URL: https://preprod.paradisepost.com/
Submission: On October 17 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 36 IPs in 5 countries across 31 domains to perform 97 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:4288, located in Ireland and belongs to AUTOMATTIC, US. The main domain is preprod.paradisepost.com.
TLS certificate: Issued by R3 on October 16th 2021. Valid for: 3 months.
This is the only time preprod.paradisepost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.225.87.43 16509 (AMAZON-02)
1 13.224.193.43 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 13.82.152.48 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.234.163 16625 (AKAMAI-AS)
3 2600:9000:21f... 16509 (AMAZON-02)
1 13.225.85.39 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
14 2606:2800:233... 15133 (EDGECAST)
1 2a04:4e42::282 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 2a03:2880:f02... 32934 (FACEBOOK)
2 4 13.225.87.89 16509 (AMAZON-02)
2 3.125.152.40 16509 (AMAZON-02)
1 3.223.233.80 14618 (AMAZON-AES)
1 54.144.144.142 14618 (AMAZON-AES)
1 34.192.61.210 14618 (AMAZON-AES)
1 2600:9000:20e... 16509 (AMAZON-02)
2 13.224.193.104 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 23.99.206.151 8075 (MICROSOFT...)
2 13.224.194.49 16509 (AMAZON-02)
2 52.217.49.140 16509 (AMAZON-02)
2 52.236.186.216 8075 (MICROSOFT...)
1 172.67.75.166 13335 (CLOUDFLAR...)
97 36
Apex Domain
Subdomains
Transfer
25 paradisepost.com
preprod.paradisepost.com
u255.paradisepost.com
417 KB
10 ayc0zsm69431gfebd.xyz
cdn.ayc0zsm69431gfebd.xyz
344 KB
7 google-analytics.com
www.google-analytics.com
41 KB
4 azurewebsites.net
stage-dfm-proxy-connext.azurewebsites.net
41 KB
4 amazonaws.com
8idf2m851i.execute-api.us-east-1.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com
1 KB
4 p-n.io
cdn.p-n.io
k.p-n.io
59 KB
3 azureedge.net
loader-cdn.azureedge.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
238 KB
3 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
124 KB
3 googletagmanager.com
www.googletagmanager.com
171 KB
3 go-fet.ch
c.go-fet.ch
43 KB
2 visualstudio.com
dc.services.visualstudio.com
341 B
2 cloudfront.net
d1wa9546y9kg0n.cloudfront.net
14 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
2 parsely.com
cdn.parsely.com
p1.parsely.com
19 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
89 KB
2 jsdelivr.net
cdn.jsdelivr.net
98 KB
1 db-ip.com
api-mg2.db-ip.com
903 B
1 google.de
www.google.de
522 B
1 google.com
www.google.com
522 B
1 quantcount.com
rules.quantcount.com
436 B
1 postrelease.com
jadserve.postrelease.com
538 B
1 facebook.net
connect.facebook.net
26 KB
1 blueconic.net
medianewsgroup.blueconic.net Failed
702 B
1 polyfill.io
polyfill.io
596 B
1 msecnd.net
az416426.vo.msecnd.net
22 KB
1 ntv.io
s.ntv.io
113 KB
1 googletagservices.com
www.googletagservices.com
27 KB
1 windows.net
prodmg2.blob.core.windows.net
111 KB
1 osano.com
cmp.osano.com
97 KB
97 31
Domain Requested by
24 preprod.paradisepost.com preprod.paradisepost.com
10 cdn.ayc0zsm69431gfebd.xyz ajax.googleapis.com
cdn.ayc0zsm69431gfebd.xyz
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
preprod.paradisepost.com
4 stage-dfm-proxy-connext.azurewebsites.net cdn.ayc0zsm69431gfebd.xyz
4 sb.scorecardresearch.com 2 redirects preprod.paradisepost.com
3 www.googletagmanager.com preprod.paradisepost.com
g2insights-cdn.azureedge.net
3 c.go-fet.ch preprod.paradisepost.com
c.go-fet.ch
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 paywall-ad-bucket.s3.amazonaws.com preprod.paradisepost.com
cdn.ayc0zsm69431gfebd.xyz
2 d1wa9546y9kg0n.cloudfront.net cdn.ayc0zsm69431gfebd.xyz
2 8idf2m851i.execute-api.us-east-1.amazonaws.com c.go-fet.ch
2 k.p-n.io cdn.p-n.io
2 securepubads.g.doubleclick.net www.googletagservices.com
2 cdn.p-n.io preprod.paradisepost.com
cdn.p-n.io
2 cdn.jsdelivr.net preprod.paradisepost.com
cdn.jsdelivr.net
1 api-mg2.db-ip.com cdn.ayc0zsm69431gfebd.xyz
1 g2insights-cdn.azureedge.net ajax.googleapis.com
1 fp-cdn.azureedge.net ajax.googleapis.com
1 www.google.de preprod.paradisepost.com
1 www.google.com preprod.paradisepost.com
1 stats.g.doubleclick.net www.google-analytics.com
1 pixel.quantserve.com preprod.paradisepost.com
1 rules.quantcount.com secure.quantserve.com
1 pixel.wp.com preprod.paradisepost.com
1 p1.parsely.com preprod.paradisepost.com
1 jadserve.postrelease.com s.ntv.io
1 connect.facebook.net preprod.paradisepost.com
1 secure.quantserve.com www.googletagmanager.com
1 loader-cdn.azureedge.net ajax.googleapis.com
1 medianewsgroup.blueconic.net u255.paradisepost.com
1 polyfill.io ajax.googleapis.com
1 az416426.vo.msecnd.net preprod.paradisepost.com
1 stats.wp.com preprod.paradisepost.com
1 cdn.parsely.com preprod.paradisepost.com
1 s.ntv.io preprod.paradisepost.com
1 www.googletagservices.com preprod.paradisepost.com
1 prodmg2.blob.core.windows.net preprod.paradisepost.com
1 cmp.osano.com preprod.paradisepost.com
1 u255.paradisepost.com preprod.paradisepost.com
1 ajax.googleapis.com preprod.paradisepost.com
1 fonts.googleapis.com preprod.paradisepost.com
97 41
Subject Issuer Validity Valid
preprod.paradisepost.com
R3
2021-10-16 -
2022-01-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-03 -
2022-07-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
pushlycdn.com
Amazon
2021-03-16 -
2022-04-14
a year crt.sh
i953.greeleytribune.com
Amazon
2021-09-15 -
2022-10-14
a year crt.sh
cmp.osano.com
Amazon
2021-09-17 -
2022-10-16
a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01
2021-08-15 -
2022-08-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA
2021-01-25 -
2022-02-01
a year crt.sh
*.go-fet.ch
Amazon
2020-12-08 -
2022-01-06
a year crt.sh
*.parsely.com
Amazon
2021-07-05 -
2022-08-03
a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-04-16 -
2022-04-21
2 years crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020
2021-06-04 -
2022-07-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
sni22a5dgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-08 -
2022-10-09
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-09 -
2021-12-08
3 months crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.p-n.io
Amazon
2021-01-26 -
2022-02-23
a year crt.sh
*.postrelease.com
Amazon
2021-01-28 -
2022-02-25
a year crt.sh
*.blueconic.net
Thawte TLS RSA CA G1
2019-12-04 -
2022-02-01
2 years crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon
2021-08-28 -
2022-09-26
a year crt.sh
www.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
www.google.de
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
sni1ad09gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-01 -
2022-11-01
a year crt.sh
sni1ad03gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-01 -
2022-11-01
a year crt.sh
sni9642gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2021-02-20 -
2022-03-22
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 02
2021-07-07 -
2022-07-07
a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-01-11 -
2022-02-11
a year crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01
2021-07-22 -
2022-07-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://preprod.paradisepost.com/
Frame ID: 154226D9A57F51E3F862FF4EFC0C8701
Requests: 95 HTTP requests in this frame

Screenshot

Page Title

Paradisepost.com covers local news in Paradise, California. Keep up with all business, wildfire recovery, local sports, outdoors, local columnists and more.

