urlscan.io logo urlscan.io
SecurityTrails logo

www.duboiscountyherald.com Open in urlscan Pro
192.104.183.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://duboiscountyherald.com/
Effective URL: https://www.duboiscountyherald.com/
Submission: On October 18 via api from IN — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 136 IPs in 9 countries across 98 domains to perform 438 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.duboiscountyherald.com.
TLS certificate: Issued by E6 on September 30th 2024. Valid for: 3 months.
This is the only time www.duboiscountyherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 192.104.183.109 10668 (LEE-ASN)
40 104.16.133.24 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 173.194.68.103 15169 (GOOGLE)
10 173.194.175.155 15169 (GOOGLE)
2 18.160.46.8 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
3 3.162.125.109 16509 (AMAZON-02)
2 37.19.207.34 60068 (CDN77 _)
4 13.32.208.81 16509 (AMAZON-02)
1 173.194.68.94 15169 (GOOGLE)
5 104.18.20.206 13335 (CLOUDFLAR...)
5 173.194.66.94 15169 (GOOGLE)
8 34.160.152.31 396982 (GOOGLE-CL...)
1 18.160.10.46 16509 (AMAZON-02)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 15169 (GOOGLE)
1 2600:9000:201... 16509 (AMAZON-02)
3 23.62.164.208 16625 (AKAMAI-AS)
4 151.101.193.44 54113 (FASTLY)
7 173.194.68.147 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
11 209.85.201.97 15169 (GOOGLE)
5 99.86.191.237 16509 (AMAZON-02)
11 54.85.87.71 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 209.85.232.94 15169 (GOOGLE)
4 34.111.152.239 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 18.233.80.206 14618 (AMAZON-AES)
1 173.194.175.157 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:100:a00b::4 19750 (AS-CRITEO)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 3.167.69.51 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
3 172.64.152.89 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 3 35.207.24.140 15169 (GOOGLE)
6 6 8.28.7.82 62713 (AS-PUBMATIC)
4 5 173.194.207.157 15169 (GOOGLE)
3 3 8.28.7.83 62713 (AS-PUBMATIC)
2 2 8.28.7.84 62713 (AS-PUBMATIC)
6 6 35.211.202.130 15169 (GOOGLE)
2 172.64.144.166 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
6 13.249.44.103 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
5 54.200.182.101 16509 (AMAZON-02)
1 34.120.111.33 396982 (GOOGLE-CL...)
2 6 35.244.193.51 15169 (GOOGLE)
2 2001:4998:60:... 14196 (YAHOO-CHA)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
20 33 162.19.138.117 16276 (OVH)
2 18.214.239.21 14618 (AMAZON-AES)
5 8 15.197.193.217 16509 (AMAZON-02)
2 2620:116:800b... 14618 (AMAZON-AES)
2 18.205.224.125 14618 (AMAZON-AES)
1 4 2620:100:a00b... 19750 (AS-CRITEO)
4 172.66.42.247 13335 (CLOUDFLAR...)
10 172.253.62.157 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.65.44 54113 (FASTLY)
1 184.73.16.88 14618 (AMAZON-AES)
1 34.36.214.49 396982 (GOOGLE-CL...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
8 34.107.140.113 396982 (GOOGLE-CL...)
2 3.226.121.246 14618 (AMAZON-AES)
2 52.5.79.122 14618 (AMAZON-AES)
1 3.167.112.81 16509 (AMAZON-02)
2 207.65.37.179 62713 (AS-PUBMATIC)
1 159.223.146.222 14061 (DIGITALOC...)
5 35.236.243.15 396982 (GOOGLE-CL...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2602:803:c002... 26667 (RUBICONPR...)
1 35.186.253.211 15169 (GOOGLE)
8 44.203.46.172 14618 (AMAZON-AES)
1 2620:100:a00b... 19750 (AS-CRITEO)
3 172.64.151.101 13335 (CLOUDFLAR...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.90.118.198 14618 (AMAZON-AES)
1 2600:9000:201... 16509 (AMAZON-02)
2 18.160.10.101 16509 (AMAZON-02)
3 3.167.98.152 16509 (AMAZON-02)
4 141.95.98.65 16276 (OVH)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.197.149 15169 (GOOGLE)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
2 104.94.117.85 16625 (AKAMAI-AS)
4 108.138.85.2 16509 (AMAZON-02)
7 8 68.67.181.211 29990 (ASN-APPNEX)
2 130.211.23.194 396982 (GOOGLE-CL...)
21 2606:4700:10:... 13335 (CLOUDFLAR...)
1 17 44.236.214.89 16509 (AMAZON-02)
3 3 69.173.151.100 26667 (RUBICONPR...)
4 4 34.111.113.62 396982 (GOOGLE-CL...)
3 3 2607:f350:3:2... 27630 (AS-XFERNET)
2 2 100.24.224.208 14618 (AMAZON-AES)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
1 172.66.41.9 13335 (CLOUDFLAR...)
1 23.50.124.22 16625 (AKAMAI-AS)
1 161.35.7.202 14061 (DIGITALOC...)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
1 54.172.235.250 14618 (AMAZON-AES)
1 23.50.125.215 16625 (AKAMAI-AS)
1 35.71.139.29 16509 (AMAZON-02)
3 3 50.57.31.206 19994 (RACKSPACE)
1 1 35.214.160.89 15169 (GOOGLE)
1 1 34.36.216.150 396982 (GOOGLE-CL...)
1 1 185.167.164.49 198622 (ADFORM)
1 1 8.28.7.81 62713 (AS-PUBMATIC)
1 2 52.45.226.91 14618 (AMAZON-AES)
1 3 98.82.156.107 14618 (AMAZON-AES)
2 173.194.207.139 15169 (GOOGLE)
1 35.163.144.222 16509 (AMAZON-02)
2 52.85.151.6 16509 (AMAZON-02)
7 199.232.215.52 54113 (FASTLY)
3 2600:9000:24f... 16509 (AMAZON-02)
1 2600:9000:201... 16509 (AMAZON-02)
3 35.88.158.247 16509 (AMAZON-02)
2 2600:9000:20a... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
9 209.85.201.138 15169 (GOOGLE)
1 1 155.204.117.12 15830 (EQUINIX)
1 1 74.214.194.131 19189 (PULSEPOINT)
1 1 2620:112:f008... 26120 (RHYTHMONE)
2 2 23.22.201.204 14618 (AMAZON-AES)
1 1 172.240.155.116 7979 (SERVERS-COM)
1 51.222.39.186 16276 (OVH)
1 69.194.240.13 26120 (RHYTHMONE)
1 2 216.22.16.41 30633 (LEASEWEB-...)
1 2 20.33.59.55 8069 (MICROSOFT...)
1 147.135.94.208 16276 (OVH)
1 69.173.154.9 26667 (RUBICONPR...)
2 69.194.240.11 26120 (RHYTHMONE)
2 3 63.251.28.210 13789 (INTERNAP-...)
1 15.204.46.116 16276 (OVH)
1 3.162.125.30 16509 (AMAZON-02)
1 54.84.92.154 14618 (AMAZON-AES)
2 54.244.44.101 16509 (AMAZON-02)
2 3.167.99.84 16509 (AMAZON-02)
2 74.119.117.17 19750 (AS-CRITEO)
1 3.211.28.204 14618 (AMAZON-AES)
1 1 2600:1f16:e61... 16509 (AMAZON-02)
1 1 216.22.16.69 30633 (LEASEWEB-...)
1 1 23.62.160.23 16625 (AKAMAI-AS)
1 1 165.227.251.217 14061 (DIGITALOC...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 3.167.37.16 16509 (AMAZON-02)
1 2800:3f0:4003... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 1 185.192.248.28 43380 (DTEL-IX-P...)
1 1 173.194.7.6 15169 (GOOGLE)
2 74.125.0.41 15169 (GOOGLE)
3 141.226.224.48 200478 (TABOOLA-AS)
1 13.249.39.58 16509 (AMAZON-02)
1 173.194.204.138 15169 (GOOGLE)
438 136
9    192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
duboiscountyherald.com
www.duboiscountyherald.com
40    104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.newyork1.vip.townnews.com
3    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    173.194.68.103 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f103.1e100.net
www.google.com
10    173.194.175.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f155.1e100.net
securepubads.g.doubleclick.net
2    18.160.46.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-8.iad55.r.cloudfront.net
cdn-gateflipp.flippback.com
6    2607:f8b0:400d:c03::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    3.162.125.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-109.iad61.r.cloudfront.net
embed.sendtonews.com
2    37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net
s3.tradingview.com
www.tradingview-widget.com
4    13.32.208.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-81.iad66.r.cloudfront.net
assets.revcontent.com
1    173.194.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f94.1e100.net
www.gstatic.com
5    104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
5    173.194.66.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f94.1e100.net
fonts.gstatic.com
8    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
1    18.160.10.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-46.iad12.r.cloudfront.net
p.flipp.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    2600:9000:201e:ac00:e:8add:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)
mp.mmvideocdn.com
3    23.62.164.208 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-164-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
7    173.194.68.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f147.1e100.net
www.google.com
2    2607:f8b0:400d:c09::71 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:400d:c03::64 (Morganton, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
11    209.85.201.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f97.1e100.net
www.googletagmanager.com
5    99.86.191.237 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-191-237.iad79.r.cloudfront.net
cdn.segment.com
11    54.85.87.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-87-71.compute-1.amazonaws.com
trends.revcontent.com
yeet.revcontent.com
2    2607:f8b0:400d:c07::71 (Morganton, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:400d:c0d::9c (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    209.85.232.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f94.1e100.net
www.google.ca
4    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
2    2606:4700:20::ac43:4728 (United States)

ASN13335 (CLOUDFLARENET, US)
events3.bqstreamer.com
5    18.233.80.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-80-206.compute-1.amazonaws.com
s2l.sendtonews.com
1    173.194.175.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f157.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:2199:b400:a:e047:754:afe1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    3.167.69.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-51.iad61.r.cloudfront.net
tags.crwdcntrl.net
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    2607:f8b0:400d:c01::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
6    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    173.194.207.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f157.1e100.net
cm.g.doubleclick.net
3    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
6    35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
2    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
2    2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
6    13.249.44.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-44-103.iad89.r.cloudfront.net
c.amazon-adsystem.com
2    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
5    54.200.182.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-182-101.us-west-2.compute.amazonaws.com
pb-rtd.ccgateway.net
pb-ing.ccgateway.net
1    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
6    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    2001:4998:60:807::2 (United States)

ASN14196 (YAHOO-CHA, US)
ups.analytics.yahoo.com
7    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
pixels.ad.gt
33    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
2    18.214.239.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-239-21.compute-1.amazonaws.com
idx.liadm.com
8    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
2    18.205.224.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-224-125.compute-1.amazonaws.com
playlist.stnvideo.com
4    2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
10    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
pagead2.googlesyndication.com
3    2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    184.73.16.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-16-88.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
2    2606:4700:4400::ac40:9296 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
8    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
2    3.226.121.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-121-246.compute-1.amazonaws.com
tlx.3lift.com
2    52.5.79.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-79-122.compute-1.amazonaws.com
ads.yieldmo.com
1    3.167.112.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-112-81.iad55.r.cloudfront.net
hb.yellowblue.io
2    207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    159.223.146.222 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebid.cootlogix.com
5    35.236.243.15 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.243.236.35.bc.googleusercontent.com
g2.gumgum.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
8    44.203.46.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-203-46-172.compute-1.amazonaws.com
btlr.sharethrough.com
1    2620:100:a00b::30 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
3    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    2600:1f18:730:b120:83b1:f93d:9846:6a42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.90.118.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-118-198.compute-1.amazonaws.com
rp4.liadm.com
1    2600:9000:201e:2e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    18.160.10.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-101.iad12.r.cloudfront.net
config.aps.amazon-adsystem.com
3    3.167.98.152 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-98-152.iad55.r.cloudfront.net
aax.amazon-adsystem.com
4    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.197.149 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f149.1e100.net
ad.doubleclick.net
5    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
2    104.94.117.85 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-117-85.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
4    108.138.85.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-2.iad12.r.cloudfront.net
images.revcontent.com
8    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
21    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
seg.ad.gt
proton.ad.gt
17    44.236.214.89 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-214-89.us-west-2.compute.amazonaws.com
ids.ad.gt
3    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    2607:f350:3:2569:0:10:0:200c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    100.24.224.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-224-208.compute-1.amazonaws.com
dpm.demdex.net
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
router.infolinks.com
1    23.50.124.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-124-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    161.35.7.202 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
freestar-d.openx.net
1    172.64.149.180 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    54.172.235.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-235-250.compute-1.amazonaws.com
ads.yieldmo.com
1    23.50.125.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-215.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    35.214.160.89 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 89.160.214.35.bc.googleusercontent.com
csync.loopme.me
1    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
1    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.45.226.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-226-91.compute-1.amazonaws.com
match.prod.bidr.io
3    98.82.156.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-107.compute-1.amazonaws.com
s.amazon-adsystem.com
2    173.194.207.139 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f139.1e100.net
www.google-analytics.com
1    35.163.144.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-144-222.us-west-2.compute.amazonaws.com
api.segment.io
2    52.85.151.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-6.iad89.r.cloudfront.net
mp.mmvideocdn.com
7    199.232.215.52 (United States)

ASN54113 (FASTLY, US)
cdnmedia.sendtonews.com
3    2600:9000:24f4:5200:1a:7b6f:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)
factor-service.prod.voltaxservices.io
1    2600:9000:201e:9000:e:8add:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)
mp.mmvideocdn.com
3    35.88.158.247 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-88-158-247.us-west-2.compute.amazonaws.com
pb-rtd-minutemedia.ccgateway.net
pb-ing-minutemedia.ccgateway.net
2    2600:9000:20aa:2200:7:d444:a240:93a1 (United States)

