47979
x-amz-cf-id: 5xaKNzFA7AQAv6WOHhnVCt3gbvo3XfDCNldf82_4cCaKprp4o0cGhA==
date: Mon, 16 Sep 2024 15:28:01 GMT
content-type: text/css
last-modified: Mon, 16 Sep 2024 15:27:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H2 200 all.css
static.forumcomm.com/css/ 102 KB
18 KB 82ms
20ms Stylesheet
text/css 18.239.208.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.forumcomm.com/css/all.css
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-118.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cee87ecea5f99dce79483ee4d0f2bb1aa48b726bab80074ddac3fda062e7b40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-amz-cf-pop: BRU50-P1
content-encoding: gzip
etag: W/"223184abec7096dbf32d54b6bd749901"
x-amz-version-id: null
age: 41203
via: 1.1 6670d9f343a3e0a96c4d7c936f139a06.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: yd5jbuXyboZqQRfYtgnyBzlJz0a0xqGr68wPHP6zmuQUzN2UTJy2OQ==
date: Mon, 23 Sep 2024 02:39:42 GMT
content-type: text/css
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 25 Jun 2019 21:22:06 GMT

GET
H2 200 loader.min.js Show response
loader-cdn.azureedge.net/prod/forum/ 38 KB
11 KB 82ms
11ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD4) /
Resource Hash: 3effe2ea123356a6848aa9a12878b5be55d0b46b6f8cb6c5ad9c24101e0043a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-md5: c0C86R1VdanqWJ+ToE3l2Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DCAC6C3458612F
age: 21027
x-ms-version: 2009-09-19
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/javascript
last-modified: Thu, 25 Jul 2024 05:39:51 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: fcea0dc9-d01e-0022-3d90-0d32a1000000
access-control-allow-origin: *
content-length: 10924
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4CD4)

GET
H2 200 webcomponents-loader.266c0bb4f707570dca3c59bb04633dc0.gz.js Show response
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/webcomponents-loader/ 6 KB
2 KB 116ms
23ms Script
text/javascript 3.161.82.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/webcomponents-loader/webcomponents-loader.266c0bb4f707570dca3c59bb04633dc0.gz.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "8771ad6d93cb1761c69e6457af1b0fd1"
age: 5738792
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2079
x-amz-cf-id: sUh_-N8zFp2JK_eDTAwd41r1tGK-OHyd2VlDGnMasYhcZMoHU2GdxQ==
date: Fri, 19 Jul 2024 03:59:53 GMT
content-type: text/javascript
last-modified: Thu, 30 Sep 2021 15:36:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10

GET
H2 200 All.min.d3d841b51603e9f66bb016edf10fc2df.gz.js Show response
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/ 520 KB
150 KB 17ms
15ms Script
text/javascript 3.161.82.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/All.min.d3d841b51603e9f66bb016edf10fc2df.gz.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0f7911b672e09a4395cbdd3480c317d9bfe25c8889dc575fd41a2644028fae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "fd95f9d5ebbd59d82eedcd7b56a7ba4b"
age: 340510
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 153112
x-amz-cf-id: xLRwDrBU5JgHVDW2fXv6Tl1MQtt0HFuSx_aCHMHmjFPO9h3X2xXuhQ==
date: Thu, 19 Sep 2024 15:31:15 GMT
content-type: text/javascript
last-modified: Thu, 19 Sep 2024 15:30:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 107 KB
33 KB 85ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a843c03429d602db5da1750794870e614b683a31e755f06d54ecbd3c6fcb18cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
etag: 454 / 19989 / m202409170101 / config-hash: 11954770163611365809
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 14:06:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33180
x-xss-protection: 0
server: cafe

GET
H3 200 iframeResizer.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/ 36 KB
8 KB 57ms
41ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/iframeResizer.js

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cd740cfb34a149d34ebbcfe5391e044d5b1d2a5a1e4c4a5aa6e44c6914abf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e9f-8e6f"
age: 243266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCs27kAGT40iZ0UycExgVyptSoYgPTOH2%2BOcnEJQ6pY%2BGJA9lSJ28FMTD33qbEwbVQ2Gwzp5DeqNbrxRq%2F2mRysPO5SgV8%2Fi6R3CkMwd%2BxBMd9EawYZ2%2Bjf%2FL%2BOTnS%2BoV9AzEHxb"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 13 Sep 2025 14:06:24 GMT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c7b185998741e60-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7882
server: cloudflare

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 59ms
9ms Script
application/javascript 18.66.112.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=600; must-revalidate
content-encoding: gzip
etag: W/"0a63286546fdaeb63f5762369bd1c4ff"
age: 55
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 4uCB0GMLrCDeq071UGR-YqGq66qbtpioFgOF6jjoX2Bz9-leFdKuEw==
date: Mon, 23 Sep 2024 14:05:30 GMT
content-type: application/javascript
last-modified: Thu, 06 Jun 2024 16:53:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 76ms
14ms Script
application/x-javascript 2600:9000:2646:1200:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:1200:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: W/"6583925f-5f13"
age: 55080
cross-origin-resource-policy: cross-origin
via: 1.1 69a82a9746d3a7343dca651e0829f000.cloudfront.net (CloudFront)
expires: Mon, 23 Sep 2024 22:48:24 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1GGd2KVXOdo-Ow4i3FgqA0O15_ZtT6kmemkiC6nzbG85Brepwi1oLw==
date: Sun, 22 Sep 2024 22:48:24 GMT
content-type: application/x-javascript
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
vary: Accept-Encoding

GET
H2 200 script.js Show response
k664.grandforksherald.com/ 146 KB
45 KB 80ms
8ms Script
text/javascript 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k664.grandforksherald.com/script.js

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-67.fra56.r.cloudfront.net

Software

- /

Resource Hash

38af123b785cb8ba6b26bb4c784c6d4c4b05c25e3478d57a036f857fd9b19ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
etag: f22805af9b166d9faf10960c7ea6aca8
age: 300
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 14:11:23 GMT
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: bHS3AIsKs0p4a9s1TWiJmmpnFhbb6IBeOw6DAc1nt0W7vaVFhyGisw==
date: Mon, 23 Sep 2024 14:01:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 14:01:21 GMT
cache-control: public, no-cache="Set-Cookie", max-age=600
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
content-length: 45704
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: -

GET
H2 200 prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js Show response
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/ 240 KB
82 KB 31ms
10ms Script
text/javascript 3.161.82.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 650d3a9673269648788e9e0fd371ff0982fb36f3cc7677a68218e5e6d53b013f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "634dc124b3ec5a0dfc64a0fe07ca1a79"
age: 340509
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 83936
x-amz-cf-id: E7YSzwtUGCceChx9x9v9USwCbDETo2PvA0nGRh5V0NhXul6Jz5veuA==
date: Thu, 19 Sep 2024 15:31:16 GMT
content-type: text/javascript
last-modified: Thu, 19 Sep 2024 15:30:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H2 200 wxwidget.loader.js Show response
widgets-lts.media.weather.com/ 574 KB
139 KB 196ms
76ms Script
text/javascript 2a02:26f0:e300:18f::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets-lts.media.weather.com/wxwidget.loader.js?cid=315354512

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:18f::3282 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx / Express

Resource Hash

9fa4c3916282921b036fc159a919a12554f2ab5d1da043b053646e5062d98abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=31204
content-encoding: gzip
etag: W/"8f647-zGf/zDSzeTJY+bCHnGX6d8ERJ58"
expires: Mon, 23 Sep 2024 22:46:28 GMT
access-control-allow-origin: *
content-length: 141503
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2

200

flickity.pkgd.min.js Show response
unpkg.com/flickity@2.3.0/dist/
Redirect Chain

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

56 KB
21 KB

27ms
24ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "e136-ppFLVfsImDkhRKQGmGrAD36fhGA"
age: 16747582
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFH7MZ399VJM7JSAWRQ0W7-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8c7b1859e863bbce-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /flickity@2.3.0/dist/flickity.pkgd.min.js
content-encoding: br
cf-cache-status: HIT
age: 552
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8c7b1859b81abbce-FRA
access-control-allow-origin: *
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01J8FJR1DMF1JWSZNF9G1KZ50Y-fra
server: cloudflare

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 584 KB
183 KB 114ms
28ms Script
application/x-javascript 23.53.42.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-121.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 666d6102b5206bb70da7195aee0bf0d23dff1fdbed22ef259e3c54c64c36080d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

Content-Encoding: gzip
ETag: "d60eb6fe00eef8c9bb54308f9f90dd19"
Access-Control-Allow-Methods: GET
Date: Mon, 23 Sep 2024 14:06:24 GMT
Last-Modified: Tue, 17 Sep 2024 00:37:58 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
x-amz-id-2: jmRNRGxzWuISEhli3DgpidhXv6BVGjr71sgJ+Vg+Tqwh6LWU8Q8ReFBqxMk+g7LD0Ch/tqYkke4=
Transfer-Encoding: chunked
Access-Control-Allow-Headers: *
Cache-Control: public, max-age=3600
Connection: keep-alive, Transfer-Encoding
x-amz-request-id: 42EP876T4YZYZS8Z
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 /
cdn.forumcomm.com/dims4/default/29fee9d/2147483647/strip/true/crop/620x220+0+0/resize/225x80!/quality/90/ 7 KB
8 KB 116ms
45ms Image
image/png 3.161.82.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forumcomm.com/dims4/default/29fee9d/2147483647/strip/true/crop/620x220+0+0/resize/225x80!/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2Fc8%2F79%2Fb175fdc147b8b3c561ae890c1a0e%2Fgrandforksherald.png
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-73.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 63f2170fac8aa98fb5f23cf2ee3998f1f384d53cf252e6c8d9267c6519c93152

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=31536000, public
etag: ca7d0fb1424fe3770324b7631c4f381e
x-envoy-upstream-service-time: 286
age: 21896620
x-envoy-decorator-operation: brightspot-dims-verify.web.svc.cluster.local:80/*
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
expires: Mon, 13 Jan 2025 03:42:44 GMT
x-cache: Hit from cloudfront
content-length: 7259
x-amz-cf-id: _7k7A-x2TzHQ3B4Bt5iBQ58XCCCT90sCsV6iPUB6bVT2PMNEU2G2mw==
date: Sun, 14 Jan 2024 03:42:44 GMT
edge-control: downstream-ttl=31536000
content-type: image/png
x-amz-cf-pop: FRA56-P10
server: istio-envoy

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 99ms
14ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB9) /
Resource Hash: 2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-md5: 8ouzdXeMpGxUBMAUF/mhkg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: "0x8DB2194D3ACD75C+gzip"
age: 124707
x-ms-version: 2014-02-14
x-ms-lease-state: available
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/x-javascript
last-modified: Fri, 10 Mar 2023 18:25:29 GMT
vary: Accept-Encoding
x-ms-request-id: 42c9736b-901e-0057-449f-0c078e000000
access-control-allow-origin: *
content-length: 1002
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4CB9)

GET
H2 200 index.js Show response
cdn.viafoura.net/entry/ 45 KB
16 KB 71ms
15ms Script
text/javascript 2600:9000:223c:f800:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/entry/index.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 403157f1da5460465e0156ec5f3b9a21270b545805b43ac4137572027f21296c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
x-amz-version-id: 4zRUbjUblLa0McYpjJIZUcC.BkzbkEbQ
etag: W/"42bb2348acebf89096f92674b711372a"
age: 163
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: QqW-DABVtv42uDR6Sn4qe2quf_HdHga7YrnIkx8sUXaEbphYA6Yk6w==
date: Mon, 23 Sep 2024 14:03:42 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 17 Sep 2024 13:59:35 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=600,s-max-age=60
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js Show response
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/_resource/analytics/ 9 KB
3 KB 115ms
44ms Script
text/javascript 3.161.82.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "c066757a8992615b576ac565d39d182d"
age: 1349927
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 3003
x-amz-cf-id: GbFEhPsa4Vqd6AiTEUGOIUEfOnPSyyf_SIwhvNZPG21zWxZ6kY33ng==
date: Sat, 07 Sep 2024 23:07:38 GMT
content-type: text/javascript
last-modified: Thu, 11 Nov 2021 14:45:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 361ms
104ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://www.grandforksherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://www.grandforksherald.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Mon, 23 Sep 2024 14:06:24 GMT

GET
H2 200 loader-config.json Show response
cdn.q0losid.com/prod/forum/ 3 KB
1 KB 68ms
9ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.q0losid.com/prod/forum/loader-config.json
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D05) /
Resource Hash: f74f605e7e4a329b18106d10b194c46539ec280b9b04fe5e44740d3597ce0462

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-md5: dS9uFxvRbKG7JYetTqPlYw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DCAC6CBB2AEF98
age: 40885
x-ms-version: 2009-09-19
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/json
last-modified: Thu, 25 Jul 2024 05:43:37 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: 222e7808-f01e-0068-3c62-0d912e000000
access-control-allow-origin: *
content-length: 673
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4D05)

GET
H2 200 prod Show response
ggbepmk06k.execute-api.us-west-2.amazonaws.com/ 4 KB
4 KB 665ms
216ms Fetch
application/json 35.166.123.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ggbepmk06k.execute-api.us-west-2.amazonaws.com/prod?publication=grandforksherald&environment=production
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.166.123.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-123-140.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f1dabfe09d99c5c5fa5a80b9b3019750d08a0ec62c183875250cda6d951f06e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-amzn-requestid: a034e39c-1a13-42ec-8d2c-56a2c60cf6a1
access-control-allow-origin: *
content-length: 4143
date: Mon, 23 Sep 2024 14:06:24 GMT
x-amz-apigw-id: ej9bMH9KPHcEn-w=
content-type: application/json
x-amzn-trace-id: Root=1-66f175e0-3984c54e21961256625d8b2b;Parent=50885fb9b7624e89;Sampled=0;lineage=1:3ae2732a:0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 307 KB
105 KB 93ms
31ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c03a5b76da97d02e4e4a8b5796f8c0a8ef3b9b675e6150bbf83ba5e4ad174392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
expires: Mon, 23 Sep 2024 14:06:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 107463
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 45ms
10ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

19cae9271e1bbe3db13465720cec9444dcfe778f41d88aaaa3285dcf7adabc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-md5: xOxmrYR6bXPaArT0/DhKIg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "1729712b0d5b9b85c037317f6ac3aef3"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 14:23:59 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=1200s
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 30c6813c19e8bc8c00c25dba0f439217
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4474, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: hQ/qkKwipu98IitaSZk/PtElOzxD66KGfYXBgdm790nLIY6FVz1skuB1eaRDhz5yz/mtHNcm8vEGPmkwsjerNg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1688
origin-agent-cluster: ?0

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
498 B 150ms
148ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 071a4c7c82d660926e6d89ae3bb493dba7d4fa989f3ed01095ac8a23b5a52273

Request headers

x-lib-version: v1.0.1
authorization: Bearer 0d7127446e3b2361d3678f15db986f1f
Referer: https://www.grandforksherald.com/
x-referring-url: https://www.grandforksherald.com/prairie-business
accept: application/json
content-type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store
content-encoding: gzip
pragma: no-cache
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
access-control-allow-credentials: true
allowedorigins: *
expires: -1
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
content-length: 197
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/json
vary: Accept-Encoding

GET
H2 200 cs Show response
forumcommunications.blueconic.net/DG/DEFAULT/ 16 B
697 B 359ms
102ms Script
text/javascript 3.212.31.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://forumcommunications.blueconic.net/DG/DEFAULT/cs?&callback=bc_json451

Requested by

Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.212.31.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-31-204.compute-1.amazonaws.com

Software

- /

Resource Hash

06b8f8b8b3580d35846908ca7bf1919b68f5997fe0f495e36efb1861b3690e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-encoding: gzip
pragma: no-cache
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 36
p3p: policyref="", CP="DSP"
date: Mon, 23 Sep 2024 14:06:24 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8
server: -

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 43ms
10ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"f2dd6786b4537f2bb6a3e22886b855f2"
age: 3466
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: COeUJ3d5K-r03jknEaJYwzzDu3p0rdL7oT3LTG_8QHa-U98bKgonLQ==
date: Mon, 23 Sep 2024 13:08:39 GMT
content-type: application/javascript
last-modified: Wed, 28 Aug 2024 22:46:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 137ms
55ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f6ad088a551be808617290ad871a06a5b7336fbcf8474ebc07e4e4bf9bc3349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 14:06:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 23 Sep 2024 14:06:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d7805992cf7b7a6eb820f848e9eed600cb66123bcf4a71bb94f6851ebc1eb86

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 839283326c111773ab5e567624466412703746e7be1a67d12743926298533ce8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
cdn.forumcomm.com/dims4/default/dd36d67/2147483647/strip/true/crop/1400x140+0+0/resize/10660x1066!/quality/90/ 571 KB
572 KB 1236ms
1236ms Image
image/jpeg 3.161.82.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forumcomm.com/dims4/default/dd36d67/2147483647/strip/true/crop/1400x140+0+0/resize/10660x1066!/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2Ff4%2F52%2F0876ebcc4ae0b1b0573336b2eab6%2Fprairie-business-magazine-1400x140.jpeg
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-73.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 081bb876717094e8f9cc67f2566d4d73b411a287f3d69ce9752ebb7e6bf12cad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=31536000, public
etag: 6e680561d3f4564d2a4e819083b72373
x-envoy-upstream-service-time: 620
x-envoy-decorator-operation: brightspot-dims-verify.web.svc.cluster.local:80/*
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
expires: Tue, 23 Sep 2025 14:06:25 GMT
x-cache: Miss from cloudfront
content-length: 585116
x-amz-cf-id: iSpt3y1SsA_pMAWhJECAmJoHiY_HLJTQqJctdArOsFDEjxXIP3FOLQ==
date: Mon, 23 Sep 2024 14:06:25 GMT
edge-control: downstream-ttl=31536000
content-type: image/jpeg
x-amz-cf-pop: FRA56-P10
server: istio-envoy