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

97
Requests

98 %
HTTPS

49 %
IPv6

31
Domains

41
Subdomains

36
IPs

5
Countries

2124 kB
Transfer

7023 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1634431537093&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&c7=https%3A%2F%2Fpreprod.paradisepost.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1634431537093&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&c7=https%3A%2F%2Fpreprod.paradisepost.com%2F&c9=
Request Chain 81
  • https://sb.scorecardresearch.com/c2/6035443/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

97 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
preprod.paradisepost.com/
228 KB
45 KB
Document
General
Full URL
https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
cb600a05ada3dddd79ae065ec8ecba56e8d3df8d8f97c14bf8e0fa7e14286c2d
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:method
GET
:authority
preprod.paradisepost.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 17 Oct 2021 00:45:35 GMT
content-type
text/html; charset=UTF-8
content-length
44892
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
x-robots-tag
noindex, nofollow
link
<https://preprod.paradisepost.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/9JdzX>; rel=shortlink
content-encoding
gzip
x-rq
hhn2 0 2 9980
cache-control
max-age=300, must-revalidate
age
0
x-cache
hit
vary
Accept-Encoding
accept-ranges
bytes
strict-transport-security
max-age=31536000;includeSubdomains
/
preprod.paradisepost.com/_static/
94 KB
14 KB
Stylesheet
General
Full URL
https://preprod.paradisepost.com/_static/??-eJyNj9EKwjAMRX/IGlQY7kHET8nSoNG0HU2H9O+tiriBDz6Vy+GEHriPjlIsHAuMOp0lGpgUdsuBGb0Yj8kKWMEiBGQNUmaO6yBx3eYK2jGJpJNne/HmFBg00c2pDBlzbXZV/m1cDQJ7QVYOz//Mx6hYOTvlM1L9T29svhfSJ5lU2uPC9O3NBCdvgGZc3hUhDaLs0F/YJEX3TmjkGA6bbrfr9/222zwAQxJ7iA==
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b23c48e28ca7f1ff22f78f16796e6b4359e763b117c2649755f1a446ea69a01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??-eJyNj9EKwjAMRX/IGlQY7kHET8nSoNG0HU2H9O+tiriBDz6Vy+GEHriPjlIsHAuMOp0lGpgUdsuBGb0Yj8kKWMEiBGQNUmaO6yBx3eYK2jGJpJNne/HmFBg00c2pDBlzbXZV/m1cDQJ7QVYOz//Mx6hYOTvlM1L9T29svhfSJ5lU2uPC9O3NBCdvgGZc3hUhDaLs0F/YJEX3TmjkGA6bbrfr9/222zwAQxJ7iA==
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:35 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Mon, 11 Oct 2021 21:54:21 GMT
server
nginx
age
0
vary
Accept-Encoding
x-cache
miss
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/
56 KB
9 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3229180
x-jsd-version
1.5.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19173-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69f5814a9dec0614-FRA
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=5.8.1
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3aa29d6340c1d354b2594b02413c66ec2775832ca183a3787514b03215069157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://preprod.paradisepost.com/
Origin
https://preprod.paradisepost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 17 Oct 2021 00:45:35 GMT
server
ESF
date
Sun, 17 Oct 2021 00:45:35 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 17 Oct 2021 00:45:35 GMT
/
preprod.paradisepost.com/_static/
87 KB
17 KB
Stylesheet
General
Full URL
https://preprod.paradisepost.com/_static/??-eJyNjEsKgDAMBS9kjbZ+VuJZpIai9hNISvH21oV7d49h5kEhZVMUjAIhK/LZHZHhRKHNXqrvWg0h7dkjQzl2h8IgiRQlrovl9tha5gZ+/FTvA2+zhqWfjBmnWc/DA2QnMCk=
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
050e5f558c48fedda38a8cc74225e6ed6d6f17bdb24f4563a1c9f634bcf7bca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??-eJyNjEsKgDAMBS9kjbZ+VuJZpIai9hNISvH21oV7d49h5kEhZVMUjAIhK/LZHZHhRKHNXqrvWg0h7dkjQzl2h8IgiRQlrovl9tha5gZ+/FTvA2+zhqWfjBmnWc/DA2QnMCk=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:35 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Thu, 07 Oct 2021 00:41:14 GMT
server
nginx
age
0
vary
Accept-Encoding
x-cache
miss
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
sso-tools.min.js
preprod.paradisepost.com/wp-content/client-mu-plugins/src/SSO/assets/js/
5 KB
1 KB
Script
General
Full URL
https://preprod.paradisepost.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1633989260g
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
feb0e7f17014201ea9124f23e3f63965411385abf0103fc682595d0674087a0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1633989260g
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:35 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Mon, 11 Oct 2021 21:54:20 GMT
server
nginx
age
0
etag
W/"6164b28c-1536"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
expires
Mon, 17 Oct 2022 00:45:35 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
88 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 07:11:57 GMT
x-content-type-options
nosniff
age
495218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89476
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 11 Oct 2022 07:11:57 GMT
loader.min.js
preprod.paradisepost.com/wp-content/plugins/loader-wp/static/
16 KB
5 KB
Script
General
Full URL
https://preprod.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:35 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Mon, 11 Oct 2021 21:54:21 GMT
server
nginx
age
0
etag
W/"6164b28d-3e4a"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
expires
Mon, 17 Oct 2022 00:45:35 GMT
/
preprod.paradisepost.com/_static/
8 KB
2 KB
Script
General
Full URL
https://preprod.paradisepost.com/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1k9M0c1JrEwtKtbPQuLopqQV6GUV6+gTrQOo2j7X1tDM2NjSwtLIzCALAKxTJsY=
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1k9M0c1JrEwtKtbPQuLopqQV6GUV6+gTrQOo2j7X1tDM2NjSwtLIzCALAKxTJsY=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:35 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Mon, 11 Oct 2021 21:54:20 GMT
server
nginx
age
0
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
pushly-sdk.min.js
cdn.p-n.io/
307 KB
57 KB
Script
General
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=ErGrtFW8v2dIdqdB4gn02Ilgep94GVHOHkKk&ver=5.8.1
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-43.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3e2bc2d88612e3af91f1c3ce69551c29d85e90b1fd6271007105482346563ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 21:25:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"141c21c269aa2ca3230b2ada3b81341e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-id
IOH1jgUVIvermJmDF-QY15hSO9lc0VcjZPizG-0GlhCNadU7Kmzdug==
dfm-pushly.min.js
preprod.paradisepost.com/wp-content/plugins/dfm-pushly/static/js/
160 B
288 B
Script
General
Full URL
https://preprod.paradisepost.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1633989261g
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1633989261g
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:35 GMT
x-rq
hhn2 0 2 9980
last-modified
Mon, 11 Oct 2021 21:54:21 GMT
server
nginx
age
0
etag
"6164b28d-a0"
strict-transport-security
max-age=31536000;includeSubdomains
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
160
expires
Mon, 17 Oct 2022 00:45:35 GMT
script.js
u255.paradisepost.com/
144 KB
43 KB
Script
General
Full URL
https://u255.paradisepost.com/script.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-43.fra2.r.cloudfront.net
Software
- /
Resource Hash
6509320dcd09554319727a15623abb6a78cc753c70d794f2bb1c64da931240c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
221
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
43862
x-xss-protection
1; mode=block
last-modified
Fri, 08 Oct 2021 03:25:25 GMT
server
-
etag
b6744ac9c1f199aff503c957609f922f
content-type
text/javascript; charset=utf-8
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
9thFJwH1wZTIfyDvZL5IaiBfUhRqGBkKP_Ii3fbpE_YXNHgYOiEmvg==
expires
Sun, 17 Oct 2021 00:51:54 GMT
osano.js
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/
408 KB
97 KB
Script
General
Full URL
https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bca63524136b90b4088fbca3a3f08ad3299c1173843ebbcbd96308f961f3e893
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
content-encoding
br
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-length
98906
x-xss-protection
mode=block
last-modified
Tue, 12 Oct 2021 22:46:29 GMT
server
CloudFront
x-frame-options
SAMEORIGIN
etag
"9168ae53632e9758319c6e73c0dad5a7"
strict-transport-security
max-age=2592000
content-type
application/javascript; charset=utf-8
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
r07u1F0PgGTzZPtxdgqOzp3Kq4kS4XS74hfAPZbb5dWFid93Zheu6w==
MG2Widget-newsletterwidget-nojquery.min.js
prodmg2.blob.core.windows.net/newsletterwidget/mng/dfm/
110 KB
111 KB
Script
General
Full URL
https://prodmg2.blob.core.windows.net/newsletterwidget/mng/dfm/MG2Widget-newsletterwidget-nojquery.min.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.82.152.48 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2ecf69d9fb8539e9f6d4e044f126b8fd00e83ff6c8444bc8fda1e11403e50ba7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 17 Oct 2021 00:45:35 GMT
Last-Modified
Thu, 12 Apr 2018 08:56:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
B+XdhqRpOdmGctTBzubJpg==
ETag
0x8D5A053538677F7
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
327ca4e5-a01e-0085-19f0-c271aa000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
112680
gpt.js
www.googletagservices.com/tag/js/
80 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12d2ce86f5cd6dc7d35e5e7890e76fc13e81f0e59e8210a504cf3103e37a75b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1017 / 43 of 1000 / last-modified: 1634411020"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 17 Oct 2021 00:45:36 GMT
par_main.svg
preprod.paradisepost.com/wp-content/uploads/2018/05/
7 KB
3 KB
Image
General
Full URL
https://preprod.paradisepost.com/wp-content/uploads/2018/05/par_main.svg
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
31dd1a76f5ec8720d05064e40c40498a3b72c9973c476702b74fe2acf6840ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2018/05/par_main.svg
pragma
no-cache
cookie
bc_tstgrp=8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
content-encoding
gzip
x-rq
hhn2 109 88 443
last-modified
Thu, 24 May 2018 19:13:37 GMT
server
nginx
etag
W/"bce5e4308d4febd2"
vary
Accept-Encoding
x-cache
MISS
content-type
image/svg+xml
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
expires
Mon, 17 Oct 2022 00:45:36 GMT
measuredvibrant.css
preprod.paradisepost.com/wp-content/themes/assets/static/css/
385 KB
59 KB
Stylesheet
General
Full URL
https://preprod.paradisepost.com/wp-content/themes/assets/static/css/measuredvibrant.css?ver=1634329552
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1fc10431c6bbccf58430aba6bfd24a8484f0c0580987bb53b15c72568f394026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/assets/static/css/measuredvibrant.css?ver=1634329552
pragma
no-cache
cookie
bc_tstgrp=8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Fri, 15 Oct 2021 20:32:17 GMT
server
nginx
age
0
etag
W/"6169e551-602f1"
vary
Accept-Encoding
x-cache
miss
content-type
text/css
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
expires
Mon, 17 Oct 2022 00:45:37 GMT
wp-emoji-release.min.js
preprod.paradisepost.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://preprod.paradisepost.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma
no-cache
cookie
bc_tstgrp=8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Tue, 21 Sep 2021 19:12:52 GMT
server
nginx
age
0
etag
W/"614a2eb4-4705"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
expires
Mon, 17 Oct 2022 00:45:37 GMT
Readers-Choice-300x450-1.jpg
preprod.paradisepost.com/wp-content/uploads/2021/05/
15 KB
15 KB
Image
General
Full URL
https://preprod.paradisepost.com/wp-content/uploads/2021/05/Readers-Choice-300x450-1.jpg
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8f342b6962a296598bdb6dff5ac68e5e16ad78e67a75598ab5e73c7b26787fa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2021/05/Readers-Choice-300x450-1.jpg
pragma
no-cache
cookie
bc_tstgrp=8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
x-rq
hhn2 109 195 443
last-modified
Sun, 17 Oct 2021 00:45:36 GMT
server
nginx
etag
"e83178c82eee28cd"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
15430
expires
Mon, 17 Oct 2022 00:45:36 GMT
/
preprod.paradisepost.com/_static/
18 KB
8 KB
Script
General
Full URL
https://preprod.paradisepost.com/_static/??/wp-content/plugins/photonfill/vendor/picturefill.min.js,/wp-content/plugins/photonfill/vendor/lazysizes.min.js?m=1633989261j
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??/wp-content/plugins/photonfill/vendor/picturefill.min.js,/wp-content/plugins/photonfill/vendor/lazysizes.min.js?m=1633989261j
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Mon, 11 Oct 2021 21:54:21 GMT
server
nginx
age
0
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
ads.js
preprod.paradisepost.com/wp-content/themes/wp-mason/static/js/
87 B
157 B
Script
General
Full URL
https://preprod.paradisepost.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
x-rq
hhn2 0 2 9980
last-modified
Mon, 11 Oct 2021 21:54:21 GMT
server
nginx
age
0
etag
"6164b28d-57"
strict-transport-security
max-age=31536000;includeSubdomains
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
87
expires
Mon, 17 Oct 2022 00:45:36 GMT
/
preprod.paradisepost.com/_static/
98 KB
28 KB
Script
General
Full URL
https://preprod.paradisepost.com/_static/??-eJyVyzsOwjAMANALQSwIAnVAnMUNhib4U9VuEbeHgYEJwfqkB/dxXUyDNCAGEnJAdwoHD4xaoDkUEzFNZZj1lqRqar6CH95o/LhUZv8nCaHPE52X2k+o8aW+RNBNP/KVrUd+n5McN/u8y9uuy4f2BGk6VoE=
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
019d93029092672a998d97fd51244352bec003e6bdfcb95b0e20f370219c42fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??-eJyVyzsOwjAMANALQSwIAnVAnMUNhib4U9VuEbeHgYEJwfqkB/dxXUyDNCAGEnJAdwoHD4xaoDkUEzFNZZj1lqRqar6CH95o/LhUZv8nCaHPE52X2k+o8aW+RNBNP/KVrUd+n5McN/u8y9uuy4f2BGk6VoE=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Fri, 15 Oct 2021 20:32:17 GMT
server
nginx
age
0
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
load.js
s.ntv.io/serve/
387 KB
113 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 00:45:36 GMT
Content-Encoding
gzip
x-amz-request-id
895P7GZMS448PBGC
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
E1f3G4zwvNTivmbsjwi9gTDTblbRbtJyRdbl9CMpQza/SzA88yTu1Zx0HeDBqc0Pyxav9taZuIY=
Last-Modified
Fri, 08 Oct 2021 20:59:32 GMT
Server
AmazonS3
ETag
"5cac4cabadee93ec669a5ded971f5756"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
logo-img-attr.min.js
preprod.paradisepost.com/wp-content/themes/wp-mason/static/js/
231 B
278 B
Script
General
Full URL
https://preprod.paradisepost.com/wp-content/themes/wp-mason/static/js/logo-img-attr.min.js?m=1633989261g
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
86a0f9c085e8925e51fd2a08c5efd311bc7003794b1f6ee3a9785010669d6d82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/wp-mason/static/js/logo-img-attr.min.js?m=1633989261g
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
x-rq
hhn2 0 2 9980
last-modified
Mon, 11 Oct 2021 21:54:21 GMT
server
nginx
age
0
etag
"6164b28d-e7"
strict-transport-security
max-age=31536000;includeSubdomains
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
231
expires
Mon, 17 Oct 2022 00:45:36 GMT
embed.js
c.go-fet.ch/a/
178 KB
39 KB
Script
General
Full URL
https://c.go-fet.ch/a/embed.js?ver=1.0.0
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5400:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
634a38acec1e223e783b84a88c223c67d4b23626073a33f638502c61c0c493d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:42:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 18:49:49 GMT
server
AmazonS3
age
202
etag
W/"33d1be08da38f0f175e5ca0f5f911524"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
cache-control
public,max-age=900
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
56Idund8V4_rKRaB6hHRxraqz6n5Q7RnMc94fts0IH046ptnz1GU9A==
wp-embed.min.js
preprod.paradisepost.com/wp-includes/js/
1 KB
890 B
Script
General
Full URL
https://preprod.paradisepost.com/wp-includes/js/wp-embed.min.js?m=1632251572g
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-includes/js/wp-embed.min.js?m=1632251572g
pragma
no-cache
cookie
bc_tstgrp=8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Tue, 21 Sep 2021 19:12:52 GMT
server
nginx
age
0
etag
W/"614a2eb4-592"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
expires
Mon, 17 Oct 2022 00:45:37 GMT
p.js
cdn.parsely.com/keys/paradisepost.com/
50 KB
19 KB
Script
General
Full URL
https://cdn.parsely.com/keys/paradisepost.com/p.js?ver=2.5.0
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-85-39.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
f77daa75225957c677b7a48139058e4ea5af68efbc4a56b8a6b0ab7f339145eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Sun, 17 Oct 2021 00:45:36 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 18:41:07 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
etag
W/"610adf43-c8b0"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-id
1wbNPHlGhkxOEd6n0Ax9EW3BorYtqej-YJ0DU5qhUBTpEbQJ69-Itw==
expires
Sun, 17 Oct 2021 15:35:45 GMT
e-202141.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202141.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sun, 17 Oct 2021 00:45:36 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 02 Oct 2022 21:30:24 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:36 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
466
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
41352e27-a01e-0097-41ef-c2be78000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sun, 17 Oct 2021 01:15:36 GMT
polyfill.min.js
polyfill.io/v3/
101 B
596 B
Script
General
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
278092
detected-user-agent
Chrome/93.0.4577
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=105, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Tue, 12 Oct 2021 23:26:41 GMT
date
Sun, 17 Oct 2021 00:45:36 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/93.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
803
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/
0
0