ASN16509 (AMAZON-02, US)
prediction.voltaxam.com
2    2607:f8b0:400d:c09::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
9    209.85.201.138 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f138.1e100.net
fundingchoicesmessages.google.com
1    155.204.117.12 (Ashburn, United States)

ASN15830 (EQUINIX, NL)
openrtb-us-east-1.axonix.com
1    74.214.194.131 (Amsterdam, Netherlands)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    2620:112:f008:200::101 (United States)

ASN26120 (RHYTHMONE, US)
d.turn.com
2    23.22.201.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-201-204.compute-1.amazonaws.com
ad.360yield.com
1    172.240.155.116 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
1    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
1    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    216.22.16.41 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
2    20.33.59.55 (Washington, United States)

ASN8069 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    147.135.94.208 (United States)

ASN16276 (OVH, FR)
PTR: ip208.ip-147-135-94.us
prg.smartadserver.com
1    69.173.154.9 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
3    63.251.28.210 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
1    15.204.46.116 (Hillsboro, United States)

ASN16276 (OVH, FR)
PTR: ns1022841.ip-15-204-46.us
pbs.nextmillmedia.com
1    3.162.125.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-30.iad61.r.cloudfront.net
hb.undertone.com
1    54.84.92.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-92-154.compute-1.amazonaws.com
report2.hb.brainlyads.com
2    54.244.44.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-44-101.us-west-2.compute.amazonaws.com
pb-ing-minutemedia.ccgateway.net
2    3.167.99.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-99-84.iad55.r.cloudfront.net
selector.voltaxam.com
2    74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    3.211.28.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-28-204.compute-1.amazonaws.com
cookies.nextmillmedia.com
1    2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a (Columbus, United States)

ASN16509 (AMAZON-02, US)
1f2e7.v.fwmrm.net
1    216.22.16.69 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-global.smartadserver.com
1    23.62.160.23 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    165.227.251.217 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
1    2607:f8b0:400d:c00::94 (Morganton, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    3.167.37.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-37-16.iad61.r.cloudfront.net
sb.scorecardresearch.com
1    2800:3f0:4003:c03::78 (Santiago, Chile)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2607:f8b0:400d:c07::64 (Morganton, United States)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    185.192.248.28 (Ukraine)

ASN43380 (DTEL-IX-PUBLIC-AS, UA)
r9---sn-quxapm-3c2s.gvt1.com
1    173.194.7.6 (United States)

ASN15169 (GOOGLE, US)
PTR: iad66s04-in-f6.1e100.net
r1---sn-p5qddn7z.gvt1.com
2    74.125.0.41 (United States)

ASN15169 (GOOGLE, US)
PTR: yyz10s23-in-f9.1e100.net
r4---sn-tt1e7nls.gvt1.com
3    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    13.249.39.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-58.iad89.r.cloudfront.net
check.analytics.rlcdn.com
1    173.194.204.138 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f138.1e100.net
analytics.google.com
Apex Domain
Subdomains		 Transfer
50 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1450
a.ad.gt — Cisco Umbrella Rank: 1552
p.ad.gt — Cisco Umbrella Rank: 1739
ids.ad.gt — Cisco Umbrella Rank: 1464
seg.ad.gt — Cisco Umbrella Rank: 1970
pixels.ad.gt — Cisco Umbrella Rank: 1626
proton.ad.gt — Cisco Umbrella Rank: 8121
103 KB
40 townnews.com
bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 18233
434 KB
35 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 994
id5-sync.com — Cisco Umbrella Rank: 522
94 KB
22 google.com
www.google.com — Cisco Umbrella Rank: 3
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
analytics.google.com — Cisco Umbrella Rank: 147
76 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
ad.doubleclick.net — Cisco Umbrella Rank: 150
273 KB
19 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 8939
trends.revcontent.com — Cisco Umbrella Rank: 2636
images.revcontent.com — Cisco Umbrella Rank: 10172
yeet.revcontent.com — Cisco Umbrella Rank: 9897
172 KB
17 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 557
image8.pubmatic.com — Cisco Umbrella Rank: 652
image2.pubmatic.com — Cisco Umbrella Rank: 867
image4.pubmatic.com — Cisco Umbrella Rank: 1296
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 480
image6.pubmatic.com — Cisco Umbrella Rank: 1076
74 KB
17 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
683 KB
15 googlesyndication.com
b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
120 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 12149
s2l.sendtonews.com — Cisco Umbrella Rank: 11920
cdnmedia.sendtonews.com — Cisco Umbrella Rank: 13244
2 MB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 345
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651
aax.amazon-adsystem.com — Cisco Umbrella Rank: 457
s.amazon-adsystem.com — Cisco Umbrella Rank: 352
92 KB
13 pub.network
a.pub.network — Cisco Umbrella Rank: 4334
d.pub.network — Cisco Umbrella Rank: 4827
c.pub.network — Cisco Umbrella Rank: 4413
337 KB
10 ccgateway.net
pb-rtd.ccgateway.net — Cisco Umbrella Rank: 6369
pb-ing.ccgateway.net — Cisco Umbrella Rank: 5543
pb-rtd-minutemedia.ccgateway.net — Cisco Umbrella Rank: 12801
pb-ing-minutemedia.ccgateway.net — Cisco Umbrella Rank: 11342
2 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
secure.adnxs.com — Cisco Umbrella Rank: 479
acdn.adnxs.com — Cisco Umbrella Rank: 613
8 KB
9 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1183
lexicon.33across.com — Cisco Umbrella Rank: 1340
14 KB
9 duboiscountyherald.com
duboiscountyherald.com
www.duboiscountyherald.com
200 KB
8 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 955
2 KB
8 t13.io
s2s.t13.io — Cisco Umbrella Rank: 2681
2 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 373
5 KB
8 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 862
trc.taboola.com — Cisco Umbrella Rank: 686
trc-events.taboola.com — Cisco Umbrella Rank: 2720
252 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
bidder.criteo.com — Cisco Umbrella Rank: 745
mug.criteo.com — Cisco Umbrella Rank: 3626
3 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
442 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
token.rubiconproject.com — Cisco Umbrella Rank: 486
eus.rubiconproject.com — Cisco Umbrella Rank: 600
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 873
9 KB
6 openx.net
pa.openx.net — Cisco Umbrella Rank: 3256
rtb.openx.net — Cisco Umbrella Rank: 556
u.openx.net — Cisco Umbrella Rank: 743
freestar-d.openx.net — Cisco Umbrella Rank: 7556
1 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 399
1 KB
5 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 3755
r9---sn-quxapm-3c2s.gvt1.com
r1---sn-p5qddn7z.gvt1.com — Cisco Umbrella Rank: 778579
r4---sn-tt1e7nls.gvt1.com
2 KB
5 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1420
8 KB
5 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6615
router.infolinks.com — Cisco Umbrella Rank: 2473
62 KB
5 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1794
40 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
imasdk.googleapis.com — Cisco Umbrella Rank: 501
148 KB
4 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1410
prg.smartadserver.com — Cisco Umbrella Rank: 1960
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1767
1 KB
4 voltaxam.com
prediction.voltaxam.com — Cisco Umbrella Rank: 12368
selector.voltaxam.com — Cisco Umbrella Rank: 16071
7 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 446
1 KB
4 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917
1 KB
4 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 1307
rp.liadm.com — Cisco Umbrella Rank: 925
rp4.liadm.com — Cisco Umbrella Rank: 5447
2 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 883
api.btloader.com — Cisco Umbrella Rank: 1013
20 KB
4 optimise.net
optimise.net — Cisco Umbrella Rank: 5282
18 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
23 KB
4 mmvideocdn.com
mp.mmvideocdn.com — Cisco Umbrella Rank: 10633
747 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 576
2 KB
3 voltaxservices.io
factor-service.prod.voltaxservices.io — Cisco Umbrella Rank: 11261
84 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1431
2 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 922
2 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 506
2 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 986
contextual.media.net — Cisco Umbrella Rank: 658
hbx.media.net — Cisco Umbrella Rank: 1077
2 KB
3 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 559
435 B
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 535
eb2.3lift.com — Cisco Umbrella Rank: 415
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 868
1 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1011
bcp.crwdcntrl.net — Cisco Umbrella Rank: 976
26 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
api.rlcdn.com Failed
check.analytics.rlcdn.com — Cisco Umbrella Rank: 2944
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 170
2 KB
2 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 2993
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2514
416 B
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 827
244 B
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1519
220 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 734
724 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 598
446 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
1 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1096
17 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 904
1 KB
2 cootlogix.com
prebid.cootlogix.com — Cisco Umbrella Rank: 5845
sync.cootlogix.com — Cisco Umbrella Rank: 2225
439 B
2 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 4689
508 B
2 stnvideo.com
playlist.stnvideo.com — Cisco Umbrella Rank: 16124
5 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1471
pixel.quantserve.com — Cisco Umbrella Rank: 1044
10 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 495
347 B
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1601
23 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1693
135 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
44 KB
2 bqstreamer.com
events3.bqstreamer.com — Cisco Umbrella Rank: 10549
677 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 12143
126 B
2 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 11304
60 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
17 KB
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 1978
310 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3207
604 B
1 brainlyads.com
report2.hb.brainlyads.com — Cisco Umbrella Rank: 5980
751 B
1 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3990
548 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
99 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
201 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1632
675 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1290
443 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 541
852 B
1 axonix.com
openrtb-us-east-1.axonix.com — Cisco Umbrella Rank: 5142
618 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1324
182 B
1 adform.net
c1.adform.net — Cisco Umbrella Rank: 604
609 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 661
384 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 857
239 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 668
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1501
1 KB
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 1567
635 B
1 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 6945
7 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 5953
659 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
898 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2648
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2261
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3694
4 KB
1 tradingview-widget.com
www.tradingview-widget.com — Cisco Umbrella Rank: 26216
1 pippio.com
pippio.com — Cisco Umbrella Rank: 751
569 B
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 11412
1 tradingview.com
s3.tradingview.com — Cisco Umbrella Rank: 17281
5 KB
438 98
Domain Requested by
40 bloximages.newyork1.vip.townnews.com www.duboiscountyherald.com
33 id5-sync.com 20 redirects a.pub.network
cdn.id5-sync.com
www.duboiscountyherald.com
mp.mmvideocdn.com