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70e2c48e17f030066b530cf41f5f7d726ff7736ae0875e36dc2b5ef649e1f146

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 204 _track Show response
www.grandforksherald.com/ 0
337 B 454ms
453ms XHR
text/plain 13.32.27.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandforksherald.com/_track

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-124.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.grandforksherald.com/prairie-business

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: brightspot-frontend-verify.web.svc.cluster.local:80/*
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: XEV_4scoCEiVl_G1R4e-IlefJj313QXNCCOqVpplm7TPmRtd5ZTeEQ==
date: Mon, 23 Sep 2024 14:06:24 GMT
x-amz-cf-pop: FRA56-C2
server: istio-envoy

GET
H2 200 1
forumcomm.friends2follow.com/f2f/widget/html/cube2/97/0/12/140/1/1/1/9/9/ Frame 9248 0
0 365ms
113ms Document
text/html 44.208.72.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://forumcomm.friends2follow.com/f2f/widget/html/cube2/97/0/12/140/1/1/1/9/9/1

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.208.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-208-72-154.compute-1.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Referer: https://www.grandforksherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 98
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 8164
content-type: text/html; charset=UTF-8
date: Mon, 23 Sep 2024 14:06:24 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 varnish
x-content-type-options: nosniff nosniff
x-varnish: 2467773338 2467767433
x-varnish-cache: HIT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409170101/ 479 KB
149 KB 112ms
21ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409170101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

cb95a582de73802e636457f750ccc00545d657ed918d385cd95d32c60ee1ae56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
etag: 3697167613350629614
age: 14436
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 10:05:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 23 Sep 2024 10:05:48 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 152556
x-xss-protection: 0
server: cafe

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 137ms
8ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-md5: HdY95yzx9wIyQkVEGES+Ew==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8D8E461DA1A5889
age: 112
x-ms-version: 2009-09-19
expires: Mon, 23 Sep 2024 14:36:24 GMT
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/x-javascript
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=1800
x-ms-meta-lastmodified: 2020-10-01 19:31:04
x-ms-request-id: 8af52764-201e-00d7-44c1-0d7c74000000
access-control-allow-origin: *
content-length: 22495
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4CD6)

GET
H2 200 fp.min.js Show response
cdn.mbmgivexdvpajr.com/prod/forum/ 66 KB
23 KB 156ms
17ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mbmgivexdvpajr.com/prod/forum/fp.min.js?2024823
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CDA) /
Resource Hash: eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://www.grandforksherald.com/

Response headers

content-md5: uNbNlIeYZ9WdMaBieS7wbw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DBFAD2234D0CCB
age: 40180
x-ms-version: 2009-09-19
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/javascript
last-modified: Tue, 12 Dec 2023 05:21:04 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: ec4e257a-001e-00a7-4e64-0d1f7c000000
access-control-allow-origin: *
content-length: 23529
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4CDA)

GET
H2 200 g2i.min.js Show response
cdn.dmepyodjotcuks.com/prod/forum/ 223 KB
49 KB 146ms
10ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmepyodjotcuks.com/prod/forum/g2i.min.js?2024823
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CEB) /
Resource Hash: fe8c4fbfc9ac9623aea6a8632b00ce10dbee4071570796a7005c4ed9d7818b37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://www.grandforksherald.com/

Response headers

content-md5: 4/djcAG4JiSmi1JSdQvtMw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DCD7A5FA1ECBD0
age: 29141
x-ms-version: 2009-09-19
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 05:51:44 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: 1cea989f-a01e-00ae-387d-0d5aaf000000
access-control-allow-origin: *
content-length: 49547
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4CEB)

GET
H2 200 t8y9347t.min.js Show response
cdn.vmzqqmlpwwmazjnio.com/prod/forum/ 1 MB
398 KB 143ms
9ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/forum/t8y9347t.min.js?2024823
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: f5117070e105801e4cb0e2f9472e3e2cef5ed4e7edbf3f721088c1ab52f24a43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://www.grandforksherald.com/

Response headers

content-md5: lNE2Fa1x0hul7kz6CJ+ckw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DBFAD24366D594
age: 18257
x-ms-version: 2009-09-19
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/javascript
last-modified: Tue, 12 Dec 2023 05:21:58 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: 29832d11-901e-00a5-3797-0da1c4000000
access-control-allow-origin: *
content-length: 406857
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4C94)

GET
H2 200 t8y9347t.min.css
cdn.vmzqqmlpwwmazjnio.com/prod/forum/ 396 KB
55 KB 148ms
13ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/forum/t8y9347t.min.css?2024823
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C89) /
Resource Hash: 2daf4f648f61913798a435e8a7de48bc507cef6d1beef4a05e314dad8db6f4bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-md5: KGAI+MIxF0Nl5uOt1Fi9/Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DBFAD24365282C
age: 18257
x-ms-version: 2009-09-19
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: text/css
last-modified: Tue, 12 Dec 2023 05:21:58 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: 8bfeb057-f01e-0035-5597-0d9baa000000
access-control-allow-origin: *
content-length: 55720
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4C89)

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 60ms
20ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=69602d8d30833539e177887d40b138b8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

e5ac24b9a1300734a0ebb9c4d8571553bad992021040b30e62500670045f6bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://www.grandforksherald.com/

Response headers

content-md5: sK5qjclUDd0OX0BWaUXkpA==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "9cfd0b58dfd9b488a23d6119b4a845f6"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 12:24:23 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 7731c1f4c1a72e519cc811c5c9aef191
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4437, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: XTDpI8lVYmSq1OgoM+RX+8vnpbWkmzwqhYt0nyGlKZ6t63oA7rcK2upsTtnzhMi9iK27eIy5tNMkpa6Eo5ZC1w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 82571
origin-agent-cluster: ?0

POST
H2 200 v2 Show response
api.viafoura.co/v2/www.grandforksherald.com/bootstrap/ 7 KB
3 KB 360ms
109ms Fetch
application/json 2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.grandforksherald.com/bootstrap/v2?session=false
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d2bf64bbf690cf09973e44e3f2f37c52db53634d4c574d473c3a2dfc4dd8534a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.grandforksherald.com/

Response headers

access-control-max-age: 86400
cache-control: max-age=0
content-encoding: gzip
pragma: no-cache
x-instance-id: i-05110b0fa7b717901
access-control-allow-credentials: true
expires: Mon, 23 Sep 2024 14:06:24 GMT
access-control-allow-origin: https://www.grandforksherald.com
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 59950d2e-4dfc-490d-92ee-81f8d387b7dd Show response
config.aps.amazon-adsystem.com/configs/ 563 B
837 B 75ms
14ms Script
application/javascript 18.245.31.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/59950d2e-4dfc-490d-92ee-81f8d387b7dd
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-92.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3ce57e1a02c1af3110b9c343c45c8b9bca39b642b26b780ea098410766d6bfd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=3600
age: 920
via: 1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: JAQh9rEPyj4ynfYluYtQ0khimNS_CK09TKcnuKuAeyteiKqeB7vp1Q==
date: Mon, 23 Sep 2024 13:51:04 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P8
server: CloudFront

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 46ms
9ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 35805
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: ZUPOKECMd5qHEZCoCiuSpqyT9qoa7gkgI7yjxtBt9CeCMtno3eSP3Q==
date: Mon, 23 Sep 2024 04:09:40 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 187 B
493 B 246ms
145ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=grandforksherald.com&domain=grandforksherald.com&path=%2Fprairie-business
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f72d1dd574da19f679f48b43533ad8abd6286b5323a67d0a01f331d898ea1983

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
age: 0
expires: Sat, 21 Sep 2024 14:06:24 GMT
x-cache: MISS
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/json
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
x-timer: S1727100385.789104,VS0,VE97
cross-origin-resource-policy: cross-origin
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 139

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 67ms
36ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 195617
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 07:46:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 07:46:07 GMT
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14824
x-xss-protection: 0
server: sffe

GET
H3 200 pe0pMI6eKpdGqlF5LANrM--qBP5v.woff2
fonts.gstatic.com/s/brygada1918/v22/ 23 KB
23 KB 62ms
32ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/brygada1918/v22/pe0pMI6eKpdGqlF5LANrM--qBP5v.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

1b95f8f8c61fbb4bef4896ec9fec649306a6d29d0eaaa3fac27aa050d68d0670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 184294
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 10:54:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 10:54:50 GMT
last-modified: Thu, 14 Sep 2023 00:49:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23080
x-xss-protection: 0
server: sffe

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 63ms
33ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 225890
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 20 Sep 2025 23:21:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Sep 2024 23:21:34 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 69ms
38ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 230666
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 20 Sep 2025 22:01:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Sep 2024 22:01:58 GMT
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14712
x-xss-protection: 0
server: sffe

GET
H2 200 9940.jsx Show response
cdn-p.cityspark.com/wid/ 35 KB
7 KB 370ms
302ms Script
application/json 2a02:b48:9000::1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-p.cityspark.com/wid/9940.jsx?b=1727100384720&on=aHR0cHM6Ly93d3cuZ3JhbmRmb3Jrc2hlcmFsZC5jb20vcHJhaXJpZS1idXNpbmVzcw==&callback=jsonp9940

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:b48:9000::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d08b7bb8d5e44d41f88529f0130980c559dd725f9462e463b2db00f389be14cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
content-encoding: gzip
expires: Mon, 23 Sep 2024 16:06:25 GMT
x-proxy-cache: MISS
access-control-allow-origin: *
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-cdn-host-id: ds6321,ds9225

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156500/13793/ 274 KB
87 KB 78ms
14ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=49435
content-encoding: gzip
expires: Tue, 24 Sep 2024 03:50:19 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 88884
date: Mon, 23 Sep 2024 14:06:24 GMT
last-modified: Mon, 15 Jul 2024 19:01:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 topics.html
postrelease.com/iframes/ Frame 2879 0
0 576ms
207ms Document
text/html 52.36.224.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postrelease.com/iframes/topics.html
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.grandforksherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 582
content-type: text/html
date: Mon, 23 Sep 2024 14:06:25 GMT
etag: "ec22fdd2cd0ccf11c7761864efa96c06"
last-modified: Fri, 15 Mar 2024 21:34:47 GMT
server: AmazonS3
x-amz-id-2: FWfieLRVGH2Cq0ZNcOJ3EAj0wNtYATmBKtvrHCtxGTi8205eeLjbAUvIjU/spkhcfkGqi6hSmcA=
x-amz-request-id: 7Q8V2BJC8AS3ZWEJ
x-amz-server-side-encryption: AES256

GET
H2 200 t Show response
jadserve.postrelease.com/ 267 B
606 B 191ms
58ms Script
text/javascript 52.49.92.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&ntv_mvi&ntv_kv=kw*sectionfront,production
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.92.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-92-148.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 966a8421df082b4dfde5790dbb6174025661a8a33976e431f8a4a7207e19dc90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
pragma: no-cache
expires: Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin: *
content-length: 194
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: text/javascript;charset=UTF-8
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
100 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N18WFR4G74&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00b7c9bbd86d2880e9a3de5009ab14c4c8915093b407574c788d22f34baa545a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Mon, 23 Sep 2024 14:06:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102402
date: Mon, 23 Sep 2024 14:06:24 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 17ms
16ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=26, mss=1232, tbw=8378, tp=15, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 9OZmKGwls2n+CZWF7P5ViTzlR9yLbfdiALeM5HEDb/XOr9EfgMGphN5slusMRLZA3/vszkpaf/5cb+PigP6yyw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 58953
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8975227&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d7611a12bba81706b18b7d3f91d7a6e98c5147c46bd21fd042806fce343f890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
expires: Mon, 23 Sep 2024 14:06:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 79560
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 98ms
16ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Mon, 23 Sep 2024 14:06:24 GMT
x-tw-cdn: FT
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220051-FRA
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9853337&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e240cdfc603cf0ae45b575e54c4814f5c31731a12f4b369a64d7bbc043223628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
expires: Mon, 23 Sep 2024 14:06:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 79094
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 Forum_Corporate_Marketing_Grand_Forks.js Show response
tag.brandcdn.com/autoscript/forumcorporatemarketinggrandforks_vfhwtmvrntzwveu9/ 1 KB
1 KB 162ms
43ms Script
text/javascript 2600:9000:274d:ae00:7:e536:8b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/forumcorporatemarketinggrandforks_vfhwtmvrntzwveu9/Forum_Corporate_Marketing_Grand_Forks.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:274d:ae00:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8e2612575553a93321a90a8885f7807956cfe779304b51d0d596fdf71420c42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-amz-replication-status: COMPLETED
x-amz-version-id: npvAmc_81ar_jXhSPzMgx5ooavOPUzAL
etag: "52336aa0584b21ba32aefad295c8f521"
age: 37077
via: 1.1 3a6918f8303b76a25e42cc711a39992a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1092
x-amz-cf-id: Hf2Hn3Q9gsPARwljfz69VL0M3BUSlUo4mzTQrMTpaxK7RHdfGmNX_g==
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/javascript
last-modified: Tue, 22 Nov 2022 01:02:56 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/cUnQ-tYNZ95Jh3EezVQMDpKuEDk/gpt_and_prebid/ 120 KB
27 KB 76ms
24ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/cUnQ-tYNZ95Jh3EezVQMDpKuEDk/gpt_and_prebid/config.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b1448c4e000ba6a9d5998fe754705523d76914000548544c1e26af46566178

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "073b659f446d1494c2ff86ba9c52ed40"
age: 750
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: text/javascript
last-modified: Mon, 23 Sep 2024 13:47:25 GMT
vary: Accept-Encoding
x-amz-id-2: aA0enaUQN2mhr6vSFoM+eDAB3r68b7L3qNLBsIvU1+ZEAdWyQ1tUxmoUM7FuHxuM8kQ4fHHPOVg=
cache-control: public, max-age=900, stale-while-revalidate=3600
x-amz-request-id: JZKQ8R9Y6DPRBJQ9
cf-ray: 8c7b185dea420859-FRA
accept-ranges: bytes
content-length: 27677
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 DFPAudiencePixel;ord=9088480119257.945;dc_seg=487073367
pubads.g.doubleclick.net/activity;dc_iu=/7021/ 42 B
63 B 70ms
51ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/7021/DFPAudiencePixel;ord=9088480119257.945;dc_seg=487073367?