gtm.js
www.googletagmanager.com/
399 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c05ee269d29e95fd10efc8d29a3660c0ee2a7b644e185cee0bdb6cd78ad7385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83025
x-xss-protection
0
last-modified
Sun, 17 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 Oct 2021 00:45:36 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/
88 KB
89 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin
https://preprod.paradisepost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3229261
x-jsd-version
1.5.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
90528
x-served-by
cache-fra19161-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
69f58151ba68c272-FRA
truncated
/
9 KB
9 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Referer
Origin
https://preprod.paradisepost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
font/truetype
3d7d96ab-4fcb-4978-8325-f6657ba19179
https://preprod.paradisepost.com/
390 B
0
Other
General
Full URL
blob:https://preprod.paradisepost.com/3d7d96ab-4fcb-4978-8325-f6657ba19179
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
pushly-sdk.min.css
cdn.p-n.io/
26 KB
2 KB
Stylesheet
General
Full URL
https://cdn.p-n.io/pushly-sdk.min.css?domain_key=ErGrtFW8v2dIdqdB4gn02Ilgep94GVHOHkKk
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=ErGrtFW8v2dIdqdB4gn02Ilgep94GVHOHkKk&ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-43.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 13:13:20 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 15:59:32 GMT
server
AmazonS3
age
41537
etag
W/"f78fe2b0b79df0619d393cfc42450ddf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
nvgG4v1wiMQQFYVdoHqII-tyP3lmvyTh9SFNeT8-tg7SCehvHMBIuQ==
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/
361 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124532
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 17 Oct 2021 00:45:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
163 B
769 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=preprod.paradisepost.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
7df73cf4d30be9073bc7f8fb9875f1ef0f12260adda9668e25d77f59ca751c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
0
expires
Sun, 17 Oct 2021 00:45:37 GMT
loader-config.json
loader-cdn.azureedge.net/stage/dfm/
944 B
836 B
XHR
General
Full URL
https://loader-cdn.azureedge.net/stage/dfm/loader-config.json?_=1634431535982
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e474ff8ea2186086ba7f45476ef507d5a6d6021ee9c478b40dfea9c74a9a639