17 ids.ad.gt 1 redirects www.duboiscountyherald.com
17 www.googletagmanager.com www.duboiscountyherald.com
www.googletagmanager.com
p.ad.gt
11 p.ad.gt a.ad.gt
p.ad.gt
11 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
11 securepubads.g.doubleclick.net www.duboiscountyherald.com
securepubads.g.doubleclick.net
a.pub.network
pagead2.googlesyndication.com
imasdk.googleapis.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
www.duboiscountyherald.com
imasdk.googleapis.com
8 btlr.sharethrough.com a.pub.network
mp.mmvideocdn.com
8 s2s.t13.io a.pub.network
www.duboiscountyherald.com
8 match.adsrvr.org 5 redirects a.pub.network
www.duboiscountyherald.com
8 www.google.com www.duboiscountyherald.com
www.gstatic.com
securepubads.g.doubleclick.net
8 www.duboiscountyherald.com www.duboiscountyherald.com
7 cdnmedia.sendtonews.com www.duboiscountyherald.com
mp.mmvideocdn.com
7 seg.ad.gt p.ad.gt
7 c.pub.network a.pub.network
7 trends.revcontent.com assets.revcontent.com
www.duboiscountyherald.com
6 ib.adnxs.com 5 redirects mp.mmvideocdn.com
6 lexicon.33across.com 2 redirects www.duboiscountyherald.com
cdn-ima.33across.com
6 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
mp.mmvideocdn.com
6 x.bidswitch.net 6 redirects
6 image8.pubmatic.com 6 redirects
5 a.ad.gt cdn.hadronid.net
p.ad.gt
www.duboiscountyherald.com
5 g2.gumgum.com a.pub.network
5 id.hadron.ad.gt a.pub.network
cdn.hadronid.net
5 cm.g.doubleclick.net 4 redirects www.duboiscountyherald.com
5 s2l.sendtonews.com mp.mmvideocdn.com
5 cdn.segment.com www.duboiscountyherald.com
cdn.segment.com
5 fonts.gstatic.com fonts.googleapis.com
5 a.pub.network www.duboiscountyherald.com
a.pub.network
4 pb-ing-minutemedia.ccgateway.net mp.mmvideocdn.com
4 pixel.tapad.com 4 redirects
4 yeet.revcontent.com assets.revcontent.com
4 images.revcontent.com www.duboiscountyherald.com
4 lb.eu-1-id5-sync.com a.pub.network
cdn.id5-sync.com
mp.mmvideocdn.com
4 pb-ing.ccgateway.net a.pub.network
4 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
4 optimise.net a.pub.network
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 cdn.taboola.com bloximages.newyork1.vip.townnews.com
cdn.taboola.com
4 mp.mmvideocdn.com embed.sendtonews.com
mp.mmvideocdn.com
4 assets.revcontent.com www.duboiscountyherald.com
assets.revcontent.com
3 trc-events.taboola.com www.duboiscountyherald.com
3 ads.stickyadstv.com 2 redirects mp.mmvideocdn.com
3 proton.ad.gt p.ad.gt
3 factor-service.prod.voltaxservices.io mp.mmvideocdn.com
3 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 uipglob.semasio.net 3 redirects
3 router.infolinks.com resources.infolinks.com
3 sync.go.sonobi.com 3 redirects
3 token.rubiconproject.com 3 redirects
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 ads.yieldmo.com a.pub.network
mp.mmvideocdn.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
3 image2.pubmatic.com 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 cdn-ima.33across.com securepubads.g.doubleclick.net
www.duboiscountyherald.com
3 analytics.google.com www.googletagmanager.com
3 ads.pubmatic.com assets.revcontent.com
a.pub.network
3 embed.sendtonews.com www.duboiscountyherald.com
mp.mmvideocdn.com
3 fonts.googleapis.com www.duboiscountyherald.com
mp.mmvideocdn.com
2 r4---sn-tt1e7nls.gvt1.com www.duboiscountyherald.com
2 sb.scorecardresearch.com 1 redirects www.duboiscountyherald.com
2 mug.criteo.com www.duboiscountyherald.com
2 selector.voltaxam.com mp.mmvideocdn.com
2 targeting.unrulymedia.com mp.mmvideocdn.com
2 sync.inmobi.com 1 redirects a.pub.network
2 sync.smartadserver.com 1 redirects www.duboiscountyherald.com
2 ad.360yield.com 2 redirects
2 imasdk.googleapis.com mp.mmvideocdn.com
imasdk.googleapis.com
2 prediction.voltaxam.com mp.mmvideocdn.com
2 pixels.ad.gt p.ad.gt
2 match.prod.bidr.io 1 redirects www.duboiscountyherald.com
2 freestar-d.openx.net 1 redirects a.pub.network
2 u.openx.net 2 redirects
2 dpm.demdex.net 2 redirects
2 secure.adnxs.com 2 redirects
2 api.btloader.com freestar-io.videoplayerhub.com
2 secure.cdn.fastclick.net www.duboiscountyherald.com
2 ad-delivery.net www.duboiscountyherald.com
2 config.aps.amazon-adsystem.com c.amazon-adsystem.com
2 htlb.casalemedia.com a.pub.network
mp.mmvideocdn.com
2 hbopenbid.pubmatic.com a.pub.network
mp.mmvideocdn.com
2 tlx.3lift.com a.pub.network
mp.mmvideocdn.com
2 ex.ingage.tech a.pub.network
2 resources.infolinks.com www.duboiscountyherald.com
2 playlist.stnvideo.com mp.mmvideocdn.com
2 idx.liadm.com a.pub.network
2 ups.analytics.yahoo.com a.pub.network
www.duboiscountyherald.com
2 cdn.hadronid.net a.pub.network
www.duboiscountyherald.com
2 btloader.com www.duboiscountyherald.com
freestar-io.videoplayerhub.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 image4.pubmatic.com 2 redirects
2 b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
www.duboiscountyherald.com
2 static.criteo.net securepubads.g.doubleclick.net
a.pub.network
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.duboiscountyherald.com
2 events3.bqstreamer.com mp.mmvideocdn.com
2 www.google.ca www.duboiscountyherald.com
2 td.doubleclick.net www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 idsync.rlcdn.com 2 redirects
2 cdn-gateflipp.flippback.com www.duboiscountyherald.com
1 check.analytics.rlcdn.com mp.mmvideocdn.com
1 r1---sn-p5qddn7z.gvt1.com 1 redirects
1 r9---sn-quxapm-3c2s.gvt1.com 1 redirects
1 redirector.gvt1.com 1 redirects
1 csi.gstatic.com imasdk.googleapis.com
1 trc.taboola.com cdn.taboola.com
1 s0.2mdn.net imasdk.googleapis.com
1 sync.resetdigital.co 1 redirects
1 hbx.media.net 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 cookies.nextmillmedia.com www.duboiscountyherald.com
1 report2.hb.brainlyads.com www.duboiscountyherald.com
1 hb.undertone.com mp.mmvideocdn.com
1 pbs.nextmillmedia.com mp.mmvideocdn.com
1 prebid-server.rubiconproject.com mp.mmvideocdn.com
1 prg.smartadserver.com mp.mmvideocdn.com
1 ssum-sec.casalemedia.com www.duboiscountyherald.com
1 sync.1rx.io www.duboiscountyherald.com
1 onetag-sys.com www.duboiscountyherald.com
1 sync.colossusssp.com 1 redirects
1 d.turn.com 1 redirects
1 bh.contextweb.com 1 redirects
1 openrtb-us-east-1.axonix.com 1 redirects
1 pb-rtd-minutemedia.ccgateway.net mp.mmvideocdn.com
1 api.segment.io cdn.segment.com
1 image6.pubmatic.com 1 redirects
1 c1.adform.net 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 csync.loopme.me 1 redirects
1 eb2.3lift.com a.pub.network
1 eus.rubiconproject.com a.pub.network
1 acdn.adnxs.com a.pub.network
1 js-sec.indexww.com a.pub.network
1 sync.cootlogix.com a.pub.network
1 contextual.media.net a.pub.network
1 pixel.quantserve.com www.duboiscountyherald.com
1 ad.doubleclick.net www.duboiscountyherald.com
1 rules.quantcount.com secure.quantserve.com
1 rp4.liadm.com www.duboiscountyherald.com
1 rp.liadm.com 1 redirects
1 bidder.criteo.com a.pub.network
1 rtb.openx.net a.pub.network
1 fastlane.rubiconproject.com a.pub.network
1 prebid.media.net a.pub.network
1 prebid.cootlogix.com a.pub.network
1 hb.yellowblue.io a.pub.network
1 pa.openx.net a.pub.network
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 secure.quantserve.com a.pub.network
1 cdn.edkt.io a.pub.network
1 pb-rtd.ccgateway.net a.pub.network
1 freestar-io.videoplayerhub.com 1 redirects
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 www.tradingview-widget.com s3.tradingview.com
1 pippio.com www.duboiscountyherald.com
1 p.flipp.com cdn-gateflipp.flippback.com
1 d.pub.network www.duboiscountyherald.com
1 www.gstatic.com www.google.com
1 s3.tradingview.com www.duboiscountyherald.com
1 duboiscountyherald.com 1 redirects
0 api.rlcdn.com Failed a.pub.network
438 168
Subject Issuer Validity Valid
duboiscountyherald.com
E6		 2024-09-30 -
2024-12-29		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2024-03-12 -
2025-04-12		 a year crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
flippback.com
Amazon RSA 2048 M02		 2024-08-18 -
2025-09-16		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
sendtonews.com
Amazon RSA 2048 M03		 2024-09-21 -
2025-10-20		 a year crt.sh
*.tradingview.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-05 -
2024-12-04		 a year crt.sh
revcontent.com
Amazon RSA 2048 M03		 2024-04-18 -
2025-05-17		 a year crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
pub.network
WE1		 2024-09-17 -
2024-12-16		 3 months crt.sh
d.pub.network
WR3		 2024-09-12 -
2024-12-11		 3 months crt.sh
flipp.com
Amazon RSA 2048 M02		 2024-06-30 -
2025-07-28		 a year crt.sh
mp.mmvideocdn.com
Amazon RSA 2048 M02		 2024-03-27 -
2025-04-25		 a year crt.sh
*.tradingview-widget.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-03-19		 8 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
*.segment.com
Amazon RSA 2048 M02		 2024-10-15 -
2025-11-14		 a year crt.sh
*.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.ca
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
optimise.net
WR3		 2024-09-09 -
2024-12-08		 3 months crt.sh
bqstreamer.com
WE1		 2024-08-28 -
2024-11-26		 3 months crt.sh
*.sendtonews.com
Amazon RSA 2048 M02		 2024-03-18 -
2025-04-15		 a year crt.sh
cdn.prod.uidapi.com
E6		 2024-09-11 -
2024-12-10		 3 months crt.sh
id5-sync.com
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
oa.openxcdn.net
WR3		 2024-09-16 -
2024-12-15		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2024-10-15 -
2025-01-13		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
confiant-integrations.net
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
hadronid.net
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
ccgateway.net
E5		 2024-08-07 -
2024-11-05		 3 months crt.sh
edkt.io
WR3		 2024-10-01 -
2024-12-30		 3 months crt.sh
sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-30 -
2025-01-22		 6 months crt.sh
id.hadron.ad.gt
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
*.id5-sync.com
E5		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
quantserve.com
R11		 2024-08-23 -
2024-11-21		 3 months crt.sh
c.pub.network
WR3		 2024-09-09 -
2024-12-08		 3 months crt.sh
*.stnvideo.com
Amazon RSA 2048 M02		 2024-01-30 -
2025-02-26		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
infolinks.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
pa.openx.net
WR3		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2024-08-01 -
2025-08-11		 a year crt.sh
s2s.t13.io
WR3		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-10		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M03		 2024-07-15 -
2025-08-14		 a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M03		 2024-03-18 -
2025-04-16		 a year crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-19 -
2024-11-17		 a year crt.sh
g2.gumgum.com
WR3		 2024-10-16 -
2025-01-14		 3 months crt.sh
prebid.media.net
WR3		 2024-10-05 -
2025-01-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
casalemedia.com
E6		 2024-10-13 -
2025-01-11		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.eu-1-id5-sync.com
R10		 2024-09-01 -
2024-11-30		 3 months crt.sh
btloader.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
ad-delivery.net
WE1		 2024-09-12 -
2024-12-11		 3 months crt.sh
a.ad.gt
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
lexicon.33across.com
WR3		 2024-09-06 -
2024-12-05		 3 months crt.sh
api.btloader.com
WR3		 2024-10-01 -
2024-12-30		 3 months crt.sh
p.ad.gt
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
*.ad.gt
Amazon RSA 2048 M02		 2024-03-10 -
2025-04-08		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
indexww.com
WE1		 2024-10-01 -
2024-12-31		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
seg.ad.gt
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
pixels.ad.gt
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
factor-service.prod.voltaxservices.io
Amazon RSA 2048 M03		 2024-03-26 -
2025-04-24		 a year crt.sh
mm-ssp.voltaxam.com
Amazon RSA 2048 M02		 2024-09-30 -
2025-10-29		 a year crt.sh
proton.ad.gt
WE1		 2024-09-07 -
2024-12-06		 3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2024-06-13 -
2025-07-14		 a year crt.sh
sync.inmobi.com
Sectigo RSA Organization Validation Secure Server CA		 2024-05-02 -
2025-05-02		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-30 -
2025-05-31		 a year crt.sh
*.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-09 -
2025-02-08		 a year crt.sh
*.nextmillmedia.com
R11		 2024-10-08 -
2025-01-06		 3 months crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2024-07-02 -
2025-07-29		 a year crt.sh
report2.hb.brainlyads.com
E5		 2024-10-17 -
2025-01-15		 3 months crt.sh
*.voltaxam.com
Amazon RSA 2048 M03		 2024-04-11 -
2025-05-10		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2024-05-13 -
2025-06-11		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2024-05-26 -
2025-06-24		 a year crt.sh
*.c.docs.google.com
WR2		 2024-10-15 -
2024-12-24		 2 months crt.sh