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Mon, 23 Sep 2024 14:06:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
cdn.forumcomm.com/dims4/default/d30c011/2147483647/strip/true/crop/1500x1000+100+0/resize/840x560!/format/webp/quality/90/ 9 KB
9 KB 13ms
10ms Image
image/webp 3.161.82.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forumcomm.com/dims4/default/d30c011/2147483647/strip/true/crop/1500x1000+100+0/resize/840x560!/format/webp/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2F8f%2F4e%2F99e2ac2e42e8b28e5a47933bf775%2Fprairie-news-web-logo-rgb-612-x-360-pixels-200res.jpg
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-73.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 6a832ae39244408bade2893495e09216fff595bc0888c92c3d4f594b34f25408

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=31536000, public
etag: ac642f0899ef235c2e2a3802c8ea9979
x-envoy-upstream-service-time: 473
age: 1186395
x-envoy-decorator-operation: brightspot-dims-verify.web.svc.cluster.local:80/*
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
expires: Tue, 09 Sep 2025 20:33:10 GMT
x-cache: Hit from cloudfront
content-length: 9222
x-amz-cf-id: KA_n2z7NqGBv1p1vvF0AjYB5soWn9zzKPHraBpqAPkGNKd8BF0jatA==
date: Mon, 09 Sep 2024 20:33:10 GMT
edge-control: downstream-ttl=31536000
content-type: image/webp
x-amz-cf-pop: FRA56-P10
server: istio-envoy

GET
H2 200 /
cdn.forumcomm.com/dims4/default/83947b2/2147483647/strip/true/crop/1503x1000+98+0/resize/490x326!/format/webp/quality/90/ 5 KB
6 KB 14ms
12ms Image
image/webp 3.161.82.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forumcomm.com/dims4/default/83947b2/2147483647/strip/true/crop/1503x1000+98+0/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2F8f%2F4e%2F99e2ac2e42e8b28e5a47933bf775%2Fprairie-news-web-logo-rgb-612-x-360-pixels-200res.jpg
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-73.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 7af5d678bbfb00f26980085b7eb187908a49803e9e7b70ce6dbbe88aa479e9e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=31536000, public
etag: 9cc0c7abfa65a6eac0fb5871db2bb728
x-envoy-upstream-service-time: 351
age: 99979
x-envoy-decorator-operation: brightspot-dims-verify.web.svc.cluster.local:80/*
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
expires: Mon, 22 Sep 2025 10:20:06 GMT
x-cache: Hit from cloudfront
content-length: 5382
x-amz-cf-id: HQuR0KMYLaz-upc6YlnqocGsfWJUMv8lB-GqMphcOBlP07sKGIhHmQ==
date: Sun, 22 Sep 2024 10:20:06 GMT
edge-control: downstream-ttl=31536000
content-type: image/webp
x-amz-cf-pop: FRA56-P10
server: istio-envoy

GET
H3 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 583 B
765 B 282ms
237ms XHR
application/json 104.26.4.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1727100385148
Requested by: Host: cdn.mbmgivexdvpajr.com
URL: https://cdn.mbmgivexdvpajr.com/prod/forum/fp.min.js?2024823
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ed4ecd47d8e04ddabb007f3a695ece6e981628a66ca8ed91cd18782b963284

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tX3J1aTeyZSue5zbvN6sw7MW0%2F7Bk3kqdlBrJQf0m2wCP3w1r%2BFGxBDhUC80mTTHkvanBk6BhPPQ%2FbR%2FuQFom40uMXBzJ7OHlQx7wfBzqRGjwkKawcWDZ9Uc2CpmpM%2BaeY%2F2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7b185f79359750-FRA
access-control-allow-origin: *
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json
last-modified: Mon, 23 Sep 2024 14:06:25 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 99ms
43ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 103ms
46ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 100ms
43ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 129ms
73ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
131 B 85ms
28ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 99ms
43ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 357 B
898 B 101ms
48ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44028&zone_id=190792&size_id=2&alt_size_ids=43%2C44%2C57&rf=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tk_flint=pbjs_lite_v9.11.0&x_source.tid=e4ad5d68-14f2-41e7-90e2-7fb5ca9b96ea&l_pb_bid_id=10cc9d0beadcfa6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=98aff197-bed0-4f61-bca0-4cf6be5cfe67&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.7338467439292113
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bdedef336db42f247d06fc93fd4f265a5e87e50a2d12714929778fa9898ab15f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.grandforksherald.com
content-length: 357
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 357 B
716 B 205ms
152ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44030&zone_id=190796&size_id=2&alt_size_ids=43%2C44%2C57&rf=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tk_flint=pbjs_lite_v9.11.0&x_source.tid=e4ad5d68-14f2-41e7-90e2-7fb5ca9b96ea&l_pb_bid_id=114e1051335c00d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=98aff197-bed0-4f61-bca0-4cf6be5cfe67&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.3860664456154981
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1a43a257bee5b0df57e0b877fd669eaabfe6b1ec0c75f8c3a7b5d311a3a0342c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.grandforksherald.com
content-length: 357
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
549 B 66ms
35ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=248828
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc04902a82e68d674959aa4253366468df12ed50002f300f99a41e11c37de084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
cf-ray: 8c7b185fd90b37fd-FRA
expires: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vx6spqO0B6gWkvCtXrpd3DAuomDI6QjqwaVvS713TPLaq4iodpq6591D11u%2Bltrwhf7bprCQmec3olzw1z%2B6JZrLZ%2FHBREHxa3vmi6do38yMx9J3MdAXnRTwX8grJrHjlY6WXz3r"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.grandforksherald.com
content-length: 37
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

POST
H/1.1 200
OK pbjs Show response
x.yieldlift.com/ 1 KB
829 B 502ms
190ms Fetch
application/json 138.197.50.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://x.yieldlift.com/pbjs

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

138.197.50.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

416292a54924c14eda30cdc4ff8d1352cb3b522ca03fa3a9ecb542a345419e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.grandforksherald.com
Content-Length: 436
Date: Mon, 23 Sep 2024 14:06:25 GMT
Content-Type: application/json
Vary: Origin

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
301 B 70ms
20ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: f09afdbbc563c369fb3f18ed6514bfed5a875f8abd4a9a00a3a57fae01ab3d47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
x-forwarded-for: 78.159.108.37
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://www.grandforksherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain
vary: Origin

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
383 B 172ms
102ms XHR
text/javascript 13.35.57.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&pid=0P3K5JLwwDWst&cb=0&ws=1600x1200&v=24.827.1552&t=2000&slots=%5B%7B%22sd%22%3A%22googleAd363f7e8c-5412-4f8d-baa6-c525482bcef6%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22%2F7021%2Fforumcomm%2Fgrandforksherald%2Fprairie-business%22%7D%2C%7B%22sd%22%3A%22googleAd1dbebf0a-2e56-4a4f-9c2c-bcdabeeaa6e7%22%2C%22s%22%3A%5B%22970x250%22%2C%22960x200%22%2C%22930x180%22%2C%22970x90%22%2C%22970x66%22%2C%22728x90%22%2C%22300x250%22%2C%22250x250%22%2C%22320x100%22%2C%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22%2F7021%2Fforumcomm%2Fgrandforksherald%2Fprairie-business%22%7D%2C%7B%22sd%22%3A%22googleAdb4a44662-da19-4ced-9fe5-69cb299ebed9%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7021%2Fforumcomm%2Fgrandforksherald%2Fprairie-business%22%7D%2C%7B%22sd%22%3A%22googleAd6a5db511-579b-4f21-8c01-1d8d36164e14%22%2C%22s%22%3A%5B%22300x600%22%2C%22120x600%22%2C%22160x600%22%2C%22300x250%22%2C%22250x250%22%2C%22320x100%22%2C%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22%2F7021%2Fforumcomm%2Fgrandforksherald%2Fprairie-business%22%7D%5D&pubid=59950d2e-4dfc-490d-92ee-81f8d387b7dd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.57.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-57-188.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.grandforksherald.com
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: Fgpw9nJc9FVoJbCKNbapkERc2gEXB1UYuUWQQWb6LAdy6rV_aWx1zA==
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA60-P10
server: Server

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 660 B
355 B 259ms
216ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4332450170206081&correlator=3704893272281795&eid=31079957%2C31083343%2C31085773%2C31084270%2C31085775&output=ldjh&gdfp_req=1&vrg=202409170101&ptt=17&impl=fif&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Cprairie-business&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&didk=3759699858&sfv=1-0-40&ists=1&eri=1&sc=1&lrm=100&abxe=1&dt=1727100385265&lmt=1727100385&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&td=1&egid=44266&tan=a43dbe8c-2d69-426c-9aad-79db4d4daea7&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1727100384230&idt=829&ppid=5941ea5b534a8f61be8bb811ad85d6ec2482c1a7&prev_scp=intertype%3Dlayer%26position%3Dfirst-entry-takeover%26kw%3Dprairie-business%2Cgrandforksherald%26userStatus%3Danonymous&cust_params=amznbid%3D0%26amznp%3D0&adks=1804682063&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ed8e330a58f5ea649045654a1b11810bec25f04ff012955e81fbd0609b5d9053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.grandforksherald.com
content-length: 326
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
e90c9acc6816d542e6621b03cf4a936b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3D2 0
0 124ms
44ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e90c9acc6816d542e6621b03cf4a936b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandforksherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Sep 2024 14:06:25 GMT
expires: Mon, 23 Sep 2024 14:06:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 450 Show response
k664.grandforksherald.com/DG/DEFAULT/rest/rpc/ 46 KB
13 KB 344ms
342ms XHR
application/json 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k664.grandforksherald.com/DG/DEFAULT/rest/rpc/450?referer=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&bcsessionid=&bctempid=&overruleReferrer=&time=2024-09-23T16%3A06%3A25%2B02%3A00&ts=1727100385277

Requested by

Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-67.fra56.r.cloudfront.net

Software

- /

Resource Hash

49259eecff0352945a0a001090d789740d8949aca4110405b2aedf947bf1745c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: iDScvG7Joqz0qzm-JveMMrn-WGQQ2XPaJ6a-NGFH8Wg_tR7th1qxJQ==
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
accept-ch: sec-ch-ua-platform-version
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.grandforksherald.com
content-length: 12091
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: -

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 74ms
23ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.grandforksherald.com%2F&domain=www.grandforksherald.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.grandforksherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.grandforksherald.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 23 Sep 2024 14:06:24 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 186060
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.grandforksherald.com%2F&domain=www.grandforksherald.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=6c6XZnxiODFHTGt0bDYzNUtYZ1RqbERTMHAxL1V4NW1xZEFmTmhpQkVuV0trN2xSVURLNmlETDVTNkNJMWtaQUNCd2tpc2kzTHAxeDBFUHlqdXZDMC9scmpJbU1tdWJSU2lrdUQ3QnloeU5KYlA0MnZKZm9rTDVnUjg5cE...

384 B
664 B

49ms
40ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=6c6XZnxiODFHTGt0bDYzNUtYZ1RqbERTMHAxL1V4NW1xZEFmTmhpQkVuV0trN2xSVURLNmlETDVTNkNJMWtaQUNCd2tpc2kzTHAxeDBFUHlqdXZDMC9scmpJbU1tdWJSU2lrdUQ3QnloeU5KYlA0MnZKZm9rTDVnUjg5cE5TSkF2S01oWUJ4YlY4V1VJM2RFTEorOEFubmtQakVvTGVWZndQSWhCeDhZZXZKZGZaZzF5NXpFZ0F5Q1ZqdHpSOVEvWlo0cU9xZldrZFpFVWdRWktqMVVSN2hGb0ZhWDRPN0dacEp1K1BiSjVnQ1pLTTU1ZTYwT240ZHYvYjVUWmNUMFZoZjk2VWRDeUMwU3lscUQ5L1VKcS9WNWdsZz09fA&cppv=2

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3b5a9470263bf2b1fd08afe95dd927d5d9e169d050be606eebfdc7291a5f03d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 428728
expires: 0
access-control-allow-origin: null
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
location: https://mug.criteo.com/sid?cpp=6c6XZnxiODFHTGt0bDYzNUtYZ1RqbERTMHAxL1V4NW1xZEFmTmhpQkVuV0trN2xSVURLNmlETDVTNkNJMWtaQUNCd2tpc2kzTHAxeDBFUHlqdXZDMC9scmpJbU1tdWJSU2lrdUQ3QnloeU5KYlA0MnZKZm9rTDVnUjg5cE5TSkF2S01oWUJ4YlY4V1VJM2RFTEorOEFubmtQakVvTGVWZndQSWhCeDhZZXZKZGZaZzF5NXpFZ0F5Q1ZqdHpSOVEvWlo0cU9xZldrZFpFVWdRWktqMVVSN2hGb0ZhWDRPN0dacEp1K1BiSjVnQ1pLTTU1ZTYwT240ZHYvYjVUWmNUMFZoZjk2VWRDeUMwU3lscUQ5L1VKcS9WNWdsZz09fA&cppv=2
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 305983
expires: 0
access-control-allow-origin: https://www.grandforksherald.com
content-length: 0
date: Mon, 23 Sep 2024 14:06:25 GMT
server: Kestrel

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
673 B 57ms
8ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.grandforksherald.com
p3p: CP="CAO PSA OUR"
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
325 B 157ms
39ms Fetch
application/json 54.75.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?c=17207
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.138.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-138-185.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.grandforksherald.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 43
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json;charset=utf-8
x-server: 10.45.18.111
server: Jetty(9.4.38.v20210224)

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
429 B 218ms
98ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 2f96a2dfe8420066fb7c58eeb240c30e1243ba4072ba2363d088b600f4d4987d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
expires: Wed, 23 Oct 2024 14:06:25 GMT
access-control-allow-origin: https://www.grandforksherald.com
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

GET
H2 200 all Show response
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-2ee7125f71b1/ 9 KB
3 KB 354ms
110ms Fetch
application/json 3.215.242.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-2ee7125f71b1/all
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.242.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-242-153.compute-1.amazonaws.com
Software: /
Resource Hash: a3112b140a41317008f98c37e5e8ec827b032f48a331f9a8116918ebeaaa7cdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

access-control-allow-origin: https://www.grandforksherald.com
content-length: 2857
content-encoding: gzip
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H2 200 adsct
t.co/1/i/ 43 B
627 B 278ms
241ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=494bf22c-2814-45aa-8d2d-2c37032382f7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d197c601-b325-419b-b4d2-5a94b432939c&tw_document_href=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tw_iframe_status=0&txn_id=o2f7x&type=javascript&version=2.3.30

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: ccddf2f1ee669108
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5b1a0a3050d473cb1d56474877f9f95b86f18dd3e6fbfa47b447adc94c84d1fc
cf-cache-status: DYNAMIC
cf-ray: 8c7b18607cc89751-FRA
x-response-time: 177
content-length: 43
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_o

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 207ms
172ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=494bf22c-2814-45aa-8d2d-2c37032382f7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d197c601-b325-419b-b4d2-5a94b432939c&tw_document_href=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tw_iframe_status=0&txn_id=o2f7x&type=javascript&version=2.3.30

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: aac9b0619cce0e4e
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 1f49b78612fb646fac405c824c2269470eebed8d64310e5ec8105aa7ff055707
x-response-time: 105
content-length: 43
date: Mon, 23 Sep 2024 14:06:25 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_o

GET
H3 200 2395609997225387 Show response
connect.facebook.net/signals/config/ 307 KB
93 KB 19ms
14ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2395609997225387?v=2.9.167&r=stable&domain=www.grandforksherald.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

a07a7c548134131710bc91d73f1e2ea558442533a443bbdfb16a8f606e8f4de1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=43, mss=1232, tbw=69402, tp=67, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: dVMbbn4ThDHJFGizTWd5P2LjDqbluKYfmvDUzmniFiShik8TMP7nufkxHcM9wQkhawyESFvtCXMuikLfBEQVqA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 95610
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2

200

activityi;dc_pre=COO_46ee2YgDFUQiBgAdjq4mMQ;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
8975227.fls.doubleclick.net/ Frame 4242
Redirect Chain

https://8975227.fls.doubleclick.net/activityi;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
https://8975227.fls.doubleclick.net/activityi;dc_pre=COO_46ee2YgDFUQiBgAdjq4mMQ;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;ua...

0
0

53ms
38ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8975227.fls.doubleclick.net/activityi;dc_pre=COO_46ee2YgDFUQiBgAdjq4mMQ;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9185118308z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8975227&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandforksherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 363
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Sep 2024 14:06:25 GMT
expires: Mon, 23 Sep 2024 14:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Sep 2024 14:06:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8975227.fls.doubleclick.net/activityi;dc_pre=COO_46ee2YgDFUQiBgAdjq4mMQ;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9185118308z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 0
23 B 162ms
102ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=8975227;type=invmedia;cat=grand0;ord=3443543131290;npa=1;auiddc=211570192.1727100385;ps=1;pcor=1878461941;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9185118308z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business?

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 23 Sep 2024 14:06:25 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"9724245349126670097"}],"aggregatable_trigger_data":[{"filters":[{"14":["11807922"]}],"key_piece":"0xa18c914da5f47f67","source_keys":["12","13","14","15","16","17","18","19","20","21","14955072","14955073","14955074","14955075","22079120","22079121","22079122","22079123","638125324","638125325","638125326","638125327"]},{"key_piece":"0x60c15a33a818b37d","not_filters":{"14":["11807922"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","14955072","14955073","14955074","14955075","22079120","22079121","22079122","22079123","638125324","638125325","638125326","638125327"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"14955072":32,"14955073":32,"14955074":32,"14955075":3177,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"22079120":38,"22079121":38,"22079122":38,"22079123":3739,"638125324":32,"638125325":32,"638125326":32,"638125327":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"15809470363670362293","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9724245349126670097","filters":[{"14":["11807922"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9724245349126670097","filters":[{"14":["11807922"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9724245349126670097","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9724245349126670097","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8975227"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2

200

activityi;dc_pre=CO7y5Kee2YgDFZNKQQIdsDItng;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;psc...
9853337.fls.doubleclick.net/ Frame A8D8
Redirect Chain

https://9853337.fls.doubleclick.net/activityi;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;p...
https://9853337.fls.doubleclick.net/activityi;dc_pre=CO7y5Kee2YgDFZNKQQIdsDItng;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uaf...

0
0

43ms
36ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9853337.fls.doubleclick.net/activityi;dc_pre=CO7y5Kee2YgDFZNKQQIdsDItng;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9853337&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandforksherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Sep 2024 14:06:25 GMT
expires: Mon, 23 Sep 2024 14:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Sep 2024 14:06:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9853337.fls.doubleclick.net/activityi;dc_pre=CO7y5Kee2YgDFZNKQQIdsDItng;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CL7x5Kee2YgDFTxkQQIdQcUIYw;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purchased%20(quantity);u2=event%20name;u3=...
9853337.fls.doubleclick.net/ Frame 75EB
Redirect Chain

https://9853337.fls.doubleclick.net/activityi;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purchased%20(quantity);u2=event%20name;u...
https://9853337.fls.doubleclick.net/activityi;dc_pre=CL7x5Kee2YgDFTxkQQIdQcUIYw;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purcha...