Request headers

Accept
*/*
Referer
https://preprod.paradisepost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
content-md5
vtc+NMLzrnyN6ICZWossZA==
x-cache
HIT
content-length
444
x-ms-lease-status
unlocked
last-modified
Thu, 25 Feb 2021 12:37:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8D98A142855EF
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2e25dc44-001e-006d-52f0-c28c51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
common.chunk.min.js
preprod.paradisepost.com/wp-content/themes/assets/static/js/
42 KB
10 KB
Script
General
Full URL
https://preprod.paradisepost.com/wp-content/themes/assets/static/js/common.chunk.min.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/_static/??-eJyVyzsOwjAMANALQSwIAnVAnMUNhib4U9VuEbeHgYEJwfqkB/dxXUyDNCAGEnJAdwoHD4xaoDkUEzFNZZj1lqRqar6CH95o/LhUZv8nCaHPE52X2k+o8aW+RNBNP/KVrUd+n5McN/u8y9uuy4f2BGk6VoE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/assets/static/js/common.chunk.min.js
pragma
no-cache
cookie
bc_tstgrp=8; _pnvl=false; pushly.user_puuid=lNwRiOFazRYwERvAb6MBcvgy3Qw17Usk; _pndnt=; _pnss=none; ai_user=VbBzr|2021-10-17T00:45:36.993Z
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Fri, 15 Oct 2021 20:32:17 GMT
server
nginx
age
0
etag
W/"6169e551-a62f"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
expires
Mon, 17 Oct 2022 00:45:37 GMT
common-async.chunk.min.js
preprod.paradisepost.com/wp-content/themes/assets/static/js/
56 KB
8 KB
Script
General
Full URL
https://preprod.paradisepost.com/wp-content/themes/assets/static/js/common-async.chunk.min.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/_static/??-eJyVyzsOwjAMANALQSwIAnVAnMUNhib4U9VuEbeHgYEJwfqkB/dxXUyDNCAGEnJAdwoHD4xaoDkUEzFNZZj1lqRqar6CH95o/LhUZv8nCaHPE52X2k+o8aW+RNBNP/KVrUd+n5McN/u8y9uuy4f2BGk6VoE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/assets/static/js/common-async.chunk.min.js
pragma
no-cache
cookie
bc_tstgrp=8; _pnvl=false; pushly.user_puuid=lNwRiOFazRYwERvAb6MBcvgy3Qw17Usk; _pndnt=; _pnss=none; ai_user=VbBzr|2021-10-17T00:45:36.993Z
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Fri, 15 Oct 2021 20:32:17 GMT
server
nginx
age
0
etag
W/"6169e551-e145"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
expires
Mon, 17 Oct 2022 00:45:37 GMT
measuredvibrant-async.chunk.min.js
preprod.paradisepost.com/wp-content/themes/assets/static/js/
3 KB
1 KB
Script
General
Full URL
https://preprod.paradisepost.com/wp-content/themes/assets/static/js/measuredvibrant-async.chunk.min.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/_static/??-eJyVyzsOwjAMANALQSwIAnVAnMUNhib4U9VuEbeHgYEJwfqkB/dxXUyDNCAGEnJAdwoHD4xaoDkUEzFNZZj1lqRqar6CH95o/LhUZv8nCaHPE52X2k+o8aW+RNBNP/KVrUd+n5McN/u8y9uuy4f2BGk6VoE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d97acd5a71c23ea92d5a2f220e770b523e5ad7bc119f95f581126f9d43be747c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/assets/static/js/measuredvibrant-async.chunk.min.js
pragma
no-cache
cookie
bc_tstgrp=8; _pnvl=false; pushly.user_puuid=lNwRiOFazRYwERvAb6MBcvgy3Qw17Usk; _pndnt=; _pnss=none; ai_user=VbBzr|2021-10-17T00:45:36.993Z
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
x-rq
hhn2 0 2 9980
last-modified
Fri, 15 Oct 2021 20:32:17 GMT
server
nginx
age
0
etag
W/"6169e551-ac2"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
expires
Mon, 17 Oct 2022 00:45:37 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
2671
date
Sun, 17 Oct 2021 00:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 17 Oct 2021 02:01:06 GMT
quant.js
secure.quantserve.com/
24 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
etag
"XUylRaJiJNdi08iU32oNYQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sun, 24 Oct 2021 00:45:37 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
dzeBk1qurNoJx7RXnzfwdP2bG4Y3zJwSAgzKGaGwUV3KwW9MzdJJhs8IaCmDyAYqQdAhP0QQyK/gTHLyfMg8GA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sun, 17 Oct 2021 00:45:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1634431537093&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1634431537093&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2...
64 B
328 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1634431537093&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&c7=https%3A%2F%2Fpreprod.paradisepost.com%2F&c9=
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
lE2f5LOS7-g_TVednfjZzYH6NsLowRhelZfSiwtYTJQa24Nhret7Kw==