This page contains 40 frames:

Primary Page: https://www.duboiscountyherald.com/
Frame ID: FBDDCAA99E7F7ACADD2A159FA57CD316
Requests: 364 HTTP requests in this frame

Frame: https://www.tradingview-widget.com/embed-widget/market-overview/?locale=en
Frame ID: B83688E61656D1AEC335DFE274BC744F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=qvbktju6ywfp
Frame ID: F77C03B33DF51A8A27D7ADE2D2D227D8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J&co=aHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=normal&sa=submit&cb=l1lyxoer2g4m
Frame ID: 616C62EA748C4CB2552DB9BA7157109A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J&co=aHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=normal&sa=submit&cb=b0s4wex5l9rj
Frame ID: 4033B613807816ED10AE2BF78CEBD480
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J&co=aHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=normal&sa=submit&cb=50dz23buwwrg
Frame ID: B2B32AC6881BCE9C194E3469BF33000B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-THV0ZYGM9S&gacid=189152098.1729239714&gtm=45je4ah0v9125652790za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=1873282644
Frame ID: 9E7D8A7E06A8B2DEE909CDD710EC1577
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 07968F93C3AD88D930740AF418996190
Requests: 1 HTTP requests in this frame

Frame: https://b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5FEC7092728E39AB0405006C2740550
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=189152098.1729239714&gtm=45je4ah0v887101457z8861227858za200zb861227858&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=1078557306
Frame ID: B0496DA5861AC4032652CFA3630F3EB6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J
Frame ID: 56CCA11A69A5AE5FBCB2176CBB6BBEA5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J
Frame ID: FFBA766EAA95EFFEF30EF448DE9DB8D4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J
Frame ID: 5D3B535F1154485EE8F12CA13122A115
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc9vr8BOht30GZQehNr2_8aq5moyOr2N8SsJD-1W7YOv_RioCvQO6-PkeoN_q7qdAuo8UmpXRHhl-1wbSjh0JhTYOzLffHkPG_asEzw_Dp4WWVCCYzSxAdKByEoJufP4FlzAN_XP4TUCV1BiSbhxDLeWzvcjZdg4dMAbq7ftwjfH4buO5AFf1YinoNRTjSv-FTV7oUgl-FP2BnjzSRbDhNtJvebmplv_vEs376AhFRyArBnzz5bmljJioFYxJy9TDH8pHwGY_wjV2nNdoDMrtcXtZF-XWsYxdKLM-Q0YscCyIttC2z2oz70AyGHTgjnTcv0zIRRvzwGfowTmhxFvKUlKuJ6O582ulZlpNrbryFmJEI2_G8ABNDQsdjScxf4iJevmfoww3KQ4cVL4xILBznhu8lgEB3Ar1N_2fQatQy_MjdUGpaTbF4&sai=AMfl-YTjs0BM8cl-RcqG5cKyfj9sD9AHoQJJ8y1s8gTUwY-L3FLoH8YQDXXfznnDk5D9m4PhKm46hwAwSz_BgMHaGUuIP-ughWoOgVIBKFV3t-SyCIo0vIQP56oKChLB&sig=Cg0ArKJSzG9GQSj9uZJ2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8329D620A8F5DDDC83DD0A58025A2F9F
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk1rszM9sTPloU6MGQFi8ZehuUAWARavBcROk9YobXnpuuMe0rhptTCESM7RFD6y85I1wkfFL8Q74tJYVzz4U8a29oZcldlY7GATCfvLBi6m3uTK69o-qy7VNiZE5S72aMphp198H9osZDCeWuVdmPWZCrZyHSKMBWsIIg3vERKHZZcqcq39SGXb_58CnvdYTVKtcAX9Ip5wCbD_1UFSz2NyRtJI63mIYrP4oy3YEhYQ0j1u2qRm76iNCp2V1qzJiE2jzqEWnD88eNCrJMaZkWAATjic-KUqEmem42V5YxbrVwFscmxhouJwl-rrm5TqUQ9ZND8o06F40NPvw9DHoPTLstSumBKheBT0i276wQvuAKWJyYdd5FuJVzUSvR9-h-nUENponeHKV12tSdKs_zELzn5JyiIIMV4WXbYjDwNUw8L8TLzEDWa7z8aUfeG9pGa4_SDQ&sai=AMfl-YT9NDV_ykzQQODtn1CzIdLu-tj7gDYSifTEV1HkZrRBhvMqyNG1C2ypjeSFjGL00XKT6jabc1pQWHjJfvYwPoU5rkEZAS82HYpWJafWTsz_VJQkkovKePIBFKBb&sig=Cg0ArKJSzMGjqek7RdoZEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E22D9CBA4066AC8259B6856B1637C362
Requests: 10 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 6CC806341A3F3746E0A242E5639B272A
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 6BF98337F863B4B55680BFC630032F39
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: D2D5E2BB6F69766CF0E8A4787557418A
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.duboiscountyherald.com&purl=https%3A%2F%2Fwww.duboiscountyherald.com%2F
Frame ID: A99FB926216A0F1A140BC043BEF3607E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C590%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C357%2C237%2C556%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C122%2C201%2C2039%2C246%2C4%2C521%2C126%2C203%2C522%2C446%2C326%2C404%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C2124%2C337%2C338%2C459%2C339%2C77%2C38%2C2100%2C2022%2C141%2C262%2C461%2C222%2C542%2C345%2C543%2C226%2C468%2C10000%2C624%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 1F587A92C980320B9038B0FC33EE36D1
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 04B4D1E6C54D954BF6BA5C7291B9AAFD
Requests: 1 HTTP requests in this frame