0
0

72ms
65ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9853337.fls.doubleclick.net/activityi;dc_pre=CL7x5Kee2YgDFTxkQQIdQcUIYw;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purchased%20(quantity);u2=event%20name;u3=purchase%20date;u4=purchase%20time;u5=inventory%20type;ps=1;pcor=1990504168;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9853337&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandforksherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 428
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Sep 2024 14:06:25 GMT
expires: Mon, 23 Sep 2024 14:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Sep 2024 14:06:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9853337.fls.doubleclick.net/activityi;dc_pre=CL7x5Kee2YgDFTxkQQIdQcUIYw;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purchased%20(quantity);u2=event%20name;u3=purchase%20date;u4=purchase%20time;u5=inventory%20type;ps=1;pcor=1990504168;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET activity;register_conversion=1;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=...
ad.doubleclick.net/ 0
0

GET activity;register_conversion=1;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purchased%20(quantity);u2=event%20name;u3=purchase%20da...
ad.doubleclick.net/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 190ms
28ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N18WFR4G74&gtm=45je49j0v871606135z8852250614za200zb852250614&_p=1727100384401&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=401790398.1727100385&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727100385&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&dt=Prairie%20Business%20Magazine%20%7C%20Grand%20Forks%20Herald&en=page_view&_fv=1&_nsi=1&_ss=1&ep.FCC_ContentType=page&ep.FCC_PublishDate=&ep.FCC_SectionName=prairie-business&ep.FCC_ArticleSource=&up.FCC_UserStatus=unknown&tfd=1553
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N18WFR4G74&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.grandforksherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 201ms
28ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N18WFR4G74&cid=401790398.1727100385&gtm=45je49j0v871606135z8852250614za200zb852250614&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N18WFR4G74&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.grandforksherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 164ms
83ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N18WFR4G74&cid=401790398.1727100385&gtm=45je49j0v871606135z8852250614za200zb852250614&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1374034088

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 23 Sep 2024 14:06:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 550 B
262 B 183ms
176ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4332450170206081&correlator=3989972606988234&eid=31079957%2C31083343%2C31085773%2C31084270%2C31085775&output=ldjh&gdfp_req=1&vrg=202409170101&ptt=17&impl=fif&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Cprairie-business&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1550x90%7C1x1%7C2x1&ifi=2&didk=3285253088&sfv=1-0-40&eri=1&sc=1&lrm=100&abxe=1&dt=1727100385476&lmt=1727100385&adxs=25&adys=1196&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&vis=1&psz=1550x-1&msz=1550x-1&fws=516&ohw=1550&td=1&egid=44266&tan=a43dbe8c-2d69-426c-9aad-79db4d4daea6&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1727100384230&idt=829&ppid=5941ea5b534a8f61be8bb811ad85d6ec2482c1a7&prev_scp=position%3Dadhesion%26kw%3Dprairie-business%2Cgrandforksherald%26userStatus%3Danonymous&cust_params=amznbid%3D0%26amznp%3D0&adks=3137619856&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

58153bec9360147ce0fa0ce8e47e8254c802968339ab07a14bcc34dd6ba991b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.grandforksherald.com
content-length: 233
x-xss-protection: 0
server: cafe

GET
H2 200 cv_pixel.js Show response
adservices.brandcdn.com/pixel/ 2 KB
1 KB 544ms
171ms Script
text/javascript 52.8.140.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/forumcorporatemarketinggrandforks_vfhwtmvrntzwveu9/Forum_Corporate_Marketing_Grand_Forks.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.140.81 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-140-81.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
etag: "613-5f8ff265c97b6-gzip"
accept-ranges: bytes
content-length: 745
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/javascript
last-modified: Mon, 10 Apr 2023 18:00:27 GMT
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/ Frame CB2E
Redirect Chain

https://insight.adsrvr.org/tags/c8hchs6/56sogo3/iframe
https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe

0
0

79ms
10ms

Document
text/html

13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/forumcorporatemarketinggrandforks_vfhwtmvrntzwveu9/Forum_Corporate_Marketing_Grand_Forks.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.grandforksherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 43536
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Mon, 23 Sep 2024 02:00:50 GMT
ETag: "a76be8cd8b8b7f54da150f75fbad834e"
Last-Modified: Tue, 22 Nov 2022 01:02:45 GMT
Server: AmazonS3
Via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: unc_gyJSJWws_kOoQ5Q3ZYKxuNT2wcKNDM5LCHV_oIU3tUPkF6AljA==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Mon, 23 Sep 2024 14:06:25 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
148 B 99ms
82ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=c8hchs6&ct=0:4r6xti6&fmt=3
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-length: 70
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
148 B 99ms
83ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=c8hchs6&ct=0:56sogo3&fmt=3
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-length: 70
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: image/gif
server: Kestrel

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202407090940/ 284 KB
101 KB 52ms
51ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/cUnQ-tYNZ95Jh3EezVQMDpKuEDk/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "76074361c87e7c8d3af88302818b71f9"
age: 5580373
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 09 Jul 2024 14:20:21 GMT
vary: Accept-Encoding
x-amz-id-2: 9z1fo743YDscJSg2yapDtmDQXNS49uEuyVGsEooWWXCq89AMKM+PYVRrTMLxje9QKt+YnfuXs2A=
cache-control: public, max-age=31536000
x-amz-request-id: C1ANERD5PQ8BAS3Y
cf-ray: 8c7b1861af3c0859-FRA
accept-ranges: bytes
content-length: 103346
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 1614ff9caa7479f34dcec6d2243644f6.app.js Show response
stereotypedsugar.com/bundles/bb03d38706/ 369 KB
66 KB 228ms
59ms Script
text/javascript 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stereotypedsugar.com/bundles/bb03d38706/1614ff9caa7479f34dcec6d2243644f6.app.js

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

911c9f62ccbc132994b0af05aac0e049f5b9d026d5cfeed27ed78cee093b78f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"297e4baaee01a687974db9c85ced72bf8729b3628c2c031ae0c5e22789a16fb6"
x-buildname: hoothoot
x-hostname: fen-hoothoot-europe-west1-4lzd
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Language
strict-transport-security: max-age=15724800; preload
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8c7b1862afcbd391-FRA
x-buildnumber: 1433990761
server: cloudflare

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F7B2 259 KB
91 KB 46ms
44ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a1e3139be1dc2d0c0b6b99e9bc979f23bfdbdf878f01692db68860633502a40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Mon, 23 Sep 2024 14:06:25 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92943
date: Mon, 23 Sep 2024 14:06:25 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 WidgetTemplate2.min.css
cdn-p.cityspark.com/cdn/widget/ Frame F7B2 4 KB
2 KB 23ms
11ms Stylesheet
text/css 2a02:b48:9000::1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:b48:9000::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
content-encoding: gzip
etag: "1dae2a8415f5dc1"
expires: Mon, 23 Sep 2024 16:06:25 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/css
last-modified: Tue, 30 Jul 2024 17:45:24 GMT
server: Microsoft-IIS/10.0
x-cdn-host-id: ds6321,ds9225
x-powered-by: ASP.NET

GET
H2 200 jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js) Show response
cdn.jsdelivr.net/g/ Frame F7B2 115 KB
40 KB 232ms
42ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"1ca18-fw6ZPglKViimyicfOtWQPF7WA8s"
age: 1216237
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220119-FRA, cache-mad2200113-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40153

GET
H2 200 jquery.fireSlider.min.js Show response
cdn-p.cityspark.com/cdn/js/ Frame F7B2 13 KB
5 KB 42ms
31ms Script
text/javascript 2a02:b48:9000::1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-p.cityspark.com/cdn/js/jquery.fireSlider.min.js

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:b48:9000::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
content-encoding: gzip
etag: "1dae2a8415f66d3"
expires: Mon, 23 Sep 2024 16:06:25 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/javascript
last-modified: Tue, 30 Jul 2024 17:45:24 GMT
server: Microsoft-IIS/10.0
x-cdn-host-id: ds6321,ds9225
x-powered-by: ASP.NET

GET
H2 200 rad.js Show response
cdn-p.cityspark.com/cdn/js/ Frame F7B2 5 KB
2 KB 43ms
32ms Script
text/javascript 2a02:b48:9000::1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-p.cityspark.com/cdn/js/rad.js

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:b48:9000::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
content-encoding: gzip
etag: "1dae2a8415f416a"
expires: Mon, 23 Sep 2024 16:06:25 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/javascript
last-modified: Tue, 30 Jul 2024 17:45:24 GMT
server: Microsoft-IIS/10.0
x-cdn-host-id: ds6321,ds9225
x-powered-by: ASP.NET

GET
H2 200 p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame F7B2 35 B
456 B 168ms
34ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Mon, 23 Sep 2024 14:06:25 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type: image/gif

POST
H/1.1 200
OK pbjs Show response
x.yieldlift.com/ 1 KB
833 B 1250ms
1039ms Fetch
application/json 138.197.50.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://x.yieldlift.com/pbjs

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

138.197.50.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

df926dbe6ace6b4553533afe11216e3d2ef9077376c3e7970d3db3b1260e7337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.grandforksherald.com
Content-Length: 440
Date: Mon, 23 Sep 2024 14:06:26 GMT
Content-Type: application/json
Vary: Origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
306 B 72ms
57ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=248828
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93710c38c5ed98db78b6f0dc4c39a21c6e82447e0e9e4531289975d02b459135

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
cf-ray: 8c7b1861cb5037fd-FRA
expires: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpMmxzKJD0YasTrHwyjU0Fj7BWDZNBf%2FxbDvGtep6EwZQ9ZEgcG2pigu5y2mfzfzZt1WHW9dGblNhOkhLmyP04MeHgZta2hlalQbCZGl12CYygyagNtcpzHdf0SQKykKqTnlY5YI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.grandforksherald.com
content-length: 37
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
131 B 72ms
57ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 2c899e2872bf7a4732d2d24f6fc47373ac456edaf270dfaa41b3505770723ae4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
x-forwarded-for: 78.159.108.37
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://www.grandforksherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: text/plain
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 367 B
401 B 82ms
73ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44028&zone_id=190792&size_id=15&alt_size_ids=2%2C14%2C38%2C43%2C44%2C55%2C57%2C117&rf=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tk_flint=pbjs_lite_v9.11.0&x_source.tid=f642d706-ea00-4039-ab8b-bd61e024234b&l_pb_bid_id=373051d92bfb892&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5f48205d-5650-4cdc-9466-4c5c336d9f25&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.24428826883378063
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 555f9e9c09b7bb24ecb903f5f7d88b45ae500e7229ff002eb5456a967406a42d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.grandforksherald.com
content-length: 367
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 367 B
401 B 90ms
82ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44030&zone_id=190796&size_id=15&alt_size_ids=2%2C14%2C38%2C43%2C44%2C55%2C57%2C117&rf=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tk_flint=pbjs_lite_v9.11.0&x_source.tid=f642d706-ea00-4039-ab8b-bd61e024234b&l_pb_bid_id=38d0e03b9c25b24&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5f48205d-5650-4cdc-9466-4c5c336d9f25&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.0644899782086179
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d5f82c60091e1c02325937df9d2f2300789223aac1d64548785994d9bac042fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.grandforksherald.com
content-length: 367
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 72ms
59ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 89ms
76ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 77ms
65ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 102ms
91ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 69ms
57ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 76ms
65ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

GET
H3 200 css
fonts.googleapis.com/ Frame F7B2 13 KB
891 B 153ms
50ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500

Requested by

Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

ac7157f1a795feaa3ac646d2bcf81871185b631903eebcea3d5a3826e81ff7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn-p.cityspark.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 14:06:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 23 Sep 2024 14:06:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 css
fonts.googleapis.com/ Frame F7B2 7 KB
706 B 157ms
54ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Requested by

Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

4e6a06d2689dfb3ef55c8699b1842e7b1f31354d85396a4f8bc1f5c637fa0fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn-p.cityspark.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 14:06:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 23 Sep 2024 12:21:08 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 57ms
56ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 23 Sep 2024 14:06:24 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 167043
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
189 B 181ms
23ms Fetch
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156500
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.grandforksherald.com
content-length: 17
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain; charset=utf-8

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 56 B
307 B 136ms
26ms Fetch
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

0c51c36e56487370a7cd62c67ad69824f6d3f3ef4683297da47626a8f6415297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.grandforksherald.com
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 90ms
56ms Fetch
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=343492237148533&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=69602d8d30833539e177887d40b138b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

access-control-expose-headers: fb-s
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7417839672508069585"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain; charset=UTF-8
x-fb-debug: SufEADaNRHFFlfCgewbgVhSVE06P2+yevF9s21VE4rbjuvPimZJ8Lk08BpsdIFtXr7oN4VDioJeGH07cBs/Mqg==
strict-transport-security: max-age=15552000; preload
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7417839672508069585", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
cache-control: private, no-cache, no-store, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=14, mss=1297, tbw=3175, tp=-1, tpl=-1, uplat=24, ullat=0
pragma: no-cache
fb-s: unknown
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.grandforksherald.com
content-length: 0
origin-agent-cluster: ?0

POST
H2 200 980b5b9339c4305e9fcc3929f2942bc9f50e9b99bdfb4f2830d89d696b7acf9c Show response
capig.inforum.com/events/ 0
370 B 1071ms
267ms XHR
text/plain 34.217.66.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capig.inforum.com/events/980b5b9339c4305e9fcc3929f2942bc9f50e9b99bdfb4f2830d89d696b7acf9c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/2395609997225387?v=2.9.167&r=stable&domain=www.grandforksherald.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.217.66.45 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-217-66-45.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://www.grandforksherald.com
content-length: 0
date: Mon, 23 Sep 2024 14:06:26 GMT
vary: origin
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 43ms
17ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2395609997225387&ev=PageView&dl=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&rl=&if=false&ts=1727100385750&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727100385732.373034688281665034&eid=ob3_plugin-set_6c3aa1219e1291f86fcb29df554830ea0078897d219fb0cf5fcbf2fa2c7dcd65&cs_est=true&ler=empty&cdl=API_unavailable&it=1727100385333&coo=false&rqm=GET

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1297, tbw=2857, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
2 KB 192ms
168ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2395609997225387&ev=PageView&dl=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&rl=&if=false&ts=1727100385750&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727100385732.373034688281665034&eid=ob3_plugin-set_6c3aa1219e1291f86fcb29df554830ea0078897d219fb0cf5fcbf2fa2c7dcd65&cs_est=true&ler=empty&cdl=API_unavailable&it=1727100385333&coo=false&rqm=FGET

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7417839671567486984"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: L//FX6JUDwjgVJFWGIF5qY6jMlayLTX2iHCsX2+uuI262FSz5H6oYybSIpeFXgq2xJFZFy3lbQvxlvEcoG2+aw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7417839671567486984", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=14, mss=1297, tbw=4778, tp=-1, tpl=-1, uplat=148, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 902cc18c3d67bb6124155d5f00b63140 Show response
k664.grandforksherald.com/plugin/plugin/ 67 KB
18 KB 26ms
25ms Script
text/javascript 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k664.grandforksherald.com/plugin/plugin/902cc18c3d67bb6124155d5f00b63140

Requested by

Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-67.fra56.r.cloudfront.net

Software

- /

Resource Hash

496dd0b3854a45479d963efa5b5bd642efcf1ea53b04609106a524fe016ec27e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
etag: 902cc18c3d67bb6124155d5f00b63140
age: 456473
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 07:18:32 GMT
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: 4wER7YLzliliRQFUf-AshRxfs2Gb1_2sQOGQ57xgEhVqO5qbABecVw==
date: Wed, 18 Sep 2024 07:18:32 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 17 Sep 2024 07:18:32 GMT
cache-control: public, no-cache="Set-Cookie", max-age=31536000
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
content-length: 18186
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: -

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame F7B2 18 KB
18 KB 16ms
15ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 526520
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 11:51:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 11:51:05 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame F7B2 50 KB
50 KB 18ms
17ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://fonts.googleapis.com/

Response headers

age: 169467
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 15:01:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 15:01:58 GMT
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51404
x-xss-protection: 0
server: sffe

GET
H2 200 icomoon.woff
cdn-p.cityspark.com/cdn/widget/fonts/ Frame F7B2 2 KB
2 KB 40ms
15ms Font
application/font-woff 2a02:b48:9000::1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-p.cityspark.com/cdn/widget/fonts/icomoon.woff?-35bf

Requested by

Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:b48:9000::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
etag: "1dae2a8415f55dc"
expires: Mon, 23 Sep 2024 16:06:25 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-length: 2012
date: Mon, 23 Sep 2024 14:06:25 GMT
accept-ranges: bytes
content-type: application/font-woff
last-modified: Tue, 30 Jul 2024 17:45:24 GMT
server: Microsoft-IIS/10.0
x-cdn-host-id: ds6321,ds9225
x-powered-by: ASP.NET

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 50ms
46ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 41ms
40ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 57ms
52ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 80ms
75ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 56ms
52ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 55ms
51ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H/1.1 200
OK pbjs Show response
x.yieldlift.com/ 1 KB
832 B 614ms
250ms Fetch
application/json 138.197.50.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://x.yieldlift.com/pbjs

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

138.197.50.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

a5980b1e808ec9b959695c8d13c2c0eb1664d7de9586229b082ae34e27285e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.grandforksherald.com
Content-Length: 439
Date: Mon, 23 Sep 2024 14:06:26 GMT
Content-Type: application/json
Vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 351 B
385 B 79ms
78ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44028&zone_id=190792&size_id=15&alt_size_ids=2%2C14&rf=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tk_flint=pbjs_lite_v9.11.0&x_source.tid=99564148-6605-435a-ac7d-9191114ff01c&l_pb_bid_id=58eedc814a60ac3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5c6191ae-efd2-4f48-9f07-a806b0d04393&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.03337939796113121
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 677eda63e88165811a97a46c115ab43158be93f15d36a5c2b85e22d8549f8ebd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.grandforksherald.com
content-length: 351
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 351 B
408 B 78ms
77ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44030&zone_id=190796&size_id=15&alt_size_ids=2%2C14&rf=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tk_flint=pbjs_lite_v9.11.0&x_source.tid=99564148-6605-435a-ac7d-9191114ff01c&l_pb_bid_id=59e3637c3cf852b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5c6191ae-efd2-4f48-9f07-a806b0d04393&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.5370635706630671
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5fddad08635f7c9f9bf7c6a651d35d49ba5d5e1712bd437c1a479454d436461f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.grandforksherald.com
content-length: 351
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