Redirect headers

date
Sun, 17 Oct 2021 00:45:37 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1634431537093&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&c7=https%3A%2F%2Fpreprod.paradisepost.com%2F&c9=
content-length
363
x-amz-cf-id
cTnXH4JkyECHxbeikPOxlYtG49EYwPm5tMxDgTnp2flrMCDHheqzSA==
event-stream
k.p-n.io/
0
126 B
Fetch
General
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=ErGrtFW8v2dIdqdB4gn02Ilgep94GVHOHkKk&ver=5.8.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.152.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-152-40.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://preprod.paradisepost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 17 Oct 2021 00:45:37 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
REACTION-01.jpg
preprod.paradisepost.com/wp-content/uploads/2021/10/
58 KB
58 KB
Image
General
Full URL
https://preprod.paradisepost.com/wp-content/uploads/2021/10/REACTION-01.jpg?w=467
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3f08587be8bd7d9d3a1b5da495dfc1d8651e6285f795b48bb1cfdca7c6f6a078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2021/10/REACTION-01.jpg?w=467
pragma
no-cache
cookie
bc_tstgrp=8; _pnvl=false; pushly.user_puuid=lNwRiOFazRYwERvAb6MBcvgy3Qw17Usk; _pndnt=; _pnss=none; ai_user=VbBzr|2021-10-17T00:45:36.993Z; _pnlspid=12530
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
x-rq
hhn2 109 27 443
last-modified
Sun, 17 Oct 2021 00:45:37 GMT
server
nginx
etag
"81e3c14b08842f57"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
59562
expires
Mon, 17 Oct 2022 00:45:37 GMT
SJM-L-EDD-x-02.jpg
preprod.paradisepost.com/wp-content/uploads/2021/10/
26 KB
26 KB
Image
General
Full URL
https://preprod.paradisepost.com/wp-content/uploads/2021/10/SJM-L-EDD-x-02.jpg?w=380
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a70f9cef98c0c060175eb47ab142e5e36d2166cc321475cc8e60f4e1475881fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2021/10/SJM-L-EDD-x-02.jpg?w=380
pragma
no-cache
cookie
bc_tstgrp=8; _pnvl=false; pushly.user_puuid=lNwRiOFazRYwERvAb6MBcvgy3Qw17Usk; _pndnt=; _pnss=none; ai_user=VbBzr|2021-10-17T00:45:36.993Z; _pnlspid=12530
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
x-rq
hhn2 109 196 443
last-modified
Sun, 17 Oct 2021 00:45:37 GMT
server
nginx
etag
"d49e26184746d554"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
26958
expires
Mon, 17 Oct 2022 00:45:37 GMT
Girl-studying-AmerEd-1200x750-1.jpeg
preprod.paradisepost.com/wp-content/uploads/2021/10/
12 KB
12 KB
Image
General
Full URL
https://preprod.paradisepost.com/wp-content/uploads/2021/10/Girl-studying-AmerEd-1200x750-1.jpeg?w=344
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
60931e2a8a1eb0167a33a94ca5b551c19849b0437442674f408b5f8900b9ffa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2021/10/Girl-studying-AmerEd-1200x750-1.jpeg?w=344
pragma
no-cache
cookie
bc_tstgrp=8; _pnvl=false; pushly.user_puuid=lNwRiOFazRYwERvAb6MBcvgy3Qw17Usk; _pndnt=; _pnss=none; ai_user=VbBzr|2021-10-17T00:45:36.993Z; _pnlspid=12530
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
x-rq
hhn2 109 140 443
last-modified
Sun, 17 Oct 2021 00:45:37 GMT
server
nginx
etag
"180a421a79e06818"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
12348
expires
Mon, 17 Oct 2022 00:45:37 GMT
SJM-L-PENNROOTS-0521-7-1.jpg
preprod.paradisepost.com/wp-content/uploads/2021/10/
30 KB
31 KB
Image
General
Full URL
https://preprod.paradisepost.com/wp-content/uploads/2021/10/SJM-L-PENNROOTS-0521-7-1.jpg?w=286
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6e3973f3f805c40c3cc83c433d42b7cfd86d7f22f7bd2ecd06f34a57f2b3da51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2021/10/SJM-L-PENNROOTS-0521-7-1.jpg?w=286
pragma
no-cache
cookie
bc_tstgrp=8; _pnvl=false; pushly.user_puuid=lNwRiOFazRYwERvAb6MBcvgy3Qw17Usk; _pndnt=; _pnss=none; ai_user=VbBzr|2021-10-17T00:45:36.993Z; _pnlspid=12530
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
x-rq
hhn2 109 28 443
last-modified
Sun, 17 Oct 2021 00:45:37 GMT
server
nginx
etag
"15750213ba459815"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
31166
expires
Mon, 17 Oct 2022 00:45:37 GMT
101321_Redistricting-LA_Little-Saigon_DM_CM_-01-1-1200x793-1.jpeg
preprod.paradisepost.com/wp-content/uploads/2021/10/
21 KB
22 KB
Image
General
Full URL
https://preprod.paradisepost.com/wp-content/uploads/2021/10/101321_Redistricting-LA_Little-Saigon_DM_CM_-01-1-1200x793-1.jpeg?w=325
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4288 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
04b1c2b571226dfdd7a950b078299e1a7f02b425beb77a61926d47d8dc20c5e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2021/10/101321_Redistricting-LA_Little-Saigon_DM_CM_-01-1-1200x793-1.jpeg?w=325
pragma
no-cache
cookie
bc_tstgrp=8; _pnvl=false; pushly.user_puuid=lNwRiOFazRYwERvAb6MBcvgy3Qw17Usk; _pndnt=; _pnss=none; ai_user=VbBzr|2021-10-17T00:45:36.993Z; _pnlspid=12530
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
preprod.paradisepost.com
referer
https://preprod.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
x-rq
hhn2 109 140 443
last-modified
Sun, 17 Oct 2021 00:45:37 GMT
server
nginx
etag
"08476c0526789a67"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
22002
expires
Mon, 17 Oct 2022 00:45:37 GMT
t
jadserve.postrelease.com/
115 B
538 B
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fpreprod.paradisepost.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.233.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-233-80.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
122
expires
Mon, 1 Jan 1990 12:00:00 GMT
gtm.js
www.googletagmanager.com/
104 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KM8CCP2
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4def6c5223977c10d98e87722510babaa537bca9a421f97cc46194a062569ee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37262
x-xss-protection
0
last-modified
Sun, 17 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 Oct 2021 00:45:37 GMT
preprod.paradisepost.com.json
c.go-fet.ch/hosts/
3 B
436 B
Fetch
General
Full URL
https://c.go-fet.ch/hosts/preprod.paradisepost.com.json
Requested by
Host: c.go-fet.ch
URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5400:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:38 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified
Tue, 30 Oct 2018 18:22:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Error from cloudfront
content-length
3
x-amz-cf-id
FaHNSyJxpozFmXV7sdlX1VtO8x0d-TOduq1NSr9WJR_qoBD2omq39w==
36451134aae62f94c914fc6f9363406d.json
c.go-fet.ch/j/
22 KB
4 KB
Fetch
General
Full URL
https://c.go-fet.ch/j/36451134aae62f94c914fc6f9363406d.json
Requested by
Host: c.go-fet.ch
URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5400:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
181fc396e924aa7674aae68f97e36c31ab2a426ab892008a3a6319f5c2332c07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:38 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-length
3957
access-control-allow-origin
*
last-modified
Fri, 15 Oct 2021 12:52:06 GMT
server
AmazonS3
etag
"8b675fdb95c6719c82eec10aef657896"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-id
rCn7CXhnTFVCYNOf-439CIcdW9eom-N_8i2L7YUaTyi72wBzKWt0yA==
event-stream
k.p-n.io/
0
125 B
Fetch
General
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=ErGrtFW8v2dIdqdB4gn02Ilgep94GVHOHkKk&ver=5.8.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.152.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-152-40.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://preprod.paradisepost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 17 Oct 2021 00:45:37 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
/
p1.parsely.com/plogger/
43 B
257 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1634431537175&plid=8612340&idsite=paradisepost.com&url=https%3A%2F%2Fpreprod.paradisepost.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fpreprod.paradisepost.com%2F&sref=&sts=1634431537172&slts=0&title=Paradisepost.com+covers+local+news+in+Paradise%2C+California.+Keep+up+with+all+business%2C+wildfire+recovery%2C+local+sports%2C+outdoors%2C+local+columnists+and+more.&date=Sun+Oct+17+2021+00%3A45%3A37+GMT%2B0000+(GMT)&action=pageview&pvid=61909376&u=pid%3D2973d9721ab7dcfcd4cb67109693adc7
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 00:45:37 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 17-Oct-2021 00:45:37 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
g.gif
pixel.wp.com/
50 B
115 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.2&blog=143763985&post=0&tz=-7&srv=preprod.paradisepost.com&host=preprod.paradisepost.com&ref=&fcp=1242&rand=0.517600446690041
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/
14 B
702 B
Script
General
Full URL
https://medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221634431536855%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22language%5C%22%3A%5B%5C%22en%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1600%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1200%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22https%3A%2F%2Fpreprod.paradisepost.com%2F%5C%22%5D%2C%5C%22testgroup%5C%22%3A%5B8%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%5D%2C%5C%22testgroup_prelistener%5C%22%3A%5B%5C%22testgroup%5C%22%5D%7D%7D%22%2C%22id%22%3A%221634431536856%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22resolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%5D%7D%7D%22%2C%22id%22%3A%221634431536857%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221634431536858%22%7D%5D&referer=https%3A%2F%2Fpreprod.paradisepost.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-10-17T00%3A45%3A37%2B00%3A00&callback=bc_json804
Requested by
Host: u255.paradisepost.com
URL: https://u255.paradisepost.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.61.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-61-210.compute-1.amazonaws.com
Software
- /
Resource Hash
6f5cecb374947d038c2464ce61e288c860f62ca41d3a668aa8d551114c667555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
34
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
rules-p-4ctCQwtnNBNs2.js
rules.quantcount.com/
3 B
436 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-4ctCQwtnNBNs2.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:36:32 GMT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
age
688
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:57:14 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
_OfTKGOWwy62pencHC1SdkIMp9iUqdaGJaC7MkYTPIOMRc4icYRbYw==
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 17 Oct 2021 01:20:19 GMT
pixel;r=521320640;labels=NorthernCalifornia;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fpreprod.paradisepost.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1882999309-1634431537321;pbc=;ns=0;ce...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=521320640;labels=NorthernCalifornia;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fpreprod.paradisepost.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1882999309-1634431537321;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=paradisepost.com;je=0;sr=1600x1200x24;dst=0;et=1634431537321;tzo=0;ogl=type.website%2Ctitle.Paradise%20Post%2Cdescription.Paradise%20Post%3A%20Breaking%20News%252C%20Sports%252C%20Business%252C%20Entertainment%20and%20Paradise%20News%2Csite_name.Paradise%20Post%2Cimage.https%3A%2F%2Fpreprod%252Eparadisepost%252Ecom%2Fwp-content%2Fuploads%2F2018%2F05%2Fparadise-site-icon-1%2Cimage%3Awidth.512%2Cimage%3Aheight.512%2Clocale.en_US%2Curl.https%3A%2F%2Fpreprod%252Eparadisepost%252Ecom
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 00:45:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
www.google-analytics.com/j/
2 B
213 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2111825653&t=pageview&_s=1&dl=https%3A%2F%2Fpreprod.paradisepost.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=1607944801&gjid=401160560&cid=944900261.1634431537&tid=UA-61435456-39&_gid=1049486002.1634431537&_r=1&gtm=2wgad0TLFP4R&cd2=paradisepost.com&cd3=paradisepost.com&cd9=no&cd10=home&cd11=5.8.1&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fpreprod.paradisepost.com%2F&cd24=home&cd25=NORCAL&cd27=Home&cd28=https%3A%2F%2Fpreprod.paradisepost.com%2F&cd29=Home&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=NorthernCalifornia&cd34=true&cd35=Paradise%20Post%2C%20Paradise%20News%2C%20Paradise%20Sports%2C%20Camp%20Fire%20Recovery&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&cd51=&cd53=944900261.1634431537&z=1744904835
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://preprod.paradisepost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 00:45:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://preprod.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
68 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2111825653&t=pageview&_s=1&dl=https%3A%2F%2Fpreprod.paradisepost.com%2F&ul=en-us&de=UTF-8&dt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEAjBAAAAC~&jid=1394357041&gjid=1223371013&cid=944900261.1634431537&tid=UA-111452396-3&_gid=1049486002.1634431537&_r=1&gtm=2wgad0KM8CCP2&z=783701761
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://preprod.paradisepost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 00:45:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://preprod.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
66 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2111825653&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpreprod.paradisepost.com%2F&ul=en-us&de=UTF-8&dt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=DML&ea=Version&el=20210723-utm-content-18-gbf35411_prod_master&_u=aGDACEAjBAAAAC~&jid=1063599660&gjid=254653204&cid=944900261.1634431537&tid=UA-111452396-5&_gid=1049486002.1634431537&_r=1&gtm=2wgad0KM8CCP2&z=201713152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://preprod.paradisepost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 00:45:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://preprod.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
8idf2m851i.execute-api.us-east-1.amazonaws.com/prod/
0
0
Preflight
General
Full URL
https://8idf2m851i.execute-api.us-east-1.amazonaws.com/prod/v2
Protocol
H2
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type
Origin
https://preprod.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Sun, 17 Oct 2021 00:45:37 GMT
x-amzn-requestid
7b94c15c-3b14-466e-a873-08b2ca56e5e6
access-control-allow-origin
*
access-control-allow-headers
Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key
x-amz-apigw-id
HU7HyHesIAMFmag=
access-control-allow-methods
OPTIONS,PUT
x-cache
Miss from cloudfront
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
GgLHYqTAfzrzf43d2gpdLS3hFmQpk2cSg7qiO3lX12cJXc8GPzZYeQ==
v2
8idf2m851i.execute-api.us-east-1.amazonaws.com/prod/
257 B
625 B
Fetch
General
Full URL
https://8idf2m851i.execute-api.us-east-1.amazonaws.com/prod/v2
Requested by
Host: c.go-fet.ch
URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
/
Resource Hash
527026984d702c799d5dbc31e9735837c819e3589c62832adabb6f4adf6a2a8d