Frame: https://freestar-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 87350E887C3F046960434EB83D5A3885
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 8F698B5B985468B316333D8F79DCD8AC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7B2801AAC941DB57FD2120BA079AF68D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 98F05E6F07D57C34C47C66EEC5762E14
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 59969B9CCAEB46BF1644AF1D3CC40C75
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 51120FC2C784677E0536DD5C954D4370
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 063A815BCDD75D238131E0BBBC395E3E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-Vidazoo_n-nativo_n-adMediaV1_snb_n-Beeswax_smrt_n-inmobi_cnv_n-sharethrough_rbd_ppt_n-Rise_3lift&dcc=t
Frame ID: 365FDA5AC3236DD94312D5351F1AB60E
Requests: 1 HTTP requests in this frame

Frame: https://mp.mmvideocdn.com/mini-player/scripts/voltax_mp_bridge.html
Frame ID: FCFE6B8DD699E47C4DD3FD83260CAA3F
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: BF58E77BC40507225970FDFA18BEB628
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.duboiscountyherald.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1
Frame ID: B8D97721762C10E3A5823CBEDE1BC5DE
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: 699772042B542C548C2F5C7D46312726
Requests: 1 HTTP requests in this frame

Frame: https://b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F12267CB3FE1180B539F4BEFB1D9D082
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-adMediaV1_rx_n-acuityads_n-Beeswax_smrt_cnv_n-adman-v2_n-sharethrough_n-simpli.fi_rbd_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain
Frame ID: 4DD4A30B86CC9717954B5D180B5317C0
Requests: 1 HTTP requests in this frame

Frame: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BID5UID%7D&gdpr_consent=&gdpr=0&us_privacy=1---&gdpr_pd=&source=2&google_push=&retry=
Frame ID: D19CBF5E3F977CB335B30BEC9BFBFA3F
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: 104CA7DDD1546559D1F02544A03323CD
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: CAC2303B9FEE698D1D86BBB4E50C2BE6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.673.0_en.html
Frame ID: 6E50743CE4DB5574E307C0CA40D29F62
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5D5AAD5C4B61AD36B1D198F13FF4AB9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

duboiscountyherald.com

Page URL History Show full URLs

  1. https://duboiscountyherald.com/ HTTP 301
    https://www.duboiscountyherald.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

438
Requests

90 %
HTTPS

24 %
IPv6

98
Domains

168
Subdomains

136
IPs

9
Countries

7072 kB
Transfer

30488 kB
Size

355
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://duboiscountyherald.com/ HTTP 301
    https://www.duboiscountyherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://idsync.rlcdn.com/712559.gif?partner_uid=579bba26-ddec-4d45-919d-cde58582842d HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDU3OWJiYTI2LWRkZWMtNGQ0NS05MTlkLWNkZTU4NTgyODQyZBAAGg0IobXIuAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d3787e227f8bb144e78e84bab52b15f196660310248e3478655aca0227eb32c0791426b5417dce21&_=2
Request Chain 114
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=463751c9cb2c447f9b8faf6842c94c2d&rev_dt=1729239714455 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=463751c9cb2c447f9b8faf6842c94c2d&rev_dt=1729239714455 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d&bidder=154&bidder_uid=fa021524-d1e0-439e-90d9-c47da9b285c6&callback=dspCMCallback
Request Chain 115
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fexchange_uid%253D463751c9cb2c447f9b8faf6842c94c2d_2%2526bidder%253D159%2526bidder_uid%253D%2523PMUID%2526callback%253DdspCMCallback&rev_dt=1729239714455 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fexchange_uid%253D463751c9cb2c447f9b8faf6842c94c2d_2%2526bidder%253D159%2526bidder_uid%253D%2523PMUID%2526callback%253DdspCMCallback&rev_dt=1729239714455&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUE0RTJFMkMtNzM0OC00MEQ3LUIxQjEtMzZCOTgyRjI5NDVE&gdpr=0&gdpr_consent=PM_CONSENT&google_cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEM6CbGt7RF_vL5KfQyuZ1vI&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160835&pmc=1&pr=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D463751c9cb2c447f9b8faf6842c94c2d_2%26bidder%3D159%26bidder_uid%3DEA4E2E2C-7348-40D7-B1B1-36B982F2945D%26callback%3DdspCMCallback&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d_2&bidder=159&bidder_uid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&callback=dspCMCallback
Request Chain 116
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1729239714455 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1729239714455 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=995d419d-f746-40ae-8fb8-99aab453f632&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fa021524-d1e0-439e-90d9-c47da9b285c6&ssp=revcontent HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=995d419d-f746-40ae-8fb8-99aab453f632&callback=dspCMCallback
Request Chain 117
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fexchange_uid%253D463751c9cb2c447f9b8faf6842c94c2d_2%2526bidder%253D169%2526bidder_uid%253D%2523PMUID%2526callback%253DdspCMCallback&rev_dt=1729239714456 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fexchange_uid%253D463751c9cb2c447f9b8faf6842c94c2d_2%2526bidder%253D169%2526bidder_uid%253D%2523PMUID%2526callback%253DdspCMCallback&rev_dt=1729239714456&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTBCQkFDNTgtN0I1Ri00NUM0LTlBRUYtNEExNjYwMEFCNUQ2&gdpr=0&gdpr_consent=PM_CONSENT&google_cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEBqHj8J9UyB8RIc-coc4KN0&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160835&pmc=1&pr=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D463751c9cb2c447f9b8faf6842c94c2d_2%26bidder%3D159%26bidder_uid%3DEA4E2E2C-7348-40D7-B1B1-36B982F2945D%26callback%3DdspCMCallback&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d_2&bidder=159&bidder_uid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&callback=dspCMCallback
Request Chain 120
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 125
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---&b=1&tp=k6YbczGlqu7Uc7hvfpHM3Z29yyGPWN%2BoXG%2B%2BDyYO0NI%3D
Request Chain 132
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---&b=1&tp=an3xPZ6ETYQzh4VBROq%2B4oa%2FOnQJlXaJkBD%2F2tLj9Zs%3D
Request Chain 206
  • https://rp.liadm.com/j?dtstmp=1729239715141&did=did-0047&se=e30&duid=9773e70d4767--01jafbg2p3hf013mcm2pv1ddw0&tv=8.49.84&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&us_privacy=1---&wpn=prebid&gdpr=0&cd=.duboiscountyherald.com HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1729239715141&did=did-0047&se=e30&duid=9773e70d4767--01jafbg2p3hf013mcm2pv1ddw0&tv=8.49.84&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&us_privacy=1---&wpn=prebid&gdpr=0&cd=.duboiscountyherald.com&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjY%3D
Request Chain 242
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs2s.t13.io%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526gpp%253D%2526gpp_sid%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1983122268661007137
Request Chain 247
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&adnxs_id=1983122268661007137&gdpr=0
Request Chain 248
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729239716-7CA6BOH9-YQW4&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Request Chain 249
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Request Chain 250
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001729239716-7CA6BOH9-YQW4&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&rub=M2EGOFS6-15-DASZ&gdpr=0
Request Chain 251
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001729239716-7CA6BOH9-YQW4&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001729239716-7CA6BOH9-YQW4&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=276b2029-492d-4354-8c5e-3b5cfe7222a9%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001729239716-7CA6BOH9-YQW4%252526tapad_id%25253D276b2029-492d-4354-8c5e-3b5cfe7222a9%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttd_puid=276b2029-492d-4354-8c5e-3b5cfe7222a9%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001729239716-7CA6BOH9-YQW4%2526tapad_id%253D276b2029-492d-4354-8c5e-3b5cfe7222a9%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&tapad_id=276b2029-492d-4354-8c5e-3b5cfe7222a9
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&google_gid=CAESEIZUVk8qFjb36gN2hk5vBnE&google_cver=1&google_ula=450542624,0
Request Chain 253
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTIzOTcxNi03Q0E2Qk9IOS1ZUVc0
Request Chain 254
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&uid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0
Request Chain 255
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001729239716-7CA6BOH9-YQW4&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001729239716-7CA6BOH9-YQW4&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=13006426327223697673403991016966352950&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Request Chain 256
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26auid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26auid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=67254bc0-d344-0e99-1cb1-87bfaaf6532a&id=AU1D-0100-001729239716-7CA6BOH9-YQW4&auid=AU1D-0100-001729239716-7CA6BOH9-YQW4
Request Chain 271
  • https://freestar-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://freestar-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 278
  • https://id5-sync.com/s/441/9.gif?puid=u_ed0f0007-5316-46bd-82c2-13cd9371aedc&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F8%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F8%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/8/2.gif?puid=E5194B54F9F118B5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/7/3.gif?puid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/6/4.gif?puid=1983122268661007137&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F821%2F5%2F5.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://id5-sync.com/c/441/821/5/5.gif?puid=092195aa-482f-444e-87eb-386cea32473e&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F4%2F6.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/826/4/6.gif?puid=78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F10%2F3%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/10/3/7.gif?puid=2856366307302385724&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F104%2F2%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/104/2/8.gif?puid=995d419d-f746-40ae-8fb8-99aab453f632&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=M2EGOFS6-15-DASZ&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTUxOTRCNTRGOUYxMThCNQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-be10HqVap2O4v4diV5EXZIS-cm_hMN7Km0j9m7cAGw HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKgswIT62rHo0a65psjYl90&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-be10HqVap2O4v4diV5EXZIS-cm_hMN7Km0j9m7cAGw&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Request Chain 279
  • https://id5-sync.com/s/441/9.gif?puid=u_0a423b6a-56c8-418b-89f1-05f1cad9f7e7&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
Request Chain 280
  • https://id5-sync.com/s/441/9.gif?puid=u_d08680e9-de77-4a37-9bec-3a1f22a87eaa&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
Request Chain 281
  • https://id5-sync.com/s/441/9.gif?puid=u_225dc0d1-03f6-407c-8ae6-f90fe76287bb&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/8/2.gif?puid=276b2029-492d-4354-8c5e-3b5cfe7222a9&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/429/7/3.gif?puid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%% HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/5/5.gif?puid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/4/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/4/6.gif?puid=1983122268661007137&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAMuJ07OJDUAABVUjLRLVg&id5AccountNum=155&numCascadesAllowed=9
Request Chain 282
  • https://id5-sync.com/s/441/9.gif?puid=u_e7ee0c4d-223c-4415-a710-0d19aac71243&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/8/2.gif?puid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/7/3.gif?puid=1983122268661007137&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F6%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F6%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/6/4.gif?puid=E5194B54F9F118B5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/5/5.gif?puid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/4/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/4/6.gif?puid=1983122268661007137&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F3%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553%26partner_url%3Dhttps%253A%252F%252Fid5-sync.com%252Fc%252F441%252F826%252F3%252F7.gif%253Fpuid%253D78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F3%2F7.gif%3Fpuid%3D78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/826/3/7.gif?puid=78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-be10HqVap2O4v4diV5EXZIS-cm_hMN7Km0j9m7cAGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F2%2F8.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/2/8.gif?puid=31bcb647-c910-4a77-a526-04ecd3827f17&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx
Request Chain 283
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-Vidazoo_n-nativo_n-adMediaV1_snb_n-Beeswax_smrt_n-inmobi_cnv_n-sharethrough_rbd_ppt_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-Vidazoo_n-nativo_n-adMediaV1_snb_n-Beeswax_smrt_n-inmobi_cnv_n-sharethrough_rbd_ppt_n-Rise_3lift&dcc=t
Request Chain 322
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=1--- HTTP 302
  • https://s2s.t13.io/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=995d419d-f746-40ae-8fb8-99aab453f632
Request Chain 336
  • https://openrtb-us-east-1.axonix.com/syn?redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Daxonix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3DxxEMODO_IDxx HTTP 302
  • https://s2s.t13.io/setuid?bidder=axonix&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=5a3bd5ac-9f56-4343-bbc8-5a22f4ade813
Request Chain 346
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://ids.ad.gt/api/v1/ppnt_match?uid=K0gi2k498rt8&ev=1&pid=562316&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Request Chain 347
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://ids.ad.gt/api/v1/amo_match?turn_id=6984884236114738032&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Request Chain 348
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&impr_uid=31bcb647-c910-4a77-a526-04ecd3827f17
Request Chain 349
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001729239716-7CA6BOH9-YQW4&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4 HTTP 302
  • https://ids.ad.gt/api/v1/colossus?cls_id=d2d79743-abc0-44cd-9425-d63f32fec978&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Request Chain 353
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&sas_uid=[sas_uid]&gdpr=0&cklb=1
Request Chain 366
  • https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BID5UID%7D&gdpr_consent=&gdpr=0&us_privacy=1---&gdpr_pd=&source=2&google_push=&retry=
Request Chain 395
  • https://id5-sync.com/i/882/8.gif?o=api&id5id=ID5*NGzMIUisp7Y1sUKWNF5sBjKNQ2M56M3PnJK17M2-_QrPyHEgYT6DPtdiLeaLq6oD&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/882/2/7/2.gif?puid=1983122268661007137&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F104%2F6%2F3.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/882/104/6/3.gif?puid=995d419d-f746-40ae-8fb8-99aab453f632&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=M2EGOFS6-15-DASZ&gdpr=0
Request Chain 410
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.duboiscountyherald.com%2F&domain=www.duboiscountyherald.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0&gpp_sid=-1 HTTP 302
  • https://mug.criteo.com/sid?cpp=6Z-VqHx1ZThkSjBvcFNsd1ZiK0tuUEFnai9BdC9HV1laYXF0RUJ6alM4K284ckZ6Uk9VRTg1Vk9MNUptK3R5a3FEY2RaeGhpN2lZV2xTU1FuRE9CeXJTSHlXMkcxUTZaZk5xSDZIeDAyd0hRaG5SdE56czRUK1plYkRZSkE4YjcwREFQRzh1Zm1BYjV4SFpkYStobmZNZlRFNmpPWWlHdVZkYzdvekpMSWV0L2IrajVmZUhreEw3WXRUeWROZjZISllkNkR4N2JnREJDT1hnRFhFZk1RWXVNd1hUOFpNYXpuUGNVOWE4ekdoOVBoOW5jdzhKNzZsWVNPVEVEQWZ0bDdvV3pGdWYvQVF2eVZ3dmNxdWJGWVFSMVpnYVVJcERaUjJqalhsWlF0TkxNS3M1U21lVitQZFpIbUwyMFFaaEFkN2djWGMwdGt0bmc3b2ZqODI5ZVRvR3VMZGtzRzgwL01WNFlsL3pUZEJ3Q3plZWM9fA&cppv=2
Request Chain 413
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid[]=-1 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e8d8e1a9cc81c503bae82937c96656&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dundefined&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo040f_7428193629734571085&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=undefined
Request Chain 418
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1404747330581755325
Request Chain 421
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3722413151978372000V10
Request Chain 422
  • https://sync.resetdigital.co/csync?pid=rubicon&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24USER_ID HTTP 302
  • https://s2s.t13.io/setuid?bidder=resetdigital&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=000001608506EC0D
Request Chain 427
  • https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729239717166&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3927506&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729239719762&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2596&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.duboiscountyherald.com%2F&c8=duboiscountyherald.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729239717166&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3927506&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729239719762&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2596&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.duboiscountyherald.com%2F&c8=duboiscountyherald.com&c9=
Request Chain 429
  • https://redirector.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/Eghovf3BOnoBAQ%3D%3D/expire/1760775719/sparams/expire,ei,ip,id,itag,requiressl,acao,ctier,source,susc,xpc/sig/AJfQdSswRAIgLHDN6FuOPTzrylwZpXkmaB-nNnDY7OvsrjQXvl2TA4MCIFRlgguxZGgL7glJP1o9OzNFP_xtGq19BNqYNBRc6k4Z/file/file.mp4 HTTP 302
  • https://r9---sn-quxapm-3c2s.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/Eghovf3BOnoBAQ%3D%3D/expire/1760775719/sparams/expire,ei,ip,id,itag,requiressl,acao,ctier,source,susc,xpc/sig/AJfQdSswRAIgLHDN6FuOPTzrylwZpXkmaB-nNnDY7OvsrjQXvl2TA4MCIFRlgguxZGgL7glJP1o9OzNFP_xtGq19BNqYNBRc6k4Z/cms_redirect/yes/met/1729239719,/mh/H-/mip/2607:5300:60:7867::6/mm/28/mn/sn-quxapm-3c2s/ms/nvh/mt/1729238150/mv/u/mvi/9/pl/39/rms/nvh,nvh/lsparams/met,mh,mip,mm,mn,ms,mv,mvi,pl,rms/lsig/ACJ0pHgwRAIgSlw4cX64IK7BJmWbHL5ZcB5Kno_iafnNXhvaM3jVq9QCIExj49NOu44uVMwFvszGXx22m7s5Fp_O95JZZs7xLL2K/file/file.mp4 HTTP 302
  • https://r1---sn-p5qddn7z.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/Eghovf3BOnoBAQ%3D%3D/expire/1760775719/sparams/expire,ei,ip,id,itag,requiressl,acao,ctier,source,susc,xpc/sig/AJfQdSswRAIgLHDN6FuOPTzrylwZpXkmaB-nNnDY7OvsrjQXvl2TA4MCIFRlgguxZGgL7glJP1o9OzNFP_xtGq19BNqYNBRc6k4Z/redirect_counter/1/rm/sn-quxapm-3c2s7y/rrc/79/fexp/24350595,24350675,24350705/req_id/ce3231401b9336e2/cms_redirect/yes/cmsv/e/met/1729239720,/mh/H-/mip/2607:5300:60:7867::6/mm/29/mn/sn-p5qddn7z/ms/rdu/mt/1729239430/mv/u/mvi/1/pl/39/rms/rdu,nvh/lsparams/met,mh,mip,mm,mn,ms,mv,mvi,pl,rms/lsig/ACJ0pHgwRQIgQx6vfZL0il_FblH3KtufeF6MpJ6-d2kRLue_2m_U_O8CIQD4N0p6zx0GuLRc2CTeWzGXsuq89ezffWTuVz5-IT4zqQ%3D%3D?file=file.mp4 HTTP 302
  • https://r4---sn-tt1e7nls.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/Eghovf3BOnoBAQ%3D%3D/expire/1760775719/sparams/expire,ei,ip,id,itag,requiressl,acao,ctier,source,susc,xpc/sig/AJfQdSswRAIgLHDN6FuOPTzrylwZpXkmaB-nNnDY7OvsrjQXvl2TA4MCIFRlgguxZGgL7glJP1o9OzNFP_xtGq19BNqYNBRc6k4Z/rm/sn-quxapm-3c2s7y,sn-p5qeed7e/rrc/79,104/fexp/24350595,24350675,24350705/req_id/ce3231401b9336e2/rms/rdu,nvh/redirect_counter/2/cms_redirect/yes/cmsv/e/ipbypass/yes/met/1729239720,/mh/H-/mip/167.114.209.103/mm/29/mn/sn-tt1e7nls/ms/rdu/mt/1729239430/mv/u/mvi/4/pl/20/lsparams/ipbypass,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms/lsig/ACJ0pHgwRQIhANivAR6wIE0g5eVOz0buPX4mkbgg9Tr6_zwlfIhDLw8dAiBgDVZsw90wzV4eiD5ktJPYD64nAzDrMikARdNifRaMBw%3D%3D?file=file.mp4