POST
H3 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
96 B 55ms
54ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: d22111b3e278969ae661fef84f4ee6405822765b590515e4cb5207eea8dbbc42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
x-forwarded-for: 78.159.108.37
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://www.grandforksherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain
vary: Origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
340 B 51ms
49ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=248828
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb1f4254702b0fe460795be965642d58177065e1bb4506461b63bc4377e56923

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
cf-ray: 8c7b18646ece37fd-FRA
expires: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqBexZR1efcbpPXjP%2FG%2BnmC9NQ%2FN86L2BzWAOA960bK14hH92u68e%2FGupnt4fNtf855UvQTWJxp5%2FAfrZrcqwdtViF%2F5%2B8NLu0GxUQlg%2F5ZIlG4Z7ghT5J8xWx042sTED6j8FuKp"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.grandforksherald.com
content-length: 37
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
306 B 122ms
121ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=248830
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cafdadf03dd3defa282c7308e62f47d86f702c6c8be58be9e1125122749fbeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
cf-ray: 8c7b1866192637fd-FRA
expires: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9umzLv2ZGo1PLn5nWLFVOH5Tet1da5I5tKIyZfv8KcE3zqPNUjHwq0sl2fRnA3ZBANI16ixxLigaJty6KClBbyd0Atw9baVgJ%2FeN2E1nmQVLdfXU6oYJUbErwGt07Vcl64y0sgs%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.grandforksherald.com
content-length: 37
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 366 B
400 B 127ms
127ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44028&zone_id=190792&size_id=15&alt_size_ids=9%2C8%2C10%2C14%2C43%2C44%2C117&rf=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tk_flint=pbjs_lite_v9.11.0&x_source.tid=e2b7c305-470d-415b-ab0c-2ef90a8e9133&l_pb_bid_id=7791c33601c06f9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1717077c-14ef-4c95-bb73-96cfdfcba100&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.9958959484880492
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: eb98515421056544ddf50a6c430b1d35f3588cb7d2f72ce1f9f5e7256e65cfab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.grandforksherald.com
content-length: 366
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 366 B
400 B 125ms
124ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44030&zone_id=190796&size_id=15&alt_size_ids=9%2C8%2C10%2C14%2C43%2C44%2C117&rf=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&tk_flint=pbjs_lite_v9.11.0&x_source.tid=e2b7c305-470d-415b-ab0c-2ef90a8e9133&l_pb_bid_id=781a3f850dc3fe9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1717077c-14ef-4c95-bb73-96cfdfcba100&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.476411009326257
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ae5255adaf3589fad8dcc886e2d0d9477df2ea38d63b6fd759e515acb480e612

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.grandforksherald.com
content-length: 366
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

POST
H/1.1 200
OK pbjs Show response
x.yieldlift.com/ 1 KB
829 B 590ms
247ms Fetch
application/json 138.197.50.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://x.yieldlift.com/pbjs

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

138.197.50.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

10078c6214313adb9b0f9c0ed23756bc8802fb0c44e7c8d3c12b4fa8b7fb95e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.grandforksherald.com
Content-Length: 436
Date: Mon, 23 Sep 2024 14:06:26 GMT
Content-Type: application/json
Vary: Origin

POST
H3 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
96 B 119ms
118ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: b0c7460cb038c345d7e6d8e5736520da6619efa29a31425c2e72aaeae3586b49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
x-forwarded-for: 78.159.108.37
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://www.grandforksherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Mon, 23 Sep 2024 14:06:25 GMT
content-type: text/plain
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 117ms
116ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 120ms
118ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 122ms
121ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 234ms
231ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 234ms
232ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 234ms
233ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
130 B 234ms
232ms Fetch 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid9.11.0.cb89547c7ca8d7050fb64e14492d9317.gz.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.grandforksherald.com
access-control-allow-credentials: true

GET
H2 200 ingest
i.viafoura.co/v3/www.grandforksherald.com/ 67 B
199 B 166ms
155ms Image
image/png 3.215.242.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.grandforksherald.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.grandforksherald.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-2ee7125f71b1%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1727100385%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%220156e0d8-9263-480e-9ad1-c48bb8a4a55b%22%2C%22firstVisit%22%3A1727100385%2C%22previousVisit%22%3A1727100385%2C%22currentVisit%22%3A1727100385%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1727100385%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.grandforksherald.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-2ee7125f71b1%22%2C%22section%22%3A%2200000000-0000-4000-8000-2ee7125f71b1%22%2C%22pageImage%22%3A%22https%3A%2F%2Fcdn.forumcomm.com%2Fdims4%2Fdefault%2F203f5d7%2F2147483647%2Fstrip%2Ftrue%2Fcrop%2F620x620%2B0%2B0%2Fresize%2F1066x1066!%2Fquality%2F90%2F%3Furl%3Dhttps%253A%252F%252Fforum-communications-production-web.s3.us-west-2.amazonaws.com%252Fbrightspot%252Fa5%252Fb0%252F994d7fb24d2fb21f2612a6c929fd%252Fgrandforksherald-logo-squared.png%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business%22%2C%22path%22%3A%22%2Fprairie-business%22%2C%22title%22%3A%22Prairie%20Business%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22section%22%2C%22page_description%22%3A%22Prairie%20Business%20magazine%20covers%20business%20news%20in%20North%20Dakota%2C%20South%20Dakota%20and%20western%20Minnesota.%20News%20on%20a%20variety%20of%20business%20industries%20including%3A%20higher%20education%2C%20finance%2C%20architecture%20and%20engineering%2C%20agribusiness%2C%20energy%2C%20health%20care%2C%20economic%20development%2C%20tourism%20and%20construction%22%2C%22topics%22%3A%5B%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22de-DE%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Prairie%20Business%20Magazine%20%7C%20Grand%20Forks%20Herald%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22b21a2404-c94d-447d-8315-832cdbc48d43%22%2C%22w%22%3A%5B%22vf-conversations-count%22%2C%22vf-tray-trigger%22%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.242.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-242-153.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 67
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: image/png

GET
H3 200 inter-latin.woff2
cdn.viafoura.net/front/assets/fonts/inter/ 46 KB
46 KB 180ms
87ms Font
font/woff2 18.66.102.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/front/assets/fonts/inter/inter-latin.woff2
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://www.grandforksherald.com/

Response headers

access-control-max-age: 3000
etag: "30a274cd01b6eeb0b082c918b0697f1e"
age: 508539
x-amz-version-id: p72R6pWMfDhNntSQ_lecj2WghTKJf.Gi
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: _H40tkD_K6xkj2xre4x1vOcrn72lyt5YdNNrDeuSXAorv48LGaIyxA==
date: Tue, 17 Sep 2024 16:50:48 GMT
content-type: font/woff2
last-modified: Mon, 09 Sep 2024 15:30:28 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46704
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 429.json Show response
id5-sync.com/g/v2/ 251 B
455 B 87ms
85ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/429.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

2433e358c3e515f00d53497b23fee8a8c00a01b769bcd7c7eea0c64228510ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.grandforksherald.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.grandforksherald.com
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 302ms
105ms Image
image/gif 2600:9000:274d:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adspot_id=eprpqj_728x90_
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:274d:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age: 247923
x-cache: Hit from cloudfront
x-amz-cf-id: -jVlaw0CSI7ARqnG1pgm9C0NhyYh03Tff5sSKuct0mM3sKqgf7345w==
date: Fri, 20 Sep 2024 17:14:24 GMT
content-type: image/gif
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 3a6918f8303b76a25e42cc711a39992a.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 43
x-amz-cf-pop: BRU50-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 b2d172841cc3450cc291fb60906eb891 Show response
k664.grandforksherald.com/plugin/library/ 186 KB
58 KB 62ms
61ms Script
text/javascript 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k664.grandforksherald.com/plugin/library/b2d172841cc3450cc291fb60906eb891

Requested by

Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-67.fra56.r.cloudfront.net

Software

- /

Resource Hash

3408a6fabc3d7fe17f2d00dfd256075f7568be4e615e48e9cd68eac2219935b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
etag: b2d172841cc3450cc291fb60906eb891
age: 2864820
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 21 Aug 2025 10:19:26 GMT
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: dkq7c4_R_Iv1tVtE7pV6U8mfnssGnTkbfYihe4_oILfpKI8VXDUCTA==
date: Wed, 21 Aug 2024 10:19:26 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 20 Aug 2024 10:19:26 GMT
cache-control: public, no-cache="Set-Cookie", max-age=31536000
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
content-length: 59067
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: -

POST
H2 200 LB-Zone-1 Show response
k664.grandforksherald.com/DG/DEFAULT/rest/rpc/450/ 2 KB
2 KB 369ms
367ms XHR
application/json 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k664.grandforksherald.com/DG/DEFAULT/rest/rpc/450/LB-Zone-1?referer=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&bcsessionid=&bctempid=9e95df43-8172-401a-86b6-32c4257833c8&overruleReferrer=&time=2024-09-23T16%3A06%3A26%2B02%3A00&ts=1727100386346

Requested by

Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-67.fra56.r.cloudfront.net

Software

- /

Resource Hash

5b401a79505922adc2fdd9960b755c622382c218201b8c1c8bf8d621721c0233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: SAjeoH4aRDLpXvBquhChMSSzUaRJw6S9DVaeq02Ls6DUErBKIWqE_A==
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
accept-ch: sec-ch-ua-platform-version
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.grandforksherald.com
content-length: 785
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: -

POST
H2 204 collect
region1.analytics.google.com/g/ Frame F7B2 0
0 109ms
96ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je49j0v9122458175za200&_p=1727100385523&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=2114604498.1727100386&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_s=1&dp=%2Fwidget%2FGrandForksHerald%2F9940%2FGrand%20Forks%20Herald%2F2a5906a6125a%2F&sid=1727100386&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&dr=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&dt=Grand%20Forks%20Herald&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page_hostname=p.cityspark.com&tfd=855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.grandforksherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame F7B2 0
54 B 107ms
97ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-39CWM68PTE&cid=2114604498.1727100386&gtm=45je49j0v9122458175za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=1&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.grandforksherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ Frame F7B2 42 B
63 B 141ms
140ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-39CWM68PTE&cid=2114604498.1727100386&gtm=45je49j0v9122458175za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=1&tag_exp=0&tag_exp=0&z=1096518119

Requested by

Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 23 Sep 2024 14:06:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
81 KB 118ms
118ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7XVL79&l=MG2DL

Requested by

Host: cdn.dmepyodjotcuks.com
URL: https://cdn.dmepyodjotcuks.com/prod/forum/g2i.min.js?2024823

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dd8eea9dc76083b701fa07a25f6e592b5141fc01f6ba4eac2e425cc8a61088e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
expires: Mon, 23 Sep 2024 14:06:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 83007
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
0 0ms
0ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: cdn.vmzqqmlpwwmazjnio.com
URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/forum/t8y9347t.min.js?2024823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-md5: HdY95yzx9wIyQkVEGES+Ew==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8D8E461DA1A5889
age: 112
x-ms-version: 2009-09-19
expires: Mon, 23 Sep 2024 14:36:24 GMT
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:24 GMT
content-type: application/x-javascript
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=1800
x-ms-meta-lastmodified: 2020-10-01 19:31:04
x-ms-request-id: 8af52764-201e-00d7-44c1-0d7c74000000
access-control-allow-origin: *
content-length: 22495
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4CD6)

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
3 KB 475ms
115ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cdn.vmzqqmlpwwmazjnio.com
URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/forum/t8y9347t.min.js?2024823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-md5: nynBpfvYghYqzIzsvfssRw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DA5083F65AD9E0
age: 293752
x-ms-version: 2009-09-19
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: text/javascript
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
vary: Accept-Encoding
x-ms-request-id: 388d8766-601e-0045-0315-0b225d000000
access-control-allow-origin: *
content-length: 2382
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4CBD)

GET
H2 200 GFH__LAUNCH1.json Show response
cdn.vmzqqmlpwwmazjnio.com/prod/data/forum/ 2 MB
57 KB 465ms
464ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/data/forum/GFH__LAUNCH1.json?_=1727100386444
Requested by: Host: cdn.vmzqqmlpwwmazjnio.com
URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/forum/t8y9347t.min.js?2024823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7d13702914900e2cdb4dcc059784094b34c3691bc092906c174206f61c5bfa49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-ms-blob-committed-block-count: 1
cache-control: no-cache
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DCD0F8B2945A64
x-ms-version: 2009-09-19
x-ms-request-id: 79d4f5b1-b01e-00b2-6ec1-0d08cf000000
access-control-allow-origin: *
content-length: 57499
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json
last-modified: Mon, 09 Sep 2024 17:56:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: AppendBlob

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 721ms
147ms Image
image/jpeg 52.216.50.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.216.50.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-amz-meta-s3b-last-modified: 20191015T134358Z
ETag: "ef2cc7f55b7ab677b023e36033e26471"
x-amz-request-id: C1RFMPNVBRXA5JPS
Accept-Ranges: bytes
Content-Length: 631
Date: Mon, 23 Sep 2024 14:06:28 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: XmzfTaN/aaUQL5d+XAacnvdZlfmQPR9auQZFE3PdJrcM2eX6eMizwR5DOkBrA1dC/m/CirK6S0A=

POST
H2 200 71fdee2a112a3e58e064c14b36f63393df660cbd14788f2 Show response
stereotypedsugar.com/post/f3815b8f0d20e/ 303 B
755 B 381ms
126ms Fetch
application/json 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stereotypedsugar.com/post/f3815b8f0d20e/71fdee2a112a3e58e064c14b36f63393df660cbd14788f2

Requested by

Host: stereotypedsugar.com
URL: https://stereotypedsugar.com/bundles/bb03d38706/1614ff9caa7479f34dcec6d2243644f6.app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff02dae0347771b38ab32e368941024ac8d5e4e8fa3a9eeae96c4c003f2fd75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-4lzd
expires: Mon, 23 Sep 2024 14:06:25 GMT
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8c7b186a390dd290-FRA
access-control-allow-origin: https://www.grandforksherald.com
x-buildnumber: 1433990761
server: cloudflare

GET
H2 200 compromise.js Show response
k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/lib/ 243 KB
82 KB 114ms
112ms Script
text/javascript 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/lib/compromise.js
Requested by: Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-67.fra56.r.cloudfront.net
Software: - /
Resource Hash: f9dbd8e60971f7a0660028aadde537b3b6d9f4abb8e9eab8dec59b841d60fbfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
etag: "3cd94-61a84ecca5ff8-gzip"
age: 484913
expires: Thu, 17 Oct 2024 23:24:33 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: KPStqHQW7SCw2iDPPb3wF20Qs8jVqIG7Si9Cc2ZSjh1bwo6vPFYeWg==
date: Tue, 17 Sep 2024 23:24:33 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 10 Jun 2024 08:27:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P12
server: -

GET
H2 200 stopwords.js Show response
k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/js/ 7 KB
3 KB 120ms
118ms Script
text/javascript 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/js/stopwords.js
Requested by: Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-67.fra56.r.cloudfront.net
Software: - /
Resource Hash: f8158f2dfb4c7e7376c37298b1194bd0c44d31486a9ad9910218d3e9e79fe22a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
etag: "1a72-61a84ecc87f80-gzip"
age: 122583
expires: Tue, 22 Oct 2024 04:03:23 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: zS9iPLSdmwrBriYqzaeCTyE7qsNL8nOqnua8u2d8ZsuGmqi5la_Azw==
date: Sun, 22 Sep 2024 04:03:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 10 Jun 2024 08:27:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2295
x-amz-cf-pop: FRA56-P12
server: -

GET
H2 200 reservedterms.js Show response
k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/js/ 243 B
595 B 121ms
119ms Script
text/javascript 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/js/reservedterms.js
Requested by: Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-67.fra56.r.cloudfront.net
Software: - /
Resource Hash: a4c37d5259154f3b0c5e31d4891b8e12c9cf4f462d4e9a03d8dde81203485f92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
etag: "f3-61a84ecc7e728-gzip"
age: 400509
expires: Fri, 18 Oct 2024 22:51:17 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: hlGcYeVpo8B74LtzMfeGHzt1FdTMs9qzXZ9nZiu4e6tr8HEqkwq7-w==
date: Wed, 18 Sep 2024 22:51:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 10 Jun 2024 08:27:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 155
x-amz-cf-pop: FRA56-P12
server: -

GET
H2 200 textrank.js Show response
k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/js/ 1 KB
1 KB 121ms
119ms Script
text/javascript 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/js/textrank.js
Requested by: Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-67.fra56.r.cloudfront.net
Software: - /
Resource Hash: 7d2e4384bf9dec3221e693225c190951dcffb4388fb378b23c6b85f99f66c0e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
etag: "5b7-61a84ecc8b630-gzip"
age: 666876
expires: Tue, 15 Oct 2024 20:51:50 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: XzfIAcHpIH4bQ1hLX5FEbD3RJHmRTFomG03W3WxpOYH258AV9mUlsw==
date: Sun, 15 Sep 2024 20:51:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 10 Jun 2024 08:27:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 681
x-amz-cf-pop: FRA56-P12
server: -