Request headers

Referer
https://preprod.paradisepost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 17 Oct 2021 00:45:37 GMT
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
b7baf3df-2a9a-4e7a-b759-f87621f21ab2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-616b7231-3c38f9166543220f45effeea;Sampled=0
x-amz-apigw-id
HU7H0GXTIAMF4Jw=
content-length
257
x-amz-cf-id
TWqiVFjLNWzMhRgNf5qy7VynW6LgFcJq195DWZcZJarOIxgDdGmmCw==
truncated
/
76 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ad85dbee2475b4132a556bdbc445a036c823b935f20e42d64b24f72a9c9061f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2111825653&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpreprod.paradisepost.com%2F&ul=en-us&de=UTF-8&dt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PageStack&ea=Loaded&el=36451134aae62f94c914fc6f9363406d&_u=aGDACEAjBAAAAC~&jid=&gjid=&cid=944900261.1634431537&tid=UA-111452396-3&_gid=1049486002.1634431537&gtm=2wgad0KM8CCP2&z=1426696288
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Oct 2021 05:01:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71059
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
469 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-61435456-39&cid=944900261.1634431537&jid=1607944801&gjid=401160560&_gid=1049486002.1634431537&_u=aGBAAEAiAAAAAC~&z=1388147508
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://preprod.paradisepost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 17 Oct 2021 00:45:37 GMT
content-type
text/plain
access-control-allow-origin
https://preprod.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
522 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-61435456-39&cid=944900261.1634431537&jid=1607944801&_u=aGBAAEAiAAAAAC~&z=420541112
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 00:45:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
522 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-61435456-39&cid=944900261.1634431537&jid=1607944801&_u=aGBAAEAiAAAAAC~&z=420541112
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 00:45:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp.min.js
fp-cdn.azureedge.net/stage/dfm/
59 KB
20 KB
Script
General
Full URL
https://fp-cdn.azureedge.net/stage/dfm/fp.min.js?
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
content-md5
I+TRQO5bVyRNfhz04pv14Q==
x-cache
HIT
content-length
19745
x-ms-lease-status
unlocked
last-modified
Thu, 24 Dec 2020 08:41:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8A7E7AE6131DF
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
468263fe-901e-0027-60f0-c2bc36000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2insights.min.js
g2insights-cdn.azureedge.net/stage/dfm/
1 MB
217 KB
Script
General
Full URL
https://g2insights-cdn.azureedge.net/stage/dfm/g2insights.min.js?
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4da58b1fcbe284f4f94171dcb4fd651322e401b8a699b56ef4d11f6812f9e249

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
content-md5
YQGESAx2I8U7JCeaitGYpg==
x-cache
HIT
content-length
221909
x-ms-lease-status
unlocked
last-modified
Thu, 24 Dec 2020 10:52:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8A7F9F749149A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
648b3963-901e-000e-5df0-c2ca74000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
559 KB
118 KB
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ad0299d7abb3a468c91a0c145f0498512a8a33e21264206db67ba7561d68f781

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:37 GMT
content-encoding
gzip
content-md5
J0hxmsX6uONNz/BBjuRN3Q==
x-cache
HIT
content-length
119958
x-ms-lease-status
unlocked
last-modified
Tue, 13 Apr 2021 13:06:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8FE7CF382EBEF
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e9a75ee5-301e-0065-0cf0-c29722000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
295 KB
28 KB
Stylesheet
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.css?
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:38 GMT
content-encoding
gzip
content-md5
qePO0yKWifmYWvQdlK/DtQ==
x-cache
HIT
content-length
28321
x-ms-lease-status
unlocked
last-modified
Tue, 13 Apr 2021 13:06:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8FE7CF37E7E17
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
814a6953-e01e-006c-0af0-c28dac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
NORCALNVPRODWP
stage-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/
0
0
Preflight
General
Full URL
https://stage-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/NORCALNVPRODWP
Protocol
HTTP/1.1
Server
23.99.206.151 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
https://preprod.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By
ASP.NET
Date
Sun, 17 Oct 2021 00:45:38 GMT
Content-Length
0
gtm.js
www.googletagmanager.com/
171 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/stage/dfm/g2insights.min.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b3929a61a630b2b9180935a15ad8443c61b6308adca3e11c0e3239de5f89a85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53535
x-xss-protection
0
last-modified
Sun, 17 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 Oct 2021 00:45:38 GMT
index.js
d1wa9546y9kg0n.cloudfront.net/
6 KB
7 KB
Script
General
Full URL
https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 11:05:25 GMT
Via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
Last-Modified
Tue, 23 Feb 2016 09:35:10 GMT
Server
AmazonS3
Age
49320
ETag
"cf67eb51479caf3b57c3577a08b6a038"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
6494
X-Amz-Cf-Id
njAfTxcz2pdul6TyeFYtHvB021pVv-D5XXdqBmSbeoGAT8pWVYbPVA==
NORCALNVPRODWP
stage-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/
160 KB
40 KB
Fetch
General
Full URL
https://stage-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/NORCALNVPRODWP
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.99.206.151 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
78e2ecc862304a13046b5c99cfc7d0599a72cd4f9c12f6c71cfe1e5368254e74

Request headers

source-system
Plugin
site-code
DFM
autoqa
false
Accept-Language
de-DE,de;q=0.9
settingskey
NORCAL,PP
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MzQ0NDU5Mzh9.hzKaT-z4yhnGJ2dq6jiUUqmSCBVMUuI6dh7Ma4hULgY
environment
stage
config-code
NORCALNVPRODWP
access-control-allow-origin
*
ssid
29c3517f8e44abcf1587e2141f4bf068
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json
content-type
application/json
location
undefined
attr
PP
Referer
https://preprod.paradisepost.com/
version
Version: 2.5.4.3_swg

Response headers

Pragma
no-cache
Date
Sun, 17 Oct 2021 00:45:38 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
40099
X-Server-Time
10/17/2021 12:45:39 AM
Request-Context
appId=cid-v1:c733c9c7-131b-4179-9e83-53c6830d9422
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/
631 B
1 KB
Image
General
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: preprod.paradisepost.com
URL: https://preprod.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.49.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 00:45:39 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
YMA7F2M1YGYF1X80
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
2rmWDIGAxrWIq7opF3maNKavLZ9MOLvNKuVKhHSuJcmKMOyAtNvBTNKMNOV0orafq1E/rFYpkQ4=
x-amz-meta-s3b-last-modified
20191015T134358Z
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035443/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
349 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:18:42 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1672
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
0
x-amz-cf-id
P_rhkZFebXRm_B1IEkpY6CmqTM2lDybddTGJb9TWBiauSlWjU6tC5A==