438 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.duboiscountyherald.com/
Redirect Chain
  • https://duboiscountyherald.com/
  • https://www.duboiscountyherald.com/
735 KB
161 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
a262f8fff57c683180161ca807330fa2b184f1acc755ee7738cda1195be0e12e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
4606
cache-control
public, max-age=10
content-encoding
gzip
content-length
163063
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 07:05:06 GMT
etag
W/1a1165679b654f52063eb8402472d0f8
last-modified
Fri, 18 Oct 2024 07:05:06 GMT
link
<https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.82.1; app13; 0.76s; 6.2M
x-ua-compatible
IE=edge
x-vcache
HIT
x-xrds-location
https://www.duboiscountyherald.com/tncms/xrds/
x-xss-protection
1; mode=block

Redirect headers

age
1773
cache-control
public, max-age=10
content-encoding
gzip
content-length
1502
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 07:52:19 GMT
link
<https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location
https://www.duboiscountyherald.com/
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.82.1; app14; 0.02s; 1M
x-vcache
HIT
x-xrds-location
https://www.duboiscountyherald.com/tncms/xrds/
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"60e609f2-1882c"
age
2424196
expires
Thu, 13 Mar 2025 18:00:13 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e781ea229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
38456
server
cloudflare
user.js
www.duboiscountyherald.com/shared-content/art/tncms/user/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duboiscountyherald.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"670fde7f-ee3"
age
194
accept-ranges
bytes
content-length
1658
date
Fri, 18 Oct 2024 08:18:38 GMT
last-modified
Wed, 16 Oct 2024 15:40:47 GMT
content-type
application/x-javascript
vary
Accept-Encoding
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5d726a23-9bd8"
age
13580363
expires
Thu, 13 Mar 2025 18:05:37 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e5815a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
12719
server
cloudflare
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66922-841f"
age
2424194
expires
Thu, 13 Mar 2025 16:43:34 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e5814a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
14189
server
cloudflare
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-2d77"
age
3130750
expires
Thu, 13 Mar 2025 19:22:11 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e7826a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4260
server
cloudflare
application.0758030105fdd3a70dff03f4da4530e2.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6707d183-1166"
age
210044
expires
Wed, 15 Oct 2025 19:01:04 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 13:07:15 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e7820a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1636
server
cloudflare
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-9b8"
age
13688563
expires
Thu, 13 Mar 2025 16:43:34 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e781fa229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
910
server
cloudflare
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66920-1ac2e"
age
10657006
expires
Thu, 13 Mar 2025 15:37:01 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/css
last-modified
Wed, 21 Feb 2024 21:20:32 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e580fa229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
21439
server
cloudflare
layout.4f2008879f13ddd758050a76c1e8672c.css
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		155 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.4f2008879f13ddd758050a76c1e8672c.css
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1b7c5-26de1"
age
114594
expires
Wed, 01 Oct 2025 19:02:17 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/css
last-modified
Mon, 23 Sep 2024 18:47:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e580da229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
34470
server
cloudflare
theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66be51f7-a358"
age
5058809
expires
Wed, 20 Aug 2025 19:01:25 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/css
last-modified
Thu, 15 Aug 2024 19:07:35 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e5810a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
9533
server
cloudflare
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:wght@400;700&family=Open+Sans&display=swap
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3112565f088d69bf7e12532f395bff72b11dbf444a52739cd4f1903246e02054
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:52 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 18 Oct 2024 08:21:52 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
tnt.access.offers.7c6ed72e68eff7037a2afe805b0c22f9.css
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/tnt.access.offers.7c6ed72e68eff7037a2afe805b0c22f9.css
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6b40e6fa459ac23479367ea26d7fa52ff112dd9e751d3077f0494ce7439287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1b7c5-852f"
age
1423992
expires
Wed, 01 Oct 2025 19:02:17 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/css
last-modified
Mon, 23 Sep 2024 18:47:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e5811a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
6633
server
cloudflare
datepicker3.9f2593097fc3849b80bb9d187a12b345.css
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 		31 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/datepicker3.9f2593097fc3849b80bb9d187a12b345.css
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71850ae0bf8353e8cfad7f285270c0b527a3499a815b13f79665d7952d920678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66991599-7b17"
age
159750
expires
Thu, 24 Jul 2025 18:25:35 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/css
last-modified
Thu, 18 Jul 2024 13:16:09 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e5812a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
3563
server
cloudflare
flex-classifieds-bulletins.a78f8be1f6e0dabcb5acb9a8939501f8.css
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-classifieds-bulletins.a78f8be1f6e0dabcb5acb9a8939501f8.css
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83df928f641d630879a9c3bfa22ccb011da030d9e1e056a445c5335bf735f416
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66925-92d"
age
3089144
expires
Thu, 13 Mar 2025 18:08:38 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/css
last-modified
Wed, 21 Feb 2024 21:20:37 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e5813a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
877
server
cloudflare
csrf.js
www.duboiscountyherald.com/shared-content/art/tncms/api/ 		940 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duboiscountyherald.com/shared-content/art/tncms/api/csrf.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://www.duboiscountyherald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"670fde7f-3ac"
age
116
accept-ranges
bytes
content-length
537
date
Fri, 18 Oct 2024 08:19:56 GMT
last-modified
Wed, 16 Oct 2024 15:40:47 GMT
content-type
application/x-javascript
vary
Accept-Encoding
access.3e0b8030b6000aa9a609.js
www.duboiscountyherald.com/shared-content/art/tncms/api/ 		71 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duboiscountyherald.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://www.duboiscountyherald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"66e33faa-11c3d"
age
116
accept-ranges
bytes
content-length
29787
date
Fri, 18 Oct 2024 08:19:56 GMT
last-modified
Thu, 12 Sep 2024 19:23:22 GMT
content-type
application/x-javascript
vary
Accept-Encoding
bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c756dd78f3fe8604ffdb519ffce264517c5e4b02ced287d9279be254d872ae8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66922-6976"
age
949978
expires
Fri, 14 Mar 2025 00:47:24 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e7825a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8940
server
cloudflare
jquery.mask.84bef41f682a27dac3fd6e812c06365d.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.mask.84bef41f682a27dac3fd6e812c06365d.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd4ad2e7d257986d3a0c3877268db59347197d1c90fa6a3af56542c6ec61f38a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66922-c0d"
age
949978
expires
Fri, 14 Mar 2025 00:47:24 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e7824a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1448
server
cloudflare
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f103.1e100.net
Software
ESF /
Resource Hash
f9fb12066cd19ca3a3062f820750e7c7ea85de852326022b771368d09274a92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 18 Oct 2024 08:21:53 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
tnt.access.log.31e8e7158129efcfbee0b0e2a4b1c720.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.31e8e7158129efcfbee0b0e2a4b1c720.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23322e92d1054d064b0e77de96f570d5899025dc71f3bca9a18e8d41c38ea32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"661ff36b-2a33"
age
114594
expires
Wed, 23 Apr 2025 19:02:36 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 17 Apr 2024 16:06:03 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e7823a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2204
server
cloudflare
user-controls.578df3df79d812af55ab13bae47f9857.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		533 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-215"
age
949978
expires
Thu, 13 Mar 2025 18:05:37 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2865a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
355
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
872e5b08335308e7b01e883b427bc4ba5315ea189264c4998f72342ce45a30c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
etag
7 / 20014 / m202410140101 / config-hash: 6888224321745926060
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33724
x-xss-protection
0
server
cafe
ie.grid.placement.8d31e32afeebe4520bfab9638ef91435.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		1012 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ie.grid.placement.8d31e32afeebe4520bfab9638ef91435.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37b4f2d862bb21b088b8341107cb805b24ab74ff4908b3e6229038b7c4b8edae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e19e2e-3f4"
age
114594
expires
Fri, 26 Sep 2025 23:55:18 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Sep 2024 13:42:06 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2866a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
578
server
cloudflare
vendor.taboola.0f7d1c50406b868f466f9143671a50f4.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		906 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/vendor.taboola.0f7d1c50406b868f466f9143671a50f4.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb24d05e055a5adc88118706c7fc812af86d197890686edd980ae3a627aa0910
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66924-38a"
age
3089144
expires
Thu, 13 Mar 2025 19:22:13 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:36 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2867a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
539
server
cloudflare
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66924-cf"
age
2406958
expires
Thu, 13 Mar 2025 17:14:01 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:36 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e7822a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
176
server
cloudflare
tracking.js
www.duboiscountyherald.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duboiscountyherald.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"670fde7f-a3a"
age
298
accept-ranges
bytes
content-length
1157
date
Fri, 18 Oct 2024 08:16:54 GMT
last-modified
Wed, 16 Oct 2024 15:40:47 GMT
content-type
application/x-javascript
vary
Accept-Encoding
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1252936
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-8.iad55.r.cloudfront.net
Software
envoy /
Resource Hash
40f5738f48150a48ab90bcb2f0d0d28a32b6047785b1e87ce082b25c6775b2a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-store
content-encoding
gzip
x-envoy-upstream-service-time
6
via
1.1 ccb414ab5bdb778a5639e83972f955e6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
pc_zOQVVk_k3u4V_nVb5LhkhgMS9VcbGE0gxYP22pUFUFWQZ05dQwQ==
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript
vary
Origin,Origin, Accept-Encoding
server
envoy
x-amz-cf-pop
IAD55-P2
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1252935
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-8.iad55.r.cloudfront.net
Software
envoy /
Resource Hash
40f5738f48150a48ab90bcb2f0d0d28a32b6047785b1e87ce082b25c6775b2a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-store
content-encoding
gzip
x-envoy-upstream-service-time
5
via
1.1 ccb414ab5bdb778a5639e83972f955e6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
R2BtebEsw_w7c4MqTWeQzlrn5kjgtBjQpgr2CzLr4a_E5z3bvp7KUQ==
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript
vary
Origin,Origin, Accept-Encoding
server
envoy
x-amz-cf-pop
IAD55-P2
fontawesome.48f6e778a25162f5c4a6977fb556155b.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		277 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e19e2e-45518"
age
2447388
expires
Wed, 17 Sep 2025 19:01:06 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Sep 2024 13:42:06 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2868a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
117608
server
cloudflare
js
www.googletagmanager.com/gtag/ 		219 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-24711116-1
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8025f8c981f331b9be320e42e991e2aa5c6c73f258f682a9d0d9d83226a5c275
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80288
x-xss-protection
0
server
Google Tag Manager
tracker.js
www.duboiscountyherald.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duboiscountyherald.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"66f6f794-2200"
age
116
accept-ranges
bytes
content-length
3224
date
Fri, 18 Oct 2024 08:19:56 GMT
last-modified
Fri, 27 Sep 2024 18:21:08 GMT
content-type
application/x-javascript
vary
Accept-Encoding
d01626b2-5390-11ec-a31e-fb05aa2b4944.png
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/custom/image/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/custom/image/d01626b2-5390-11ec-a31e-fb05aa2b4944.png?resize=540%2C109
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916b294525214456151dacefaad66c0816f36fb0c4beed9809f673246eafb2aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"51e327f94c3ec4ab6654be4e89c5d6e8"
age
91745
cf-cache-status
HIT
expires
Thu, 02 Oct 2025 16:56:53 GMT
cf-polished
origFmt=png, origSize=15580
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
image/webp
content-disposition
inline; filename="d01626b2-5390-11ec-a31e-fb05aa2b4944.webp"
vary
Accept
last-modified
Thu, 02 Dec 2021 16:56:37 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e7827a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
12500
server
cloudflare
f22673c4-5390-11ec-a31e-b76ba0b9f337.png
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/custom/image/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/custom/image/f22673c4-5390-11ec-a31e-b76ba0b9f337.png
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66eda4056e4e35b1e14e0205429c71d057159ca8929230923daac1074734f4a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"61a8fafe-4668"
age
114594
cf-cache-status
HIT
expires
Thu, 03 Jul 2025 22:19:26 GMT
cf-polished
origFmt=png, origSize=18024
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
image/webp
content-disposition
inline; filename="f22673c4-5390-11ec-a31e-b76ba0b9f337.webp"
vary
Accept
last-modified
Thu, 02 Dec 2021 16:57:34 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0e7828a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
11236
server
cloudflare
embedcode.php
embed.sendtonews.com/player2/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player2/embedcode.php?fk=yFxaHa1K&cid=12404
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-109.iad61.r.cloudfront.net
Software
nginx/1.25.5 /
Resource Hash
792a6880c380ea4e3d31b25b22a7e14556637786fbf761bdd87739bdc73aea04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
PUT, POST, DELETE, PATCH
via
1.1 f7f49dad2d783fde3adeef21381de800.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
85z-QViAn6pNxtJdpG8a9zWR1OgwTDwWlznshVQWG30ZFPxEae01Vg==
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx/1.25.5
x-amz-cf-pop
IAD61-P3
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
embed-widget-market-overview.js
s3.tradingview.com/external-embedding/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.tradingview.com/external-embedding/embed-widget-market-overview.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
3825b8f61dd55e2d8f49472f5922c98f8e352643798015b198eb8422ad1c3858

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cdn-status
200
access-control-max-age
3000
content-encoding
br
etag
"b5c7451ec27cd017fa71a7a6df285da5"
access-control-allow-methods
GET
date
Fri, 18 Oct 2024 08:21:53 GMT
last-modified
Thu, 17 Oct 2024 10:28:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-amz-id-2
UFPdkZZYRlVcsC0t3yyB66Y6I2BV1ejB5YgKJrpWatS8QGObLM0Namvf/XshyJPY78mjh+SZ4Xg=
cdn-requestpullcode
200
cdn-cachedat
10/17/2024 10:28:36
cache-control
public, max-age=300
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
cdn-requestid
e7a1059f403f770e8c5311722a9b0a1c
cdn-pullzone
1837468
cdn-proxyver
1.04
x-amz-request-id
S35SG70CX6R832HK
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
x-amz-server-side-encryption
AES256
820a0d5a-53a7-11ec-a31e-a313a0485289.png
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/custom/image/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/custom/image/820a0d5a-53a7-11ec-a31e-a313a0485289.png?resize=540%2C109
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916b294525214456151dacefaad66c0816f36fb0c4beed9809f673246eafb2aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"ba310c18540e28b2024769840da745a8"
age
91745
cf-cache-status
HIT
expires
Fri, 10 Oct 2025 20:57:57 GMT
cf-polished
origFmt=png, origSize=15580
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
image/webp
content-disposition
inline; filename="820a0d5a-53a7-11ec-a31e-a313a0485289.webp"
vary
Accept
last-modified
Thu, 02 Dec 2021 19:39:04 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0ef84da229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
12500
server
cloudflare
tnt.access.user.modal.8a5b29a9ca610d45f8071a90ec7e5c80.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.8a5b29a9ca610d45f8071a90ec7e5c80.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385934cccf5ffca9ba8091630cd82e4f6c306b566560988f70e7b570e3b19420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1b7c2-ead"
age
1423992
expires
Wed, 01 Oct 2025 19:02:17 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Mon, 23 Sep 2024 18:47:30 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2856a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1207
server
cloudflare
tnt.access.user.modal.wall.72993b4c08e0d932c1bc6c90ef732ce8.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.wall.72993b4c08e0d932c1bc6c90ef732ce8.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2b2d7b41fab3ec60e73430c166feaec074d60c1896010a85dc591c2d02492fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1b7c2-7232"
age
1423992
expires
Wed, 01 Oct 2025 19:02:17 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Mon, 23 Sep 2024 18:47:30 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2857a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8620
server
cloudflare
tnt.access.user.modal.output.0207f26c016b9fd645ca243137287d1b.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.output.0207f26c016b9fd645ca243137287d1b.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4186f5ddb818618ac01834b826f3f66a5ecdfe468dbb8d581e9d160642ff283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6707d183-d09"
age
210044
expires
Wed, 15 Oct 2025 19:01:04 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 13:07:15 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2858a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1287
server
cloudflare
tnt.access.status.828de94349981272665c0fb0107f3e49.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		928 B
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.status.828de94349981272665c0fb0107f3e49.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16a1f54128050a2c4334fe3155151163bc9165334fb0c5f97af87c405a982a8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-3a0"
age
13680275
expires
Thu, 13 Mar 2025 16:43:34 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2859a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
345
server
cloudflare
jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a481ca181e9d6f64e4b75c4b87779e08aa375d45e1ea2ad9c21a7d8e38f361b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66922-51c7"
age
13579867
expires
Fri, 14 Mar 2025 00:47:24 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f285aa229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7302
server
cloudflare
additional-methods.54cac72c4ecc4fe6191818374fa8d218.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/additional-methods.54cac72c4ecc4fe6191818374fa8d218.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1d2122bde8e57c6a0d64d3ae5ab9311b92a90d939505522ea8017a0332afed
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66922-3ab0"
age
3124505
expires
Thu, 13 Mar 2025 20:16:02 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f285ba229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4719
server
cloudflare
jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f8981a9d73ba11b77e370fb35ce0a54cb48ce5bcfdb66da69265151738350e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66923-104f"
age
114594
expires
Fri, 14 Mar 2025 00:47:24 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:35 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f285da229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1618
server
cloudflare
tnt.access.log.gtm.37085f9822fb12feb0326ec09cd5a1a0.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.gtm.37085f9822fb12feb0326ec09cd5a1a0.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1c6260cc3a7a2823147ea4cdf05ced64cbc0f5be1b8ca2777a96e0681f5368
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"661ff36b-fa0"
age
10657006
expires
Wed, 23 Apr 2025 19:02:37 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 17 Apr 2024 16:06:03 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f285ea229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
906
server
cloudflare
tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f221db-f6a"
age
114594
expires
Sat, 29 Mar 2025 16:19:37 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Mar 2024 21:59:55 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f285fa229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
907
server
cloudflare
tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1b7c4-3662"
age
312235
expires
Tue, 14 Oct 2025 13:57:58 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Mon, 23 Sep 2024 18:47:32 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2860a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5096
server
cloudflare
maillist_signup.deacc71a82fe583ccc361b42498ff614.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/maillist_signup.deacc71a82fe583ccc361b42498ff614.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ff429aac35e1b55d4b5e1e299237b84fd6469fa4abc13770b2896981fdb050
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e19e2d-ffe"
age
430646
expires
Thu, 25 Sep 2025 17:34:22 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Sep 2024 13:42:05 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2861a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1246
server
cloudflare
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1b7c2-1010"
age
312235
expires
Tue, 14 Oct 2025 13:54:48 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Mon, 23 Sep 2024 18:47:30 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2863a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1501
server
cloudflare
tnt.regions.e7df22f20c42105cce5864da9e346f48.js
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.e7df22f20c42105cce5864da9e346f48.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1b7c1-1041"
age
312234
expires
Tue, 14 Oct 2025 13:54:48 GMT
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/x-javascript
last-modified
Mon, 23 Sep 2024 18:47:29 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f2864a229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1560
server
cloudflare
delivery.js
assets.revcontent.com/master/ 		159 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-81.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1760bb9355d5a32c6b3d48ecf53dcfedeca08516b0b921682e9d0ce55ce74b26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
public,max-age=60
content-encoding
br
etag
W/"b00e2c9578a737dff7b6f33e21f10832"
age
21339
via
1.1 8d6d65c40f49b96d1f700720137be26a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
rQ0spWRb8rDgq8Rq3NCFrlqMiyvtGTYzdAl87KuTBB9ZpiHgTG1gOw==
date
Fri, 18 Oct 2024 02:26:14 GMT
content-type
text/javascript
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
252d59351666354bfa98e1300c2bd18f57477213d21d2feae41ad55924ab0e67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78473
x-xss-protection
0
server
Google Tag Manager
recaptcha__en.js
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 		544 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f94.1e100.net
Software
sffe /
Resource Hash
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
age
263179
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 07:15:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 07:15:34 GMT
last-modified
Mon, 14 Oct 2024 18:32:27 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220736
x-xss-protection
0
server
sffe
pubfig.min.js
a.pub.network/duboiscountyherald-com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/duboiscountyherald-com/pubfig.min.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c99b7e779cd3a4553531a42f98e8436dee768b4fe8040df6beaf3fbd0885a50c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=udPQGg==, md5=QWn0MiVxOtQQRebpMvnRAQ==
cf-cache-status
HIT
etag
W/"4169f43225713ad41045e6e932f9d101"
age
22747
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Fri, 18 Oct 2024 08:51:53 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43557
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 00:41:47 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY17wZDHCL9BlfnexcA_qvGUIP1toSZucgVyEiA19XElWm8MWbvcCOauTpNlRxfDjtw9VU83hEArOQ
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://d.pub.network/v2/sites/duboiscountyherald-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d471e0f9b5aa23b-YYZ
access-control-allow-origin
*
x-goog-generation
1729212107548967
server
cloudflare
tracker.gif
www.duboiscountyherald.com/shared-content/art/stats/common/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duboiscountyherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=172923971312537037016001200669771133282&tnms_dt=duboiscountyherald.com&tnms_upage=1&tnms_do=www.duboiscountyherald.com&tnms_uri=/&tnms_ref=&rt=1729239713128
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

date
Fri, 18 Oct 2024 08:21:53 GMT
content-length
0
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:wght@400;700&family=Open+Sans&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f94.1e100.net
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://fonts.googleapis.com/