GET
H2 200 stemmer.js Show response
k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/js/ 2 KB
1 KB 121ms
120ms Script
text/javascript 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k664.grandforksherald.com/gallery/listener_interest_ranker/1.5.8/frontend/src/js/stemmer.js
Requested by: Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-67.fra56.r.cloudfront.net
Software: - /
Resource Hash: 991d8f6a815a4d6fc7d7a9a81a8fe9596651147ca561ee9a2e05a9e8e014fd4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
etag: "877-61a84ecc819f0-gzip"
age: 309913
expires: Sun, 20 Oct 2024 00:01:13 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: QUSQGLKB9z1efIPB4O-AC-Bg7NC1hPBSyeFZwzGatF95I1b0bT_rzw==
date: Fri, 20 Sep 2024 00:01:13 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 10 Jun 2024 08:27:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 816
x-amz-cf-pop: FRA56-P12
server: -

POST
H2 200 450 Show response
k664.grandforksherald.com/DG/DEFAULT/rest/rpc/ 1 KB
1 KB 354ms
351ms XHR
application/json 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k664.grandforksherald.com/DG/DEFAULT/rest/rpc/450?referer=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&bcsessionid=9e95df43-8172-401a-86b6-32c4257833c8&bctempid=&overruleReferrer=&time=2024-09-23T16%3A06%3A26%2B02%3A00&ts=1727100386766

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-67.fra56.r.cloudfront.net

Software

- /

Resource Hash

ad0a2d221208420be1d702c0dae8ba8178b46bffa9382c0eaed9a77325f6af60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: I7HruDFXU5sVpmLVXhM63qgteBOKlrn0a2zRe-qOxdqOke3_bPIUQw==
date: Mon, 23 Sep 2024 14:06:27 GMT
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
accept-ch: sec-ch-ua-platform-version
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.grandforksherald.com
content-length: 247
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: -

POST
H2 200 450 Show response
k664.grandforksherald.com/DG/DEFAULT/rest/rpc/ 194 B
1 KB 332ms
330ms XHR
application/json 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-67.fra56.r.cloudfront.net

Software

- /

Resource Hash

9b358b1e143853a030a4b880a40e833974e420c2161ab919869c7960296883be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: U_0J9R01qOJsGHQQjqi_diQpv2nxWxzKAafmdBRwaqfhGv16tQNQeQ==
date: Mon, 23 Sep 2024 14:06:27 GMT
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
accept-ch: sec-ch-ua-platform-version
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.grandforksherald.com
content-length: 173
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: -

POST
H2 200 450 Show response
k664.grandforksherald.com/DG/DEFAULT/rest/rpc/ 419 B
1 KB 358ms
356ms XHR
application/json 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-67.fra56.r.cloudfront.net

Software

- /

Resource Hash

3cbe0aefda9372004c6cd35737507631dce228b2bd87c5581a58b627e0da69a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: xFbFe1zYPMiU0hFfSLjKYwlJZJy3uR_nDv3Li4GNbhHaaHX5LsuhRA==
date: Mon, 23 Sep 2024 14:06:27 GMT
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
accept-ch: sec-ch-ua-platform-version
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.grandforksherald.com
content-length: 229
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: -

GET
H2 200 cs Show response
forumcommunications.blueconic.net/DG/DEFAULT/ 66 B
856 B 213ms
213ms Script
text/javascript 3.212.31.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://forumcommunications.blueconic.net/DG/DEFAULT/cs?bcsessionid=9e95df43-8172-401a-86b6-32c4257833c8&&callback=bc_json452

Requested by

Host: k664.grandforksherald.com
URL: https://k664.grandforksherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.212.31.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-31-204.compute-1.amazonaws.com

Software

- /

Resource Hash

0e33e8bd0bb96a926281e6712e0a99b5639f451440a374ea105f799593cb85e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-encoding: gzip
pragma: no-cache
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 86
p3p: policyref="", CP="DSP"
date: Mon, 23 Sep 2024 14:06:26 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8
server: -

POST
H2 200 450 Show response
k664.grandforksherald.com/DG/DEFAULT/rest/rpc/ 419 B
1 KB 349ms
349ms XHR
application/json 18.173.205.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-67.fra56.r.cloudfront.net

Software

- /

Resource Hash

9b763f1f1e4810d0119cf51a0ef1f2ad28ab77967e8c5d59247e53c3987b51d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.grandforksherald.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: 4HzsLCrpj_fyzmmEBB2Wi17KSokR1KDHSLXUw-LdEL7ynR3svWwigA==
date: Mon, 23 Sep 2024 14:06:27 GMT
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
accept-ch: sec-ch-ua-platform-version
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.grandforksherald.com
content-length: 229
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: -

GET
H2 200 launch-7d75747d0373.min.js Show response
assets.adobedtm.com/ddcf247e4bf5/82484060cd13/ 206 KB
65 KB 88ms
11ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ddcf247e4bf5/82484060cd13/launch-7d75747d0373.min.js
Requested by: Host: widgets-lts.media.weather.com
URL: https://widgets-lts.media.weather.com/wxwidget.loader.js?cid=315354512
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 88ef2c29409ce5218170e5e45ea0725bc97575e40b73c8399127fe78c2452357

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "4fa22c87e240730379599f4b173fe945:1716324070.889419"
expires: Mon, 23 Sep 2024 15:06:27 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.grandforksherald.com
content-length: 66416
date: Mon, 23 Sep 2024 14:06:27 GMT
content-type: application/x-javascript
last-modified: Tue, 21 May 2024 20:41:10 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 41ms
40ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202409170101&st=env

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ff0f4a50efa32beda6cf38ad3d2f6b6c8ee206aed71a6f92247030f48162c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12953
date: Mon, 23 Sep 2024 14:06:27 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 cv
adservices.brandcdn.com/pixel/ Frame 23C5 0
0 496ms
164ms Document
text/html 52.8.140.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv?aid=333755&cv_ck=eae32df2-4435-4823-b544-af4698d2a0d5&m=www.grandforksherald.com&r=
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.140.81 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-140-81.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.grandforksherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1137
content-location: cv.html
content-type: text/html
date: Mon, 23 Sep 2024 14:06:28 GMT
etag: "1002-5f8ff265c97b6;5f8ff265c97b6
last-modified: Mon, 10 Apr 2023 18:00:27 GMT
server: Apache/2.4.52 (Ubuntu)
tcn: choice
vary: negotiate,Accept-Encoding

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 22ms
20ms Script
application/x-javascript 2600:9000:2646:1200:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/prairie-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:1200:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: W/"665fad8c-9895"
age: 52453
cross-origin-resource-policy: cross-origin
via: 1.1 69a82a9746d3a7343dca651e0829f000.cloudfront.net (CloudFront)
expires: Mon, 23 Sep 2024 23:32:14 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: Umi8Dg5B8iScTnjH9WGSqq9gyqymOoHA211c8LlK99Cc5K2W0rRG7A==
date: Sun, 22 Sep 2024 23:32:14 GMT
content-type: application/x-javascript
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
vary: Accept-Encoding

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 224ms
68ms Preflight 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.grandforksherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Mon, 23 Sep 2024 14:06:27 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 381 B
485 B 23ms
14ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

363ccc134ff12ac0b583e9b135a214a9b504fff1a8e31042fb13bc07e3e91468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandforksherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Mon, 23 Sep 2024 14:06:27 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 89ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: gzip
etag: "1637097310169751"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 14:06:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 14:06:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6386
x-xss-protection: 0
server: sffe

POST
H2 200 71fdee2a112a3e58e064c14b36f63393df660cbd14788f2 Show response
stereotypedsugar.com/f2815b8f0d20e/ 403 B
367 B 224ms
223ms Fetch
application/json 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stereotypedsugar.com/f2815b8f0d20e/71fdee2a112a3e58e064c14b36f63393df660cbd14788f2

Requested by

Host: stereotypedsugar.com
URL: https://stereotypedsugar.com/bundles/bb03d38706/1614ff9caa7479f34dcec6d2243644f6.app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba326f2cc977931b20b162a0889aface84f025c5584e946843d1ed02b7af990d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-4lzd
expires: Mon, 23 Sep 2024 14:06:26 GMT
date: Mon, 23 Sep 2024 14:06:27 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8c7b186f9af3d290-FRA
access-control-allow-origin: https://www.grandforksherald.com
x-buildnumber: 1433990761
server: cloudflare

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 370ms
118ms Image
image/gif 34.196.228.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=grandforksherald.com&p=%2Fprairie-business&u=DJXp-vCpkCXIBa0wk3&d=grandforksherald.com&g=63431&g0=Prairie%20Business&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4826&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&b=3712&t=Cp_fPvBMj_61DX3uGCu8sltDR5Tm_&V=147&i=Prairie%20Business%20Magazine%20%7C%20Grand%20Forks%20Herald&tz=-120&_acct=anon&sn=1&sv=C-PaB7DbAV1jCZiCYhC44l7CCLx0em&sr=external&sd=1&im=067b0fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.228.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-228-185.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Mon, 23 Sep 2024 14:06:28 GMT
pragma: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin

POST
H2 200 acquire Show response
adobedc.demdex.net/ee/v1/identity/ 731 B
927 B 163ms
47ms Fetch
application/json 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/identity/acquire?configId=656100c2-2477-4105-bbeb-16724c3fefe1&requestId=f88b33f1-06a6-433a-9387-d5ce8acab23e

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ddcf247e4bf5/82484060cd13/launch-7d75747d0373.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

34fffa903af2b63517550f45da8e86bb19a87bc0a22c6b0f6ff1d7c8e4f2d3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://www.grandforksherald.com/prairie-business

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: f88b33f1-06a6-433a-9387-d5ce8acab23e
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-encoding: gzip
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.grandforksherald.com
date: Mon, 23 Sep 2024 14:06:27 GMT
x-xss-protection: 1; mode=block
x-konductor: N/A
vary: Origin
server: jag
content-type: application/json;charset=utf-8

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB1E 0
0 111ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandforksherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 32551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Sep 2024 05:03:56 GMT
expires: Tue, 23 Sep 2025 05:03:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ConsentManager Show response
stereotypedsugar.com/chunks/f0815b8f0d20e/71fdee2a112a3e58e064c1ab32a63233df5f2/ 347 KB
100 KB 71ms
70ms Script
text/javascript 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stereotypedsugar.com/chunks/f0815b8f0d20e/71fdee2a112a3e58e064c1ab32a63233df5f2/ConsentManager

Requested by

Host: stereotypedsugar.com
URL: https://stereotypedsugar.com/bundles/bb03d38706/1614ff9caa7479f34dcec6d2243644f6.app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ada62e836d8b0d8b955a599aa7573ee0eebfdd79b0d47cc9732c9f9b4dca868

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.grandforksherald.com
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6b49cbd5628727c5fdd3fbc7e663497ff0a2eaf429a5c77099e7f230a184412b"
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-4lzd
date: Mon, 23 Sep 2024 14:06:28 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8c7b18710f48d290-FRA
access-control-allow-origin: https://www.grandforksherald.com
x-buildnumber: 1433990761
server: cloudflare

POST
H2 200 interact Show response
edge.adobedc.net/ee/irl1/v1/ 522 B
717 B 202ms
127ms Fetch
application/json 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/irl1/v1/interact?configId=656100c2-2477-4105-bbeb-16724c3fefe1&requestId=a1f665b6-874d-4141-ac11-e2996f21cb56

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ddcf247e4bf5/82484060cd13/launch-7d75747d0373.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

4d65b53119f14b68d0bf606a7fe8c268653beea4a468ac1992f863c399f5b9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://www.grandforksherald.com/prairie-business

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: a1f665b6-874d-4141-ac11-e2996f21cb56
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-encoding: gzip
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.grandforksherald.com
date: Mon, 23 Sep 2024 14:06:27 GMT
x-xss-protection: 1; mode=block
x-konductor: N/A
vary: Origin
server: jag
content-type: application/json;charset=utf-8

GET
H2 200 acv.json Show response
stereotypedsugar.com/ 81 KB
17 KB 45ms
45ms Fetch
application/json 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stereotypedsugar.com/acv.json

Requested by

Host: stereotypedsugar.com
URL: https://stereotypedsugar.com/bundles/bb03d38706/1614ff9caa7479f34dcec6d2243644f6.app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 3250
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-spot-tpfq
expires: Mon, 23 Sep 2024 14:12:18 GMT
date: Mon, 23 Sep 2024 14:06:28 GMT
content-type: application/json
last-modified: Tue, 17 Sep 2024 17:19:53 GMT
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: public, max-age=3600
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8c7b1871ca3fd290-FRA
access-control-allow-origin: https://www.grandforksherald.com
x-buildnumber: 1433990761
server: cloudflare

GET
H2 200 71fdee2a112a3e58e064c1eb33976696cf97fd894548a915aecd864f2.v2.js Show response
stereotypedsugar.com/chunks/f0815b8f0d20e/ 674 KB
87 KB 62ms
62ms Fetch
application/json 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stereotypedsugar.com/chunks/f0815b8f0d20e/71fdee2a112a3e58e064c1eb33976696cf97fd894548a915aecd864f2.v2.js

Requested by

Host: stereotypedsugar.com
URL: https://stereotypedsugar.com/bundles/bb03d38706/1614ff9caa7479f34dcec6d2243644f6.app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd54d74cbf62a7358e8ad6d7cfc287a5165080352258b188f5597db1d2753fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"bfe731ca2e024428cfe320a8bfa52baa9130be02e4dd1bb6c516d73b8b2b9ced"
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-4lzd
date: Mon, 23 Sep 2024 14:06:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8c7b1871ca41d290-FRA
access-control-allow-origin: https://www.grandforksherald.com
x-buildnumber: 1433990761
server: cloudflare

GET
H2 200 favicon-16x16.png
www.grandforksherald.com/ 548 B
985 B 487ms
485ms Other
image/png 13.32.27.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandforksherald.com/favicon-16x16.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-124.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f25ea58b0b9817f46d3f45925fbb2803fe30b253ec62cdb6ecd84c465b6f67a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/prairie-business

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-envoy-upstream-service-time: 44
x-envoy-decorator-operation: brightspot-frontend-verify.web.svc.cluster.local:80/*
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 571
x-amz-cf-id: vnfHC0VmL7aMrAaQHmz0DcG4Yses2dftKHSlFNXu6rcWbDrB988jzA==
date: Mon, 23 Sep 2024 14:06:28 GMT
content-type: image/png;charset=UTF-8
vary: Accept-Encoding
server: istio-envoy
x-amz-cf-pop: FRA56-C2

POST
H2 200 71fdee2a112a3e58e064c14b36f63393df660cbd14788f2 Show response
stereotypedsugar.com/post/f3815b8f0d20e/ 290 B
308 B 70ms
69ms Fetch
application/json 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stereotypedsugar.com/post/f3815b8f0d20e/71fdee2a112a3e58e064c14b36f63393df660cbd14788f2

Requested by

Host: stereotypedsugar.com
URL: https://stereotypedsugar.com/bundles/bb03d38706/1614ff9caa7479f34dcec6d2243644f6.app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3ef7eff37faad3f064b2fcd89f1aa9fedc6a17a63877728045726015b9ce215

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.grandforksherald.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-4lzd
expires: Mon, 23 Sep 2024 14:06:27 GMT
date: Mon, 23 Sep 2024 14:06:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8c7b1873fa56d290-FRA
access-control-allow-origin: https://www.grandforksherald.com
x-buildnumber: 1433990761
server: cloudflare

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 favicon-32x32.png
www.grandforksherald.com/ 1 KB
1 KB 494ms
493ms Other
image/png 13.32.27.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandforksherald.com/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-124.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

64a66c00f2ef22d9e3ca774297705825d20f59a7de6f1e6ffb6ee54ee3128c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/prairie-business

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-envoy-upstream-service-time: 62
x-envoy-decorator-operation: brightspot-frontend-verify.web.svc.cluster.local:80/*
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 1065
x-amz-cf-id: 0ei1dm5l293P5GkqYlKQs2UnApWyw2OhxAmGz4JLG6ZOqxJYbjTzsw==
date: Mon, 23 Sep 2024 14:06:29 GMT
content-type: image/png;charset=UTF-8
vary: Accept-Encoding
server: istio-envoy
x-amz-cf-pop: FRA56-C2

GET
H/1.1 200
OK views Show response
prod-forum-proxy-connext.azurewebsites.net/api/ 90 B
1 KB 200ms
199ms Fetch
application/json 104.44.128.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-forum-proxy-connext.azurewebsites.net/api/views?UserId=0164128067ab8bfff4008ba07d47b5e8&ConfigCode=LAUNCH1&SiteCode=GFH
Requested by: Host: cdn.vmzqqmlpwwmazjnio.com
URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/forum/t8y9347t.min.js?2024823
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.44.128.13 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9

Request headers

authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3OTkxMDAzODV9.5Yat_-9OpeQvsQ_B52c2bF9TY3c1mmRAmu4PNsb1n90
location: System
Referer: https://www.grandforksherald.com/
config-code: LAUNCH1
site-code: GFH
autoqa: false
settingskey: null
access-control-allow-origin: *
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
content-type: application/json
environment: prod
version: Version: 2.8.6.1
source-system: Plugin
ssid: ffced81f267153471cbda1bec2134dd9

Response headers

Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Encoding: gzip
Pragma: no-cache
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:94ae5057-927d-4045-bf63-1b3776adbf9e
Expires: -1
Access-Control-Allow-Origin: *
Content-Length: 193
X-Server-Time: 9/23/2024 2:06:30 PM
Date: Mon, 23 Sep 2024 14:06:29 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-Powered-By: ASP.NET, ASP.NET

OPTIONS
H/1.1 200
OK views
prod-forum-proxy-connext.azurewebsites.net/api/ Frame 0
0 550ms
126ms Preflight 104.44.128.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-forum-proxy-connext.azurewebsites.net/api/views?UserId=0164128067ab8bfff4008ba07d47b5e8&ConfigCode=LAUNCH1&SiteCode=GFH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.44.128.13 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method: GET
Origin: https://www.grandforksherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 23 Sep 2024 14:06:29 GMT
X-Powered-By: ASP.NET

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 18ms
18ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N18WFR4G74&gtm=45je49j0v871606135z8852250614za200zb852250614&_p=1727100384401&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=401790398.1727100385&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1727100385&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business&dt=Prairie%20Business%20Magazine%20%7C%20Grand%20Forks%20Herald&en=page_load_time&ep.FCC_ContentType=page&ep.FCC_PublishDate=&ep.FCC_SectionName=prairie-business&ep.FCC_ArticleSource=&epn.load_time_sec=3.74&_et=88&tfd=6817
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N18WFR4G74&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.grandforksherald.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 23 Sep 2024 14:06:30 GMT
content-type: text/plain
server: Golfe2

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-N18WFR4G74&gtm=45je49j0v871606135z8851263945za200zb852250614&_p=1727100384401&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_ex...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=401790398.1727100385&dbk=18287507740685849781&dma=1&dma_cps=syphamo&en=g2i_page_view&gtm=45je49j0v871606135z8851263...