Redirect headers

date
Sun, 17 Oct 2021 00:45:38 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
NnIOo9swXlO-PtTycJtQNGNdVuyauLlgf7D3DIwJH2t_pZ0wkQ8G4Q==
track
dc.services.visualstudio.com/v2/
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://preprod.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Sun, 17 Oct 2021 00:45:38 GMT
content-length
0
track
dc.services.visualstudio.com/v2/
223 B
341 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
48bda55561457673a3bab54fd0d2e2caaef30b09d7715639932584fec82e701b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://preprod.paradisepost.com/
Accept-Language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
CD6B2B08-B573-4FC2-9EF5-2DBCADCEB50E
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 17 Oct 2021 00:45:38 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
223
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/
568 B
903 B
Fetch
General
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1634431539526
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d473ec950c660d013325cd535d077826e8a285fd28f0ab80c702cb655364d5bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 00:45:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 17 Oct 2021 00:45:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvY4AJmclPvaN5T84a9GgoOsc8D59y1sAmcvyJoogtyyMU3hW4bWOQJ6MlQFRret9J8e4C4%2FcBR5stOffg9qT3hKEKoi8dDgaAhQf%2FYXl%2Fsw3r2YHLg72QfVEHQNaGW3TBba"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69f581623d2096c2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vendors~Auth0UniversalLoginAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
143 KB
144 KB
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:39 GMT
last-modified
Tue, 13 Apr 2021 13:06:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
o/3Cfwyx2Hdo/xXi+KtqIw==
etag
0x8D8FE7CF3B860A8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eb52ba31-401e-008f-7ef0-c26823000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
content-length
146799
Auth0UniversalLoginAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
11 KB
12 KB
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/Auth0UniversalLoginAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:40 GMT
last-modified
Tue, 13 Apr 2021 13:06:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
E5fyjsIr92YKgvTS5SE4ZA==
etag
0x8D8FE7CF3383C88
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a00d507f-b01e-0091-2bf0-c2b2ce000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
content-length
11550
Auth0AuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
7 KB
7 KB
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/Auth0AuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:39 GMT
last-modified
Tue, 13 Apr 2021 13:06:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
jBig/iW/Mpw+sfYWVt9mLw==
etag
0x8D8FE7CF333F5C7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
18b4f029-401e-00c0-22f0-c2ac3b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
content-length
6850
CustomAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
6 KB
6 KB
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/CustomAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:39 GMT
last-modified
Tue, 13 Apr 2021 13:06:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
WtHQ46VooZh5jhibUEIm/g==
etag
0x8D8FE7CF356C859
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aebb7c93-501e-0117-59f0-c2a049000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
content-length
6463
JanrainAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
9 KB
9 KB
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/JanrainAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:40 GMT
last-modified
Tue, 13 Apr 2021 13:06:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
3loC7XOiphfHLLmAxSEZ5g==
etag
0x8D8FE7CF35B363B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76d037c6-f01e-0133-2ef0-c23907000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
content-length
8756
MG2AuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
9 KB
9 KB
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/MG2AuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:39 GMT
last-modified
Tue, 13 Apr 2021 13:06:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
53DSePPJylXjWw4MlYhYcA==
etag
0x8D8FE7CF36411F4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1e7c3925-701e-00a5-14f0-c21d66000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
content-length
9048
NewzwareAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
13 KB
13 KB
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/NewzwareAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:39 GMT
last-modified
Tue, 13 Apr 2021 13:06:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
XXTxgTgPuF9lg38Cul1d8Q==
etag
0x8D8FE7CF3687FD6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2fbbc1c1-801e-00d6-43f0-c26da5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
content-length
13173
LikeButtons4.js
cdn.ayc0zsm69431gfebd.xyz/stage/dfm/
114 B
215 B
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/LikeButtons4.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 17 Oct 2021 00:45:39 GMT
last-modified
Tue, 13 Apr 2021 13:06:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
0is0k5hNwCAMRJ10IGm41w==
etag
0x8D8FE7CF35FA417
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
16041de1-801e-0077-24f0-c2a33e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
content-length
114
views
stage-dfm-proxy-connext.azurewebsites.net/api/
65 B
1 KB
Fetch
General
Full URL
https://stage-dfm-proxy-connext.azurewebsites.net/api/views?UserId=d6fa3f7ea0c29b27118ec6409eaafb96&ConfigCode=NORCALNVPRODWP&SiteCode=DFM&SettingsKey=NORCAL%2CPP
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.99.206.151 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec

Request headers

source-system
Plugin
site-code
DFM
autoqa
false
Accept-Language
de-DE,de;q=0.9
settingskey
NORCAL,PP
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MzQ0NDU5Mzh9.hzKaT-z4yhnGJ2dq6jiUUqmSCBVMUuI6dh7Ma4hULgY
environment
stage
config-code
NORCALNVPRODWP
access-control-allow-origin
*
ssid
29c3517f8e44abcf1587e2141f4bf068
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json
content-type
application/json
location
System
attr
PP
Referer
https://preprod.paradisepost.com/
version
Version: 2.5.4.3_swg

Response headers

Pragma
no-cache
Date
Sun, 17 Oct 2021 00:45:40 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
177
X-Server-Time
10/17/2021 12:45:41 AM
Request-Context
appId=cid-v1:c733c9c7-131b-4179-9e83-53c6830d9422
views
stage-dfm-proxy-connext.azurewebsites.net/api/
0
0
Preflight
General
Full URL
https://stage-dfm-proxy-connext.azurewebsites.net/api/views?UserId=d6fa3f7ea0c29b27118ec6409eaafb96&ConfigCode=NORCALNVPRODWP&SiteCode=DFM&SettingsKey=NORCAL%2CPP
Protocol
HTTP/1.1
Server
23.99.206.151 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
https://preprod.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By
ASP.NET
Date
Sun, 17 Oct 2021 00:45:39 GMT
Content-Length
0
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/
631 B
1 KB
Image
General
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.49.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 00:45:42 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
B8V2H7C208J3VX5J
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
9WoLTJ7XHq/i237pgyn7cAbMJNFR/W26E7/joHBCjjqWwYyRQ0azvR/T1l9nZo4+wwEGP3EcTVc=
x-amz-meta-s3b-last-modified
20191015T134358Z
index.js
d1wa9546y9kg0n.cloudfront.net/
6 KB
7 KB
Script
General
Full URL
https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/stage/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 11:05:25 GMT
Via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
Last-Modified
Tue, 23 Feb 2016 09:35:10 GMT
Server
AmazonS3
Age
49323
ETag
"cf67eb51479caf3b57c3577a08b6a038"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
6494
X-Amz-Cf-Id
hIogZtWW560ihYkWbCA-unzM651YxQADjwLX7lpn1KFDxJDnX81SIA==
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://preprod.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
2675
date
Sun, 17 Oct 2021 00:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 17 Oct 2021 02:01:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
medianewsgroup.blueconic.net
URL
https://medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/803?referer=https%3A%2F%2Fpreprod.paradisepost.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-10-17T00%3A45%3A36%2B00%3A00&ts=1634431536855

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| scriptHelpers function| loadCSS object| _wpemojiSettings number| MNG_SSO_TOOLS_GLOBAL_START_TIME function| $ function| jQuery object| MG2 function| PluginInitOverride object| MG2Loader string| loaderVersion string| loaderBuild object| appInsights object| deferredResources object| adLayersDFP object| adLayersAdServer function| AdLayersDFPAPI function| AdLayersAPI number| _swclk_ number| _swsts_ object| PushlySDK object| dfm_pushly_options object| blueConicPreListeners function| BCClass object| blueConicClient undefined| __CSP_NONCE object| litHtmlVersions function| mngNewsletterVM function| koExtensions function| getRootUrl function| isTabletDevice function| isMobileDevice function| newsletterVM object| uiConfig object| cryptionService object| newsletterService object| userService object| constants function| isNotValid function| isModified function| notValidAndModified object| mg2Provider object| mg2WidgetAPI object| patterns string| scriptSrc string| serverUrl function| scrollParentToChildInnerId object| ko function| encrypt function| decrypt function| getUserProfileByEmail function| updateUserProfile function| initiateUserProfileUpdate object| CanadianProvinces object| States object| birthMonths object| birthYears object| birthDays object| genders object| ageRanges object| userRole object| newsletterFlow object| emailPrefTypeIds object| newsletterListMode object| newsletterViewStep function| isLogged function| getCustomerRegistrationId function| getContent function| setConfig function| init function| openNewsletter function| unsubscribeNewsletter function| changeProfile function| closeNewsletter function| addEventHandlers object| newsletterVMO object| dfpAdUnits object| googletag number| ranNum string| ranRPN function| DetectDevice string| dcatValue function| getParameterByName string| adTest object| dfpBuiltMappings object| dfpSizeMapping object| dfpAdLayer object| dfpAdDetails function| analyticsEvent function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| dataLayer object| AI object| Microsoft function| __extends function| _endsWith object| ggeac object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external function| closeMobileAdhesionAd object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes boolean| dfmCanRunAds object| webpackChunkknowlton function| Headroom function| Hammer object| google_tag_data string| GoogleAnalyticsObject function| ga string| comscoreID object| _qevents function| fbq function| _fbq undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus boolean| dml object| DML object| wp function| _typeof object| PARSELY object| _stq function| st_go function| linktracker_init object| wpcom object| twemoji function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| gaplugins object| gaGlobal object| gaData object| bc_json804 object| LoaderConfig string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| nxtBundle object| webpackJsonpnxtBundle function| setImmediate function| clearImmediate object| NxtInner object| Connext object| CnnXt object| MG2DL object| gPartners