Response headers

age
22699
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 02:03:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 02:03:34 GMT
last-modified
Tue, 02 May 2023 14:50:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23880
x-xss-protection
0
server
sffe
66f6d43c0eb10.image.jpg
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/assets/v3/editorial/c/46/c46f7f91-63da-5e3f-b0c2-cdf7b82b2040/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/assets/v3/editorial/c/46/c46f7f91-63da-5e3f-b0c2-cdf7b82b2040/66f6d43c0eb10.image.jpg?resize=990%2C660
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4b30be23c24195323df8b75da4c0892974e4b3aea4a3dfd6201a020594f235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"4cf5127e988c4905574def38d0a53e80"
age
45687
cf-cache-status
HIT
expires
Sun, 28 Sep 2025 06:40:26 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=74314
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
image/webp
content-disposition
inline; filename="66f6d43c0eb10.webp"
vary
Accept
last-modified
Fri, 27 Sep 2024 15:50:20 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e0f7885a229-YYZ
access-control-allow-origin
*
server
cloudflare
configs
d.pub.network/v2/sites/duboiscountyherald-com/ 		60 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/duboiscountyherald-com/configs?env=PROD
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5592ce21caf9ce790ac46d29b99f37dde32ee8954e15c97c537e35087eddc902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1252935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-46.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

x-envoy-upstream-service-time
3
access-control-allow-credentials
true
via
1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.duboiscountyherald.com
x-cache
Miss from cloudfront
x-amz-cf-id
YqFhXohe0ejABitRH7qxqX-ZvXIuhi2JIj1BJ7-9HL9O2IsxU61EEA==
date
Fri, 18 Oct 2024 08:21:53 GMT
x-amz-cf-pop
IAD12-P3
vary
Origin
server
istio-envoy
sync
pippio.com/api/
Redirect Chain
  • https://idsync.rlcdn.com/712559.gif?partner_uid=579bba26-ddec-4d45-919d-cde58582842d
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDU3OWJiYTI2LWRkZWMtNGQ0NS05MTlkLWNkZTU4NTgyODQyZBAAGg0IobXIuAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d3787e227f8bb144e78e84bab52b15f196660310248e3478655aca0227eb32c0791426b5417dce21&_=2
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=d3787e227f8bb144e78e84bab52b15f196660310248e3478655aca0227eb32c0791426b5417dce21&_=2
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&it=1&iv=d3787e227f8bb144e78e84bab52b15f196660310248e3478655aca0227eb32c0791426b5417dce21&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Fri, 18 Oct 2024 08:21:53 GMT
voltax_mp.js
mp.mmvideocdn.com/mini-player/prod/ 		2 MB
686 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player2/embedcode.php?fk=yFxaHa1K&cid=12404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:ac00:e:8add:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ff835b66ff37ee4a4bf9de1a4446e07d37689ad2efb23f9262f01a0f9dbaa01c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
x-amz-version-id
LFl5FCQaDrF81wZ28Lu35XXKqJhPaeZ3
etag
W/"fcf8ccc7c24f0a9d9d105b38e4fbffd4"
age
244274
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pyPsTlt5rRTIwSP9wbwDozi9K7s-BXkh38eprqA36axUB6_SWwJg6g==
date
Tue, 15 Oct 2024 12:30:40 GMT
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 15 Oct 2024 12:30:37 GMT
cache-control
private, no-store
via
1.1 51391527dd8c879c45b44b119905c872.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
server
CloudFront
x-amz-server-side-encryption
AES256
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
6710801ca027f.preview-300.jpg
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/assets/v3/eedition/6/0b/60b3c64f-d92b-5811-a42a-6c38136dad4d/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/assets/v3/eedition/6/0b/60b3c64f-d92b-5811-a42a-6c38136dad4d/6710801ca027f.preview-300.jpg?resize=100%2C200
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361be67b35447cecbbddcaf6c796a2f78741af1798e236a2a9910096f5344927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"538813b1ab420e6ad76e75713051daac"
age
62857
cf-cache-status
HIT
expires
Fri, 17 Oct 2025 05:06:23 GMT
cf-polished
origSize=6285, status=webp_bigger
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
image/jpeg
last-modified
Thu, 17 Oct 2024 03:10:22 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e1098eba229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5850
server
cloudflare
67118ed7424f3.preview-300.jpg
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/assets/v3/eedition/a/9f/a9f4ee4b-ee1b-5f67-bce8-86f942202623/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/assets/v3/eedition/a/9f/a9f4ee4b-ee1b-5f67-bce8-86f942202623/67118ed7424f3.preview-300.jpg?resize=100%2C200
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb56aab064809b73c4644977bf678017ea4b18725647852ae8b949478b4b8b67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"11661b1944a60b579fc665a96d55e449"
cf-cache-status
HIT
expires
Sat, 18 Oct 2025 05:04:05 GMT
cf-polished
degrade=85, origSize=5544, status=webp_bigger
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
image/jpeg
last-modified
Thu, 17 Oct 2024 22:25:28 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e1098eda229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5467
server
cloudflare
6706dea795639.preview-300.jpg
bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/assets/v3/eedition/b/b7/bb78d0a1-299c-523a-9904-629385a63c55/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/content/tncms/assets/v3/eedition/b/b7/bb78d0a1-299c-523a-9904-629385a63c55/6706dea795639.preview-300.jpg?resize=153%2C200
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dca13bc51e6717395e2c089aeee5a03c74ceca8723088bace51f70f0f620fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"14cc772c014b1e04a687b858b0657bcd"
age
430645
cf-cache-status
HIT
expires
Thu, 09 Oct 2025 19:56:44 GMT
cf-polished
origSize=8793, status=webp_bigger
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
image/jpeg
last-modified
Wed, 09 Oct 2024 19:51:04 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8d471e1098eea229-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8146
server
cloudflare
/
www.tradingview-widget.com/embed-widget/market-overview/ Frame B836 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tradingview-widget.com/embed-widget/market-overview/?locale=en
Requested by
Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-market-overview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src https://static.tradingview.com/static/ blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-3Qgh9wyYCMP1/MEaZV0GMQ=='; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=120
cdn-cache
HIT
cdn-cachedat
10/18/2024 08:20:10
cdn-edgestorageid
925
cdn-proxyver
1.04
cdn-pullzone
2118568
cdn-requestcountrycode
CA
cdn-requestid
2ba22f98c94d77ecb765497d1f9ddb84
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-status
200
cdn-uid
0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
content-encoding
br
content-security-policy
object-src 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src https://static.tradingview.com/static/ blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-3Qgh9wyYCMP1/MEaZV0GMQ=='; base-uri 'none'
content-type
text/html; charset=utf-8
date
Fri, 18 Oct 2024 08:21:53 GMT
expires
Fri, 18 Oct 2024 08:22:06 GMT
referrer-policy
origin-when-cross-origin
server
BunnyCDN-ASB1-925
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/ 		475 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
1a3cba3a57e7b6bd578bfd37c841b6fa2e2b0f332e83b86848e1183d2a6b5e70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
etag
6200590973078812877
age
46060
x-content-type-options
nosniff
expires
Fri, 17 Oct 2025 19:34:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 17 Oct 2024 19:34:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
151472
x-xss-protection
0
server
cafe
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=96520
content-encoding
gzip
expires
Sat, 19 Oct 2024 11:10:33 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
68444
date
Fri, 18 Oct 2024 08:21:53 GMT
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc9131b9ac86e4c6747e7b79a38d11851ee819c808417044d57e51abde63f5a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77071
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		295 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b51b0c13d3ba91d6f5fd9099f8989d58c2487727828eae03316dee3dd2a2850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
86411
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		219 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-24711116-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b2c097b4949540419dca0d72a5d6a193995da1f30181da8a24238efc615ee02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80252
x-xss-protection
0
server
Google Tag Manager
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js?network_code=21798091349
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
b2a8893bc6eb9e4ea04ce181b9fa01698535a727074f88b615ad7f7619432bf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
etag
882 / 20014 / 31088176 / config-hash: 6888224321745926060
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33744
x-xss-protection
0
server
cafe
prebid-analytics-8.49.84.js
a.pub.network/core/ 		607 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-8.49.84.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dae3ee58ee64d4ffb07fdcd016491c5c8381c16795b5bcb4d9c5b80c74652db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
*
x-goog-hash
crc32c=nbEELQ==, md5=X07H6t3xEqbN3+IJLMxD1g==
cf-cache-status
HIT
etag
W/"5f4ec7eaddf112a6cddfe2092ccc43d6"
age
28192
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Sat, 18 Oct 2025 00:32:01 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
621172
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/html
last-modified
Thu, 10 Oct 2024 18:48:23 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2pVpq8gf-oJ_7treJCFicvjhv8wyzBUq1iieT8hioDDZCl98Vp254BXxOw41JHnSWM4ZqpwjMSYA
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31507808
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d471e116be3a23b-YYZ
access-control-allow-origin
*
x-goog-generation
1728586103078905
content-language
en
server
cloudflare
pubfig.engine.js
a.pub.network/duboiscountyherald-com/ 		376 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f7f739a70505b58e9cca0a28565ec9a5d7745817992d1e633a51b3fae09a1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=mnXbUQ==, md5=o24Fv9l78b6CTXL6MgERZg==
cf-cache-status
HIT
etag
W/"a36e05bfd97bf1be824d72fa32011166"
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Fri, 18 Oct 2024 08:51:53 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
384966
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 00:41:47 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY1_1cgIIZMv8219gH1Enah2LPfDMTxjrITeIZTs5ehJzwkpW30--ySvByVb7tKEufOM_CPys0T9Dw
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d471e116be4a23b-YYZ
access-control-allow-origin
*
x-goog-generation
1729212107330691
server
cloudflare
loader.js
cdn.taboola.com/libtrc/townnews-network/ 		339 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/townnews-network/loader.js
Requested by
Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/duboiscountyherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/vendor.taboola.0f7d1c50406b868f466f9143671a50f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4f84968678a58e2a1dab4a1591f3a271a17f8791d3d660dd6e64c7a700b499a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
etag
"68277be96156cb3d04432d4369fc1ba26600f444"
x-amz-version-id
8kpzS40moRbjUSJcx92dvDPwDIpgsL0n
age
0
x-cache
MISS
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 2024 08:20:43 UTC
x-served-by
cache-yul1970071-YUL
x-cache-hits
0
x-amz-id-2
e5YKCM1xZwHV9YY08I1DK64dT81169teh9oiXzzrpl23yEzU8lmb6H1xfAU6Mbfke4YFudFFHZo=
vary
Accept-Encoding, Accept-Encoding
x-amz-replication-status
FAILED
cache-control
private,max-age=14400
x-envoy-upstream-service-time
5
x-timer
S1729239714.583959,VS0,VE50
via
1.1 varnish
x-amz-request-id
3X2A76EZT0NBBQ9Q
accept-ranges
bytes
access-control-allow-origin
*
abp
16
content-length
65270
x-from-cache
1
server
nginx
x-amz-server-side-encryption
AES256
/
www.duboiscountyherald.com/tncms/csrf/token/ 		67 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.duboiscountyherald.com/tncms/csrf/token/
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/shared-content/art/tncms/api/csrf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store
content-length
67
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/plain
anchor
www.google.com/recaptcha/enterprise/ Frame F77C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=qvbktju6ywfp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_wTnB-Y6cGiD9NpL6Qhrsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_wTnB-Y6cGiD9NpL6Qhrsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/enterprise/ Frame 616C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J&co=aHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=normal&sa=submit&cb=l1lyxoer2g4m
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hzQnK1DAC0PElk4rCoyfTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hzQnK1DAC0PElk4rCoyfTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/enterprise/ Frame 4033 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J&co=aHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=normal&sa=submit&cb=b0s4wex5l9rj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uVc9Vm4dz3Ulh7osVZQP7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uVc9Vm4dz3Ulh7osVZQP7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/enterprise/ Frame B2B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J&co=aHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=normal&sa=submit&cb=50dz23buwwrg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GC6Gfg_xbkvBpqkMgAh5Hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GC6Gfg_xbkvBpqkMgAh5Hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		267 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-THV0ZYGM9S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-24711116-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f81a3757bdaf2427b6c8b3c93b081d1f996125d72295e9ab800194947b6faaeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95840
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-24711116-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
age
5977
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:42:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 06:42:16 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
132916964
fundingchoicesmessages.google.com/i/ 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/132916964?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b276a41b58a12ef909450390357e2e4dfc9710a099c9bfbf4028ab1c1510e02
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-V3iSXZm72uTU9TvUMomgLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XAs3HpiB5vAh6Zvs5iVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE31DMzjCwwASwtKow"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-V3iSXZm72uTU9TvUMomgLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5MTD44X&v=3&t=t&pid=89852019&cv=55&rv=4ah0&tc=3&tag_exp=101686685&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 08:21:53 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5MTD44X&v=3&t=t&pid=89852019&cv=55&rv=4ah0&tc=3&tag_exp=101686685&es=1&e=gtm.init&eid=0&h=Ag&z=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 08:21:53 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5MTD44X&v=3&t=t&pid=89852019&cv=55&rv=4ah0&tc=3&tag_exp=101686685&es=1&e=gtag.config&eid=1&h=Ag&tr=1zone.1fsl&ti=1zone.2fsl&z=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 08:21:53 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5MTD44X&v=3&t=t&pid=89852019&cv=55&rv=4ah0&tc=3&tag_exp=101686685&es=1&e=gtag.config&eid=3&h=Ag&z=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 08:21:53 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		302 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7d8a9a1fb284a44981f1a23d3cdca2091e8ada09bf58c5e266f4cff940dac02b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 08:21:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104424
x-xss-protection
0
server
Google Tag Manager
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e3718c850c94db1e3daa959e53737254c607f52f2d672182df6ac3a91386885