0
0

32ms
26ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=401790398.1727100385&dbk=18287507740685849781&dma=1&dma_cps=syphamo&en=g2i_page_view&gtm=45je49j0v871606135z8851263945za200zb852250614&npa=1&tid=G-N18WFR4G74&dl=https%3A%2F%2Fwww.grandforksherald.com%3F
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 23 Sep 2024 14:06:30 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=401790398.1727100385&dbk=18287507740685849781&dma=1&dma_cps=syphamo&en=g2i_page_view&gtm=45je49j0v871606135z8851263945za200zb852250614&npa=1&tid=G-N18WFR4G74&dl=https%3A%2F%2Fwww.grandforksherald.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 517
date: Mon, 23 Sep 2024 14:06:30 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
0 0ms
0ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cdn.vmzqqmlpwwmazjnio.com
URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/forum/t8y9347t.min.js?2024823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

content-md5: nynBpfvYghYqzIzsvfssRw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DA5083F65AD9E0
age: 293752
x-ms-version: 2009-09-19
x-cache: HIT
date: Mon, 23 Sep 2024 14:06:26 GMT
content-type: text/javascript
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
vary: Accept-Encoding
x-ms-request-id: 388d8766-601e-0045-0315-0b225d000000
access-control-allow-origin: *
content-length: 2382
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4CBD)

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
0 0ms
0ms Image
image/jpeg 52.216.50.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.216.50.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.grandforksherald.com/

Response headers

x-amz-meta-s3b-last-modified: 20191015T134358Z
ETag: "ef2cc7f55b7ab677b023e36033e26471"
x-amz-request-id: C1RFMPNVBRXA5JPS
Accept-Ranges: bytes
Content-Length: 631
Date: Mon, 23 Sep 2024 14:06:28 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: XmzfTaN/aaUQL5d+XAacnvdZlfmQPR9auQZFE3PdJrcM2eX6eMizwR5DOkBrA1dC/m/CirK6S0A=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.grandforksherald.com&pubid=59950d2e-4dfc-490d-92ee-81f8d387b7dd

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=9853337;type=usa;cat=women0;ord=3538408231080;npa=1;auiddc=211570192.1727100385;ps=1;pcor=785674871;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business?

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=9853337;type=sale;cat=women0;qty=1;cost=cost;ord=3259389321;npa=1;auiddc=211570192.1727100385;u1=tickets%20purchased%20(quantity);u2=event%20name;u3=purchase%20date;u4=purchase%20time;u5=inventory%20type;ps=1;pcor=1990504168;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49j0v9189050664z8852250614za201zb852250614;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.grandforksherald.com%2Fprairie-business?

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202409170101&jk=4332450170206081&bg=!KSqlKmXNAAbWYrMm9mI7ADQBe5WfOI7jTxfNslWIMsJSKvMMzWbf4EAqBDPaT_lE3RQ4R9ZCb_WeS9W6dEp33-II4A17AgAAAGNSAAAABGgBB34ANkO8yW17r-VMv37TLJ7fmj2KNIyRNq9Otrdib_bHOX7caVE1CYtFFtyCgcmm1-n3K3vJQMKsQQoAXWnD-Fk3wJEEdQMQ9IB6TcMBR1iKgtp3YMv7LSQFoWpIY6qqtKF5iyoY-RinsGOtXCYaIww95W2Hzj-b9ckguW2YTdH6A5DcLRQTMQZsNKcDlGuzPpxVO4mrbOUQxZkC3Hmb_vhPy4hIKTudpSd-C9ZEK4j7nsOtzAECn3CaekVKPX9HSEFWvvXVFyLcVWEdW91mDoihrv6uL7emACbvXzWw9EHv6SGmbl2c-ggHUfPlQHJD8d5Qsn2sr0qBEhj2LH4aIkSJy3xUEtPVrsArhynYDR8i4L90bW1cOHGNWg1-dUHUHUR6WaRbzAvRqIrzFWAPzQPRFZnTtOHdEuYp2voINWbop_TyHwjObKft1orCpk9Fb1_XK7i8APHZ2_jVXjV-vncHt2Ojm__h7svUJl3oHVUP9KDZXZx78QKHMHyvDCF1wIZUeMc-bz6IQ247ot2KYMRjkpp2rCyl9vcqXLewHnruZAYh5m-AjzQSDhlEnmUSN8WONfiE5x_kGr8zYsNLp5-PlUBka_sUojg9fEDgBt6BVZ6ChenMg2y6glYoUbv2GCu59d4ilwbGD73wgltYO-xi2NnAEE762XX2iNgehXxAxQRm6AUSNJ9Wjvbjm2yKvyvgpGSVeyXrpnN1I46HIIsC4VDUrf0W6ZTLOkdBi26MQLiqHS--FufxwLUEhcNCsJTwhwYr6n3Vgu752nYotqD9SXK73Q8aEyV4iZ9LBwuq7HSrZFQiXUDZIi8877jCIBxlfB1AWxgRgU-spfFNSHYl6GQpOoEkHCwp8UKkI1nndJgvojQhHEAUchFFY5yb0cQ31QlaLYHyHlTlj375ZHytFeLxskVt9U3MfSqWzU4gSWPvoV3Dqiy26qgC88mG4DIjjPiHIPZ7QdPepjhLMmARAjldR1xlo6HUsEVjKAXIZEER3II0ufz1wP3EL5QZjiVd1RUsJ88bIiilUKZcfomu_qs8UlXSf-xXxFkMVKqh8zfLWYp9g-ZgY26TnfI7EmevN19yWkLGOy6e8RJdfwSdINhQiIsTYntH02jcrZdeQ8XGdRsJAjsvZJ3nQHOZu-rATzp_L-AzlcHD9eSsqzoqDu1t1bcuOA