26 Cookies

Domain/Path Name / Value
.paradisepost.com/ Name: bc_tstgrp
Value: 8
.paradisepost.com/ Name: _pnvl
Value: false
.paradisepost.com/ Name: pushly.user_puuid
Value: lNwRiOFazRYwERvAb6MBcvgy3Qw17Usk
.paradisepost.com/ Name: _pndnt
Value:
preprod.paradisepost.com/ Name: ai_user
Value: VbBzr|2021-10-17T00:45:36.993Z
.paradisepost.com/ Name: _pnlspid
Value: 12530
preprod.paradisepost.com/ Name: ntvSession
Value: {}
.scorecardresearch.com/ Name: UID
Value: 1CTNXH4JKYECHXBEIKPOXLg1634431537
.paradisepost.com/ Name: _pnss
Value: dismissed
.paradisepost.com/ Name: _pnpdm
Value: true
.paradisepost.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://preprod.paradisepost.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1634431537172%2C%22slts%22:0}
.paradisepost.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=2973d9721ab7dcfcd4cb67109693adc7%22%2C%22session_count%22:1%2C%22last_session_ts%22:1634431537172}
.paradisepost.com/ Name: _ga
Value: GA1.2.944900261.1634431537
.paradisepost.com/ Name: _gid
Value: GA1.2.1049486002.1634431537
medianewsgroup.blueconic.net/ Name: AWSALBCORS
Value: vG3GjCC+OeAUusHJDJnG+hsd3T9hS0Flk+QmNkv/JJ2M0rjXNItVoYYBlGliyqLwjjWtUgW7Iv/B/JBG1IZ5zE2cGLloHL+aDTNFmv/QpL8gqrEntUaAsyYjPgZr
.paradisepost.com/ Name: _gat_UA-61435456-39
Value: 1
.paradisepost.com/ Name: _gat_UA-111452396-3
Value: 1
.quantserve.com/ Name: mc
Value: 616b7231-52486-50fb3-31f52
.paradisepost.com/ Name: _gat_UA-111452396-5
Value: 1
.paradisepost.com/ Name: __qca
Value: P0-1882999309-1634431537321
.postrelease.com/ Name: opt_out
Value: 1
.paradisepost.com/ Name: anonDeviceId
Value: d6fa3f7ea0c29b27118ec6409eaafb96
preprod.paradisepost.com/ Name: ai_session
Value: 28f++|1634431538507.9|1634431538507.9
preprod.paradisepost.com/ Name: ABTestCookie
Value: A
.preprod.paradisepost.com/ Name: sub_nxt_upd_ac_DFM_NORCALNVPRODWP_STAGE
Value: 1
.preprod.paradisepost.com/ Name: sub_nxt_DFM_NORCALNVPRODWP_STAGE
Value: {%221%22:{%22104053%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:%222021-10-17T00:45:41.670Z%22}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:104053}}

2 Console Messages

Source Level URL
Text
javascript error URL: https://preprod.paradisepost.com/
Message:
Access to XMLHttpRequest at 'https://medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/803?referer=https%3A%2F%2Fpreprod.paradisepost.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-10-17T00%3A45%3A36%2B00%3A00&ts=1634431536855' from origin 'https://preprod.paradisepost.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/803?referer=https%3A%2F%2Fpreprod.paradisepost.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-10-17T00%3A45%3A36%2B00%3A00&ts=1634431536855
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8idf2m851i.execute-api.us-east-1.amazonaws.com
ajax.googleapis.com
api-mg2.db-ip.com
az416426.vo.msecnd.net
c.go-fet.ch
cdn.ayc0zsm69431gfebd.xyz
cdn.jsdelivr.net
cdn.p-n.io
cdn.parsely.com
cmp.osano.com
connect.facebook.net
d1wa9546y9kg0n.cloudfront.net
dc.services.visualstudio.com
fonts.googleapis.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
jadserve.postrelease.com
k.p-n.io
loader-cdn.azureedge.net
medianewsgroup.blueconic.net
p1.parsely.com
paywall-ad-bucket.s3.amazonaws.com
pixel.quantserve.com
pixel.wp.com
polyfill.io
preprod.paradisepost.com
prodmg2.blob.core.windows.net
rules.quantcount.com
s.ntv.io
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
stage-dfm-proxy-connext.azurewebsites.net
stats.g.doubleclick.net
stats.wp.com
u255.paradisepost.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
medianewsgroup.blueconic.net
13.224.193.104
13.224.193.43
13.224.194.49
13.225.85.39
13.225.87.43
13.225.87.89
13.82.152.48
142.250.185.98
172.67.75.166
192.0.76.3
2.18.234.163
23.99.206.151
2600:9000:20eb:6a00:6:44e3:f8c0:93a1
2600:9000:21f3:3c00:3:b7e:8940:93a1
2600:9000:21f3:5400:c:2267:880:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:5714
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::200a
2a00:1450:4001:810::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42::282
2a04:fa87:fffd::c000:4288
3.125.152.40
3.223.233.80
34.192.61.210
52.217.49.140
52.236.186.216
54.144.144.142
019d93029092672a998d97fd51244352bec003e6bdfcb95b0e20f370219c42fa
04b1c2b571226dfdd7a950b078299e1a7f02b425beb77a61926d47d8dc20c5e6
050e5f558c48fedda38a8cc74225e6ed6d6f17bdb24f4563a1c9f634bcf7bca3
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0e474ff8ea2186086ba7f45476ef507d5a6d6021ee9c478b40dfea9c74a9a639
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
12d2ce86f5cd6dc7d35e5e7890e76fc13e81f0e59e8210a504cf3103e37a75b1
181fc396e924aa7674aae68f97e36c31ab2a426ab892008a3a6319f5c2332c07
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
1ad85dbee2475b4132a556bdbc445a036c823b935f20e42d64b24f72a9c9061f
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad
1fc10431c6bbccf58430aba6bfd24a8484f0c0580987bb53b15c72568f394026
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
2ecf69d9fb8539e9f6d4e044f126b8fd00e83ff6c8444bc8fda1e11403e50ba7
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
31dd1a76f5ec8720d05064e40c40498a3b72c9973c476702b74fe2acf6840ce6
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
3aa29d6340c1d354b2594b02413c66ec2775832ca183a3787514b03215069157
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a
3f08587be8bd7d9d3a1b5da495dfc1d8651e6285f795b48bb1cfdca7c6f6a078
486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6
48bda55561457673a3bab54fd0d2e2caaef30b09d7715639932584fec82e701b
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287
4da58b1fcbe284f4f94171dcb4fd651322e401b8a699b56ef4d11f6812f9e249
4def6c5223977c10d98e87722510babaa537bca9a421f97cc46194a062569ee2
501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
527026984d702c799d5dbc31e9735837c819e3589c62832adabb6f4adf6a2a8d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60931e2a8a1eb0167a33a94ca5b551c19849b0437442674f408b5f8900b9ffa0
634a38acec1e223e783b84a88c223c67d4b23626073a33f638502c61c0c493d0
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
6509320dcd09554319727a15623abb6a78cc753c70d794f2bb1c64da931240c8
6b23c48e28ca7f1ff22f78f16796e6b4359e763b117c2649755f1a446ea69a01
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e3973f3f805c40c3cc83c433d42b7cfd86d7f22f7bd2ecd06f34a57f2b3da51
6f5cecb374947d038c2464ce61e288c860f62ca41d3a668aa8d551114c667555
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
78e2ecc862304a13046b5c99cfc7d0599a72cd4f9c12f6c71cfe1e5368254e74
7b3929a61a630b2b9180935a15ad8443c61b6308adca3e11c0e3239de5f89a85
7c05ee269d29e95fd10efc8d29a3660c0ee2a7b644e185cee0bdb6cd78ad7385
7df73cf4d30be9073bc7f8fb9875f1ef0f12260adda9668e25d77f59ca751c45
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a0f9c085e8925e51fd2a08c5efd311bc7003794b1f6ee3a9785010669d6d82
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
8f342b6962a296598bdb6dff5ac68e5e16ad78e67a75598ab5e73c7b26787fa5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3e2bc2d88612e3af91f1c3ce69551c29d85e90b1fd6271007105482346563ca
a70f9cef98c0c060175eb47ab142e5e36d2166cc321475cc8e60f4e1475881fa
ad0299d7abb3a468c91a0c145f0498512a8a33e21264206db67ba7561d68f781
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
bca63524136b90b4088fbca3a3f08ad3299c1173843ebbcbd96308f961f3e893
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb600a05ada3dddd79ae065ec8ecba56e8d3df8d8f97c14bf8e0fa7e14286c2d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d473ec950c660d013325cd535d077826e8a285fd28f0ab80c702cb655364d5bb
d97acd5a71c23ea92d5a2f220e770b523e5ad7bc119f95f581126f9d43be747c
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962
f77daa75225957c677b7a48139058e4ea5af68efbc4a56b8a6b0ab7f339145eb
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
feb0e7f17014201ea9124f23e3f63965411385abf0103fc682595d0674087a0c