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.inforum.com/events/980b5b9339c4305e9fcc3929f2942bc9f50e9b99bdfb4f2830d89d696b7acf9c	1970-01-21 01:54:36	Name: cee Value: XhTfdl2SIcVsJ9xaTwlqTA3jkjx%2BuboeNaahti4LbRI%3D.%7B%7D
k664.grandforksherald.com/DG/DEFAULT	1970-01-21 09:21:00	Name: BCSessionID Value: 9e95df43-8172-401a-86b6-32c4257833c8
k664.grandforksherald.com/DG/DEFAULT	1970-01-21 09:21:00	Name: BCSessionID Value: 9e95df43-8172-401a-86b6-32c4257833c8
forumcommunications.blueconic.net/DG/DEFAULT	1970-01-21 08:30:36	Name: BCSessionID Value: 9e95df43-8172-401a-86b6-32c4257833c8
www.grandforksherald.com/	1970-01-20 23:45:02	Name: sailthru_pageviews Value: 1
.grandforksherald.com/	1970-01-21 01:54:36	Name: _gcl_au Value: 1.1.211570192.1727100385
.postrelease.com/	1970-01-21 08:30:36	Name: opt_out Value: 1
www.grandforksherald.com/	1970-01-21 08:30:36	Name: ai_user Value: REhh4\|2024-09-23T14:06:25.006Z
.grandforksherald.com/	1970-01-21 04:04:12	Name: _fcc_ppid Value: 5941ea5b534a8f61be8bb811ad85d6ec2482c1a7
.grandforksherald.com/	1970-01-21 04:04:12	Name: _pubcid Value: e3072e0a-540e-40c4-8bc4-c82262a9ca9d
.grandforksherald.com/	1970-01-21 04:04:12	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
www.grandforksherald.com/	1970-01-21 08:30:36	Name: sailthru_content Value: c701e0d74a1fedd4e00f6047750f6200
www.grandforksherald.com/	1970-01-21 08:30:36	Name: sailthru_visitor Value: 36b2f98e-042e-49f8-bca3-5de68f43ed57
.id5-sync.com/	1970-01-21 01:54:36	Name: id5 Value: 358b9df3-3eab-711f-a19c-212794bf8780#1727100385358#1
.rubiconproject.com/	1970-01-21 08:30:36	Name: khaos Value: M1F2Z668-20-716S
.rubiconproject.com/	1970-01-21 08:30:36	Name: audit Value: 1\|naVuGyos1qoii95Izky6j73dDCC+ZXywNKDLFkebH7rIe5D3fKG2+QQn+ScAoa1roiRfbzAyC/tjfvKuOZw80lx1xE7/GSh44HEYI5ehIrXyz4PImkoENL7FQD2yB//hvsVAPbIH/+G+xUA9sgf/4Q==
.grandforksherald.com/	1970-01-21 09:21:00	Name: _ga Value: GA1.1.401790398.1727100385
.twitter.com/	1970-01-21 09:21:00	Name: guest_id_marketing Value: v1%3A172710038540773375
.twitter.com/	1970-01-21 09:21:00	Name: guest_id_ads Value: v1%3A172710038540773375
.twitter.com/	1970-01-21 09:21:00	Name: personalization_id Value: "v1_oqtm94OMw+ip6Lcy78GLow=="
.twitter.com/	1970-01-21 09:21:00	Name: guest_id Value: v1%3A172710038540773375
.doubleclick.net/	1970-01-21 00:28:12	Name: ar_debug Value: 1
.t.co/	1970-01-21 09:21:00	Name: muc_ads Value: da2bad11-20c3-4353-bfcb-562f1e02e984
.t.co/	1970-01-20 23:45:02	Name: __cf_bm Value: _UwUoOFGAqWDNA02WvteYTbBlyJkg6afRQbadeSIk.U-1727100385-1.0.1.1-mQENfCx7WYebVWBUJkA3oQKZxx.0wE9rOEIeOdSeqFXF58y.BAxDogucRiwHtpPiM4srKWpo53kmc6qRynJZcA
www.grandforksherald.com/	1970-01-21 01:11:24	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-09-23T14%3A06%3A25%22%7D
www.grandforksherald.com/	1970-01-21 01:11:24	Name: pbjs-unifiedid_cst Value: zix7LPQsHA%3D%3D
.doubleclick.net/	1970-01-21 04:04:12	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 09:06:36	Name: IDE Value: AHWqTUnE1DQc2hsKl_bmj1sYwBD3LpW5yYe0aCCHceGzwI8Yg9m1L4-c8VgKthxQTO4
.quantserve.com/	1970-01-21 09:15:14	Name: mc Value: 66f175e1-a66ab-ec065-fbc1c
.grandforksherald.com/	1970-01-21 01:54:36	Name: _fbp Value: fb.1.1727100385732.373034688281665034
.grandforksherald.com/	1970-01-21 04:04:12	Name: __eoi Value: ID=79eb3eeea2839139:T=1727100385:RT=1727100385:S=AA-AfjbrJ8ZlgCbUMZsZxVCopyYY
.grandforksherald.com/	1970-01-21 08:30:36	Name: _vfa Value: www%2Egrandforksherald%2Ecom.00000000-0000-4000-8000-2ee7125f71b1.0156e0d8-9263-480e-9ad1-c48bb8a4a55b.1727100385.1727100385.1727100385.1
.grandforksherald.com/	1970-01-20 23:45:00	Name: _vfz Value: www%2Egrandforksherald%2Ecom.00000000-0000-4000-8000-2ee7125f71b1.1727100385.1.medium=direct\|source=\|sharer_uuid=\|terms=
.grandforksherald.com/	1970-01-20 23:45:02	Name: _vfb Value: www%2Egrandforksherald%2Ecom.00000000-0000-4000-8000-2ee7125f71b1.2.10.1727100385....
.grandforksherald.com/	1970-01-21 09:06:43	Name: cto_bundle Value: 3dMXQV9aY05RZlZ0Z3U1aURrTUkxWTBCdWUlMkZpUlpYSHBvODBwRUlPUmljYmtRU2xzajglMkZmUkZPMmdOOSUyQklIcWRKaVE4ODg0QlFZbEh5SXFqUnpoakpFcE14VDJSZ09kcklxVG45WlUxRlp6SWdGNVRnemphMnlXc2pPSUhwSkY0RzF5eA
.grandforksherald.com/	1970-01-21 09:06:43	Name: cto_bidid Value: 33Izyl95d24lMkJ3T2glMkI3NlZrM09NYkhFN3llamtENlNXTnklMkZmUGJmNXRvNXk4WW9nMHNRb09obXFiMGJaTjhQRHZUQ2RpSFdpbHhHcGdneUYxYkxSWjhQQUFsbDA3dU9tVjBidWF3Nm5BOTVpZG1WUSUzRA
www.grandforksherald.com/	1970-01-21 09:21:00	Name: csparkW_ga_39CWM68PTE Value: GS1.1.1727100386.1.0.1727100386.60.0.0
www.grandforksherald.com/	1970-01-21 09:21:00	Name: csparkW_ga Value: GA1.1.2114604498.1727100386
.grandforksherald.com/	1970-01-21 08:30:36	Name: anonDeviceId Value: 0164128067ab8bfff4008ba07d47b5e8
.grandforksherald.com/	1970-01-21 08:30:36	Name: nxt_last_visit Value: 1727100386435
www.grandforksherald.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 9e95df43-8172-401a-86b6-32c4257833c8
forumcommunications.blueconic.net/	1970-01-20 23:55:05	Name: AWSALBCORS Value: q0HaqZOeBgtuJ0PwhxkSl/UUUWBeZx3bhDSBrH9tOZdsDVHIoR9T5tzNG0FtPPKefWdQs3RQvOO5GwtejzgGXjakF2bXae9B9noa1pCOqIFJubFW3i4wsH/0lVYi
www.grandforksherald.com/	1970-01-20 23:45:02	Name: ai_session Value: pbjkJ\|1727100387121.9\|1727100387121.9
k664.grandforksherald.com/	1970-01-20 23:55:05	Name: AWSALB Value: 0SU+F2P1GJtfyNVtRuriECAY4rajoq9JjFoABbrygu6Lrbv3FuBcPUUhaQcDh6sRZZ+sct4FsI+JcL0BPjMdifFz2kRKSuWwV2KZDc0fFgkEj1MTW/I15CbNrDWe
k664.grandforksherald.com/	1970-01-20 23:55:05	Name: AWSALBCORS Value: 0SU+F2P1GJtfyNVtRuriECAY4rajoq9JjFoABbrygu6Lrbv3FuBcPUUhaQcDh6sRZZ+sct4FsI+JcL0BPjMdifFz2kRKSuWwV2KZDc0fFgkEj1MTW/I15CbNrDWe
.grandforksherald.com/	1970-01-21 04:04:12	Name: _fcc_user_status Value: anonymous
.grandforksherald.com/	1969-12-31 23:59:59	Name: _fcc_sls_subscribed Value: false
www.grandforksherald.com/	1970-01-21 08:30:36	Name: brandcdn_uid Value: eae32df2-4435-4823-b544-af4698d2a0d5
.grandforksherald.com/	1970-01-21 09:13:48	Name: _cb Value: DJXp-vCpkCXIBa0wk3
.grandforksherald.com/	1970-01-21 09:13:48	Name: _chartbeat2 Value: .1727100387776.1727100387776.1.C-PaB7DbAV1jCZiCYhC44l7CCLx0em.1
.grandforksherald.com/	1970-01-20 23:45:02	Name: _cb_svref Value: external
.demdex.net/	1970-01-21 04:04:12	Name: demdex Value: 11701898332961376162604996728106719270
.grandforksherald.com/	1970-01-21 09:13:48	Name: kndctr_C7884A3A64E46D6E0A495EEB_AdobeOrg_identity Value: CiYxMTcwMzMyMzU5NjY1NjAyNTQ0MjYwNDg1MzkyNjg1MDk1OTk0MlITCIqF0vmhMhABGAEqBElSTDEwAPABioXS-aEy
.grandforksherald.com/	1970-01-20 23:45:02	Name: kndctr_C7884A3A64E46D6E0A495EEB_AdobeOrg_cluster Value: irl1
adservices.brandcdn.com/	1970-01-21 08:30:36	Name: brandcdn_uid Value: eae32df2-4435-4823-b544-af4698d2a0d5
adservices.brandcdn.com/	1970-01-20 23:55:05	Name: AWSALBCORS Value: 6DAYy52GBpUGPwx9PGThJEvrcUOfthAkU8oPvfFezpqUf84RHT/kMVEchAf2mzrbZsCWBpohAuVgg7zayXXMP3Sjb/jWYkNSEx/16OkaGVkTEbvcPZmMcr9Ychvs
.grandforksherald.com/	1970-01-21 09:13:48	Name: _awl Value: 2.1727100388.5-9031d7460b2aa76410d1917858750845-6763652d6575726f70652d7765737431-0
.grandforksherald.com/	1970-01-21 08:30:36	Name: nxt_upd_ac_GFH_LAUNCH1_PROD Value: 1
.grandforksherald.com/	1970-01-21 08:30:36	Name: nxt_GFH_LAUNCH1_PROD Value: {%221%22:{%22100081%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:1727100390470%2C%22far%22:0%2C%22frp%22:[]}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:%22100081%22}}
.grandforksherald.com/	1970-01-21 09:21:00	Name: _ga_N18WFR4G74 Value: GS1.1.1727100385.1.0.1727100390.55.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.grandforksherald.com/prairie-business Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.grandforksherald.com&pubid=59950d2e-4dfc-490d-92ee-81f8d387b7dd' from origin 'https://www.grandforksherald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.grandforksherald.com&pubid=59950d2e-4dfc-490d-92ee-81f8d387b7dd Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8975227.fls.doubleclick.net
9853337.fls.doubleclick.net
aax.amazon-adsystem.com
ad.doubleclick.net
adobedc.demdex.net
ads.pubmatic.com
adservices.brandcdn.com
ak.sail-horizon.com
analytics.twitter.com
api-mg2.db-ip.com
api.sail-personalize.com
api.viafoura.co
assets.adobedtm.com
az416426.vo.msecnd.net
btlr.sharethrough.com
c.amazon-adsystem.com
capig.inforum.com
cdn-p.cityspark.com
cdn.cityspark.com
cdn.confiant-integrations.net
cdn.dmepyodjotcuks.com
cdn.forumcomm.com
cdn.jsdelivr.net
cdn.mbmgivexdvpajr.com
cdn.pranmcpkx.com
cdn.q0losid.com
cdn.viafoura.net
cdn.vmzqqmlpwwmazjnio.com
cdnjs.cloudflare.com
config.aps.amazon-adsystem.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
dc.services.visualstudio.com
e90c9acc6816d542e6621b03cf4a936b.safeframe.googlesyndication.com
edge.adobedc.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
forumcomm.friends2follow.com
forumcommunications.blueconic.net
ggbepmk06k.execute-api.us-west-2.amazonaws.com
gum.criteo.com
htlb.casalemedia.com
i.viafoura.co
id.crwdcntrl.net
id5-sync.com
insight.adsrvr.org
jadserve.postrelease.com
k664.grandforksherald.com
lb.eu-1-id5-sync.com
loader-cdn.azureedge.net
mab.chartbeat.com
match.adsrvr.org
mug.criteo.com
notifications.viafoura.co
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
ping.chartbeat.net
pixel.quantserve.com
postrelease.com
prod-forum-proxy-connext.azurewebsites.net
pubads.g.doubleclick.net
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.ntv.io
securepubads.g.doubleclick.net
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.forumcomm.com
stats.g.doubleclick.net
stereotypedsugar.com
t.co
t.pubmatic.com
tag.brandcdn.com
tpc.googlesyndication.com
unpkg.com
widgets-lts.media.weather.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.grandforksherald.com
x.yieldlift.com
ad.doubleclick.net
c.amazon-adsystem.com
pagead2.googlesyndication.com
104.17.24.14
104.18.36.155
104.244.42.131
104.26.4.15
104.44.128.13
13.224.186.120
13.225.83.200
13.32.27.124
13.35.57.188
138.197.50.103
141.95.33.120
141.95.98.64
142.250.184.227
142.250.185.134
142.250.186.130
142.250.186.162
142.250.186.67
142.250.186.74
146.75.120.157
15.197.193.217
157.240.0.6
162.159.140.229
172.217.18.8
172.217.23.102
172.64.144.166
18.173.205.67
18.239.208.118
18.245.31.92
18.66.102.119
18.66.112.103
185.64.189.226
20.50.88.242
2001:4860:4802:34::36
216.239.34.36
23.35.236.201
23.53.42.121
2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e
2600:9000:223c:f800:8:2ae1:d740:93a1
2600:9000:2646:1200:18:1fcd:354:4b41
2600:9000:274d:4400:8:48e:53c0:93a1
2600:9000:274d:ae00:7:e536:8b00:93a1
2602:803:c003:200::21
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6811:f6cb
2606:4700::6812:196f
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::200a
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:400c:c04::9c
2a02:2638:3::c
2a02:26f0:3500:587::1e80
2a02:26f0:e300:18f::3282
2a02:b48:9000::1
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::485
2a04:4e42:600::714
3.161.82.73
3.212.31.204
3.215.242.153
3.72.78.234
34.196.228.185
34.217.66.45
35.166.123.140
35.227.252.103
44.208.72.154
52.216.50.41
52.36.224.135
52.49.92.148
52.8.140.81
54.75.138.185
63.140.62.17
63.140.62.222
99.83.154.140
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
00b7c9bbd86d2880e9a3de5009ab14c4c8915093b407574c788d22f34baa545a
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
06b8f8b8b3580d35846908ca7bf1919b68f5997fe0f495e36efb1861b3690e8b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071a4c7c82d660926e6d89ae3bb493dba7d4fa989f3ed01095ac8a23b5a52273
081bb876717094e8f9cc67f2566d4d73b411a287f3d69ce9752ebb7e6bf12cad
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0c51c36e56487370a7cd62c67ad69824f6d3f3ef4683297da47626a8f6415297
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e33e8bd0bb96a926281e6712e0a99b5639f451440a374ea105f799593cb85e8
10078c6214313adb9b0f9c0ed23756bc8802fb0c44e7c8d3c12b4fa8b7fb95e4
14cd740cfb34a149d34ebbcfe5391e044d5b1d2a5a1e4c4a5aa6e44c6914abf4
19cae9271e1bbe3db13465720cec9444dcfe778f41d88aaaa3285dcf7adabc77
1a43a257bee5b0df57e0b877fd669eaabfe6b1ec0c75f8c3a7b5d311a3a0342c
1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67
1b95f8f8c61fbb4bef4896ec9fec649306a6d29d0eaaa3fac27aa050d68d0670
1cee87ecea5f99dce79483ee4d0f2bb1aa48b726bab80074ddac3fda062e7b40
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587
1d7611a12bba81706b18b7d3f91d7a6e98c5147c46bd21fd042806fce343f890
1f6ad088a551be808617290ad871a06a5b7336fbcf8474ebc07e4e4bf9bc3349
2433e358c3e515f00d53497b23fee8a8c00a01b769bcd7c7eea0c64228510ba5
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2c899e2872bf7a4732d2d24f6fc47373ac456edaf270dfaa41b3505770723ae4
2daf4f648f61913798a435e8a7de48bc507cef6d1beef4a05e314dad8db6f4bf
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439
2f96a2dfe8420066fb7c58eeb240c30e1243ba4072ba2363d088b600f4d4987d
304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5
3408a6fabc3d7fe17f2d00dfd256075f7568be4e615e48e9cd68eac2219935b9
34fffa903af2b63517550f45da8e86bb19a87bc0a22c6b0f6ff1d7c8e4f2d3bc
363ccc134ff12ac0b583e9b135a214a9b504fff1a8e31042fb13bc07e3e91468
38af123b785cb8ba6b26bb4c784c6d4c4b05c25e3478d57a036f857fd9b19ce6
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2
3b5a9470263bf2b1fd08afe95dd927d5d9e169d050be606eebfdc7291a5f03d4
3cbe0aefda9372004c6cd35737507631dce228b2bd87c5581a58b627e0da69a7
3ce57e1a02c1af3110b9c343c45c8b9bca39b642b26b780ea098410766d6bfd7
3effe2ea123356a6848aa9a12878b5be55d0b46b6f8cb6c5ad9c24101e0043a0
403157f1da5460465e0156ec5f3b9a21270b545805b43ac4137572027f21296c
416292a54924c14eda30cdc4ff8d1352cb3b522ca03fa3a9ecb542a345419e03
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
49259eecff0352945a0a001090d789740d8949aca4110405b2aedf947bf1745c
496dd0b3854a45479d963efa5b5bd642efcf1ea53b04609106a524fe016ec27e
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d65b53119f14b68d0bf606a7fe8c268653beea4a468ac1992f863c399f5b9cc
4e6a06d2689dfb3ef55c8699b1842e7b1f31354d85396a4f8bc1f5c637fa0fc5
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
555f9e9c09b7bb24ecb903f5f7d88b45ae500e7229ff002eb5456a967406a42d
58153bec9360147ce0fa0ce8e47e8254c802968339ab07a14bcc34dd6ba991b8
5b401a79505922adc2fdd9960b755c622382c218201b8c1c8bf8d621721c0233
5fddad08635f7c9f9bf7c6a651d35d49ba5d5e1712bd437c1a479454d436461f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b1448c4e000ba6a9d5998fe754705523d76914000548544c1e26af46566178
63f2170fac8aa98fb5f23cf2ee3998f1f384d53cf252e6c8d9267c6519c93152
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1
64a66c00f2ef22d9e3ca774297705825d20f59a7de6f1e6ffb6ee54ee3128c85
650d3a9673269648788e9e0fd371ff0982fb36f3cc7677a68218e5e6d53b013f
666d6102b5206bb70da7195aee0bf0d23dff1fdbed22ef259e3c54c64c36080d
677eda63e88165811a97a46c115ab43158be93f15d36a5c2b85e22d8549f8ebd
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6a832ae39244408bade2893495e09216fff595bc0888c92c3d4f594b34f25408
70e2c48e17f030066b530cf41f5f7d726ff7736ae0875e36dc2b5ef649e1f146
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7af5d678bbfb00f26980085b7eb187908a49803e9e7b70ce6dbbe88aa479e9e8
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7cafdadf03dd3defa282c7308e62f47d86f702c6c8be58be9e1125122749fbeb
7d13702914900e2cdb4dcc059784094b34c3691bc092906c174206f61c5bfa49
7d2e4384bf9dec3221e693225c190951dcffb4388fb378b23c6b85f99f66c0e8
839283326c111773ab5e567624466412703746e7be1a67d12743926298533ce8
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
88ef2c29409ce5218170e5e45ea0725bc97575e40b73c8399127fe78c2452357
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3df56c95a77409f149cd4eb0796ac9dbde4cce0edda4d7d537d3774436a674
911c9f62ccbc132994b0af05aac0e049f5b9d026d5cfeed27ed78cee093b78f2
93710c38c5ed98db78b6f0dc4c39a21c6e82447e0e9e4531289975d02b459135
966a8421df082b4dfde5790dbb6174025661a8a33976e431f8a4a7207e19dc90
991d8f6a815a4d6fc7d7a9a81a8fe9596651147ca561ee9a2e05a9e8e014fd4e
9ada62e836d8b0d8b955a599aa7573ee0eebfdd79b0d47cc9732c9f9b4dca868
9b358b1e143853a030a4b880a40e833974e420c2161ab919869c7960296883be
9b763f1f1e4810d0119cf51a0ef1f2ad28ab77967e8c5d59247e53c3987b51d5
9d7805992cf7b7a6eb820f848e9eed600cb66123bcf4a71bb94f6851ebc1eb86
9fa4c3916282921b036fc159a919a12554f2ab5d1da043b053646e5062d98abe
a07a7c548134131710bc91d73f1e2ea558442533a443bbdfb16a8f606e8f4de1
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1e3139be1dc2d0c0b6b99e9bc979f23bfdbdf878f01692db68860633502a40e
a3112b140a41317008f98c37e5e8ec827b032f48a331f9a8116918ebeaaa7cdd
a4c37d5259154f3b0c5e31d4891b8e12c9cf4f462d4e9a03d8dde81203485f92
a5980b1e808ec9b959695c8d13c2c0eb1664d7de9586229b082ae34e27285e97
a843c03429d602db5da1750794870e614b683a31e755f06d54ecbd3c6fcb18cb
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
ac7157f1a795feaa3ac646d2bcf81871185b631903eebcea3d5a3826e81ff7b7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0a2d221208420be1d702c0dae8ba8178b46bffa9382c0eaed9a77325f6af60
ae5255adaf3589fad8dcc886e2d0d9477df2ea38d63b6fd759e515acb480e612
b0c7460cb038c345d7e6d8e5736520da6619efa29a31425c2e72aaeae3586b49
b3ef7eff37faad3f064b2fcd89f1aa9fedc6a17a63877728045726015b9ce215
b8e2612575553a93321a90a8885f7807956cfe779304b51d0d596fdf71420c42
ba326f2cc977931b20b162a0889aface84f025c5584e946843d1ed02b7af990d
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
bdedef336db42f247d06fc93fd4f265a5e87e50a2d12714929778fa9898ab15f
bea34da91cff61cefe1ca6f00b05890f7454c1eda4c599b02eb4ab54fcc35e09
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9
c03a5b76da97d02e4e4a8b5796f8c0a8ef3b9b675e6150bbf83ba5e4ad174392
c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb95a582de73802e636457f750ccc00545d657ed918d385cd95d32c60ee1ae56
cc04902a82e68d674959aa4253366468df12ed50002f300f99a41e11c37de084
cd0f7911b672e09a4395cbdd3480c317d9bfe25c8889dc575fd41a2644028fae
cd54d74cbf62a7358e8ad6d7cfc287a5165080352258b188f5597db1d2753fd8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5
d08b7bb8d5e44d41f88529f0130980c559dd725f9462e463b2db00f389be14cf
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d
d22111b3e278969ae661fef84f4ee6405822765b590515e4cb5207eea8dbbc42
d2bf64bbf690cf09973e44e3f2f37c52db53634d4c574d473c3a2dfc4dd8534a
d5f82c60091e1c02325937df9d2f2300789223aac1d64548785994d9bac042fa
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dd8eea9dc76083b701fa07a25f6e592b5141fc01f6ba4eac2e425cc8a61088e9
df926dbe6ace6b4553533afe11216e3d2ef9077376c3e7970d3db3b1260e7337
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334
e240cdfc603cf0ae45b575e54c4814f5c31731a12f4b369a64d7bbc043223628
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e5ac24b9a1300734a0ebb9c4d8571553bad992021040b30e62500670045f6bb2
e8ed4ecd47d8e04ddabb007f3a695ece6e981628a66ca8ed91cd18782b963284
eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921
eb1f4254702b0fe460795be965642d58177065e1bb4506461b63bc4377e56923
eb98515421056544ddf50a6c430b1d35f3588cb7d2f72ce1f9f5e7256e65cfab
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed8e330a58f5ea649045654a1b11810bec25f04ff012955e81fbd0609b5d9053
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09afdbbc563c369fb3f18ed6514bfed5a875f8abd4a9a00a3a57fae01ab3d47
f1dabfe09d99c5c5fa5a80b9b3019750d08a0ec62c183875250cda6d951f06e1
f25ea58b0b9817f46d3f45925fbb2803fe30b253ec62cdb6ecd84c465b6f67a0
f5117070e105801e4cb0e2f9472e3e2cef5ed4e7edbf3f721088c1ab52f24a43
f72d1dd574da19f679f48b43533ad8abd6286b5323a67d0a01f331d898ea1983
f74f605e7e4a329b18106d10b194c46539ec280b9b04fe5e44740d3597ce0462
f8158f2dfb4c7e7376c37298b1194bd0c44d31486a9ad9910218d3e9e79fe22a
f9dbd8e60971f7a0660028aadde537b3b6d9f4abb8e9eab8dec59b841d60fbfe
fe8c4fbfc9ac9623aea6a8632b00ce10dbee4071570796a7005c4ed9d7818b37
ff02dae0347771b38ab32e368941024ac8d5e4e8fa3a9eeae96c4c003f2fd75b
ff0f4a50efa32beda6cf38ad3d2f6b6c8ee206aed71a6f92247030f48162c6cd

www.grandforksherald.com Open in urlscan Pro 13.32.27.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

97 %HTTPS

32 %IPv6

64 Domains

85 Subdomains

78 IPs

9 Countries

4118 kBTransfer

14450 kBSize

60 Cookies

28 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.grandforksherald.com Open in urlscan Pro
13.32.27.124 Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

97 %
HTTPS

32 %
IPv6

64
Domains

85
Subdomains

78
IPs

9
Countries

4118 kB
Transfer

14450 kB
Size

60
Cookies

205 HTTP transactions
3 data transactions