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
0zSZGXmaFl7u_EsnpPI2uvmKxv4SmEYW
etag
W/"4b35d51638965e83bf833be4d011abea"
age
95
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
XW5_fbp3utGW-jUy3Uv2z-UnDIzbYu4qEYRaV4NTRbsdP64q5b_1ig==
date
Fri, 18 Oct 2024 08:20:27 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 30 Jul 2024 19:42:29 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
impl.20240909-4-RELEASE.js
cdn.taboola.com/libtrc/ 		921 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240909-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/townnews-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0a59ea34c2a48879f45c688ea266ddf6a95310a7315650138c86fe45c197abe7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
etag
"ef00e447a9b6fb08f0575843ed2ac2f1"
x-amz-version-id
5cYn56Cq5dv7p0vQvbCp6H70AU9HJI.t
age
28742
x-cache
HIT
date
Fri, 18 Oct 2024 08:21:53 GMT
last-modified
Mon, 16 Sep 2024 13:22:46 GMT
content-type
application/javascript
x-served-by
cache-yul1970071-YUL
x-cache-hits
0
x-amz-id-2
W0QvI0kTiOUW5KCTqkGAhlOA9rslIQPHIQSC62IYzcnoCixdpKALGFJZ3XCB7fhpalguPEK2mkA=
vary
Accept-Encoding
cache-control
private,max-age=31536000
x-timer
S1729239714.953925,VS0,VE1
via
1.1 varnish
x-amz-request-id
0B7387N57JKRVGVR
accept-ranges
bytes
access-control-allow-origin
*
abp
96
content-length
189191
server
AmazonS3-br
x-amz-server-side-encryption
AES256
/
trends.revcontent.com/api/demand/ 		1 KB
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=280778
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash
0baa1a84a8805b3a0f781f29f022f2bbb1a328bb2f32224404f2a445bbeb0db1
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=931536000; includeSubDomains
x-rc-region
us-east-1a
content-encoding
gzip
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
envoy
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-THV0ZYGM9S&gtm=45je4ah0v9125652790za200&_p=1729239713077&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=189152098.1729239714&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1729239713&sct=1&seg=0&dl=https%3A%2F%2Fwww.duboiscountyherald.com%2F&dt=duboiscountyherald.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1459
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-THV0ZYGM9S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
562 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-THV0ZYGM9S&cid=189152098.1729239714&gtm=45je4ah0v9125652790za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-THV0ZYGM9S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 9E7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-THV0ZYGM9S&gacid=189152098.1729239714&gtm=45je4ah0v9125652790za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=1873282644
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-THV0ZYGM9S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-THV0ZYGM9S&cid=189152098.1729239714&gtm=45je4ah0v9125652790za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685&tag_exp=101686685&z=1320233465
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 18 Oct 2024 08:21:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=duboiscountyherald.com&t=desktop&c=CA&r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-expose-headers
fs-client-rtt,fs-country
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 18 Oct 2024 08:21:54 GMT
expires
0
fs-client-rtt
17
fs-country
CA
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
/
optimise.net/ 		9 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=duboiscountyherald.com&t=desktop&c=CA&r=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
a8b44ca082827a3a6385aee2d83db4999df66c899456e950b68e2c6cdf95ad1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.duboiscountyherald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
0

Response headers

access-control-max-age
3600
access-control-expose-headers
fs-client-rtt,fs-country
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires
0
fs-client-rtt
16
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
fs-country
CA
collect
www.google-analytics.com/j/ 		1 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2003767619&t=pageview&_s=1&dl=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ul=en-ca&de=UTF-8&dt=duboiscountyherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1662774412&gjid=162752650&cid=189152098.1729239714&tid=UA-24711116-1&_gid=523826529.1729239714&_r=1&gtm=457e4ah0za200zb72758733&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685&jsscut=1&z=979983476
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:54 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.duboiscountyherald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
/
events3.bqstreamer.com/ 		0
388 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events3.bqstreamer.com/
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHO37o2kk5Sw8T6ms4FeCeD%2FzLGGJPqCyFxJ%2F7IO4DyOYrG0LqU45DCCe%2FKylV7rQoKodiSazzwD4R0iPQrDzKW3NzNISjJxIFHwVPXvkO5PIMMbwP1d25wdEDbYlW0UMccd9pvkej5mjqGToiDtrgTLpDk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d471e169d5da281-YUL
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain
vary
Accept-Encoding
server
cloudflare
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=8yKEYb_s1J43i9zk&instance=215217&version=production-5.0.166&age=241018&key=yFxaHa1K&seq=1&order=1&vIndex=0&absoluteTime=1655.1&relativeTime=78.9&cmd=PRE_INIT&canonical=https://www.duboiscountyherald.com/&EXTREF=https://www.duboiscountyherald.com/&REF=https://www.duboiscountyherald.com/
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-80-206.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

accept-ranges
bytes
content-length
26
date
Fri, 18 Oct 2024 08:21:54 GMT
etag
"1a-5b72883b37f80"
content-type
image/gif
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
data_read.php
embed.sendtonews.com/player4/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=8yKEYb_s1J43i9zk&instance=215217&version=STN-5.0.166&age=241018&type=FULL&EXTREF=https%3A%2F%2Fwww.duboiscountyherald.com%2F&REF=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ogSet=1&ESG_key=yFxaHa1K
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.162.125.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-109.iad61.r.cloudfront.net
Software
Apache /
Resource Hash
00af17ad0ecf7a975579a32695183bfd553947df658074d91bc826c7650602de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-cache
Miss from cloudfront
cache-control
max-age=1
content-encoding
gzip
via
1.1 185e69fae2e25450e587a1fae1f63962.cloudfront.net (CloudFront)
expires
Fri, 18 Oct 2024 08:21:55 GMT
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
content-length
1555
x-amz-cf-id
5M09AuTAhl61gBQrc75iZ7vlIEqLcoaPxvxT427EyhL6UUMw_EBZqQ==
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Apache
x-amz-cf-pop
IAD61-P3
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5MTD44X&v=3&t=t&pid=89852019&cv=55&rv=4ah0&tc=3&tag_exp=101686685&es=1&e=gtm.dom&eid=4&h=Ag&z=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 08:21:54 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
AGSKWxUzX3FaaKdAW2cUHpfnl7BTbnW9udmWdoED2W2dvgGW7qpIQjsODyDSCpA6mHDZkGpqqNS0Otb8BiGGvMgimZ78MThgQiIQCjcaxo3p1la8bdH3sIq00bc1WrMth0YIDdPeuA0ocQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUzX3FaaKdAW2cUHpfnl7BTbnW9udmWdoED2W2dvgGW7qpIQjsODyDSCpA6mHDZkGpqqNS0Otb8BiGGvMgimZ78MThgQiIQCjcaxo3p1la8bdH3sIq00bc1WrMth0YIDdPeuA0ocQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjM5NzE0LDQwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbS8iLG51bGwsW1s4LCJUeTBoZU1melgzcyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26faaae2d27c2858ea86473b08cde74b7708e6422426717fc1f0d49c2b13e1b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4JsWP8KOsfezTFsDb-ZrEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XAs2npiB5vAjN9vrzIqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJrqGZjHFxgAAFkPSvU"
content-security-policy
script-src 'report-sample' 'nonce-4JsWP8KOsfezTFsDb-ZrEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 0796 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f157.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1930
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29415
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 07:49:44 GMT
expires
Fri, 18 Oct 2024 08:39:44 GMT
last-modified
Mon, 14 Oct 2024 19:44:52 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:b400:a:e047:754:afe1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-amz-version-id
0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
ETag
"0537d8d06dd9dfbe911ad6bf6504f4bf"
Age
8060
Connection
keep-alive
Via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
3181
X-Amz-Cf-Id
snSFjL5zNAqJTrJtec-z4oV-x93PF_JNvY9bM5Lr1OLmeA_fP-iXTQ==
Date
Fri, 18 Oct 2024 06:07:35 GMT
Content-Type
text/javascript
Last-Modified
Wed, 31 Jul 2024 16:30:07 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD79-C1
x-amz-server-side-encryption
AES256
esp.js
cdn.id5-sync.com/api/1.0/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae33c40aa889646f2c2b3383d8be2cb2a29f4c84e27cc856536bf576dcd82f33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-amz-id-2
ZFdsmLDiL6YM+0Mb+Uu+J+48nLxU/uLlhyoURDhn2NtM1bSxrIZkXKyVE3qpXFaRaoSDg9qU0SQ=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"851c43b3dfc1b13c6814012a69b7a390"
age
2518
x-amz-request-id
C0JFJRT2SKKAMMJ0
cf-ray
8d471e177c1da2c0-YUL
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Sat, 19 Oct 2024 08:21:54 GMT
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
111126
x-goog-stored-content-encoding
gzip
expires
Fri, 17 Oct 2025 01:29:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Thu, 17 Oct 2024 01:29:48 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AHmUCY3saqH7HO1lKRFbvC78kpA_JH0PvbIRXrWazoiCaUx-lGTyRtoDAN_Zl2MozQIQSYG8BGo
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

etag
cd19e0900da0cdbc6697310fd9330fb6
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
x-cloud-trace-context
9a283256a96c30b36f7577084a3cd436
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.69.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-69-51.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"7db46e1255a018ecf02f47b2c19c26c4"
age
85608
via
1.1 345356dcab95fbdac024c4e78e835342.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
6gkeaG9bOgN026gD8iH4UKz3lGPgYJNzbTanloN3a16mgdr4pZ3Q2w==
date
Thu, 17 Oct 2024 08:35:07 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:40 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P6
x-amz-server-side-encryption
AES256
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age
19541
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230042-FRA, cache-yul1970040-YUL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
439
x-jsd-version
master
ob.js
cdn-ima.33across.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ce3644-43df"
age
126106
cf-ray
8d471e17de99ab9a-YYZ
expires
Mon, 21 Oct 2024 08:21:54 GMT
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/javascript
last-modified
Tue, 27 Aug 2024 20:25:40 GMT
vary
Accept-Encoding
server
cloudflare
ads
securepubads.g.doubleclick.net/gampad/ 		102 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3786016670823712&correlator=2445578031005955&eid=31084129%2C31087831%2C95344563%2C31086886&output=ldjh&gdfp_req=1&vrg=202410140101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=132916964%3A21798091349%2Cduboiscountyherald.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=2x1%2C1x1%2C1170x90%7C970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1729239714432&lmt=1729235106&adxs=799%2C800%2C132%2C1043&adys=0%2C1%2C256%2C387&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&vis=1&psz=1600x1%7C1600x1%7C1336x90%7C425x250&msz=1600x1%7C1600x1%7C1336x90%7C425x250&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&td=1&egid=41585&tan=5ef0f11a-04d6-462a-9f93-d392062f0e1b%2C5ef0f11a-04d6-462a-9f93-d392062f0e1c%2C5ef0f11a-04d6-462a-9f93-d392062f0e1d%2C5ef0f11a-04d6-462a-9f93-d392062f0e1e&tdf=2&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcY95Tg9akySABSAghkEhwKDWNyd2RjbnRybC5uZXQY95Tg9akySABSAghkEhkKCnVpZGFwaS5jb20Y9pTg9akySABSAghkEhQKBW9wZW54GPeU4PWpMkgAUgIIZBIbCgxpZDUtc3luYy5jb20Y95Tg9akySABSAghkEhsKDDMzYWNyb3NzLmNvbRj3lOD1qTJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y95Tg9akySABSAghkEhcKCHJ0YmhvdXNlGPeU4PWpMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729239712904&idt=719&prev_scp=pos%3Dimpact-top%7Cpos%3Dimpact-sticky-anchor%2Csticky-anchor%7Cpos%3Dbreakout-one%7Cpos%3Drectangle-one&cust_params=browser%3DChrome%26k%3Ddubois%2520county%2520herald%26page%3Dhomepage%252Capp-editorial&adks=23668659%2C3717240474%2C2514794258%2C609513926&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
dee2d220b1903ec202a92646013ee3d1998f8aaf3f9e4da59fca381703755b8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
google-lineitem-id
-2,6778442124,6798331113,-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2,138489001060,138492626931,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
28658
x-xss-protection
0
server
cafe
container.html
b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A5FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:54 GMT
expires
Fri, 18 Oct 2024 08:21:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=463751c9cb2c447f9b8faf6842c94c2d&rev_dt=1729239714455
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=463751c9cb2c447f9b8faf6842c94c2d&rev_dt=1729239714455
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d&bidder=154&bidder_uid=fa021524-d1e0-439e-90d9-c47da9b285c6&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d&bidder=154&bidder_uid=fa021524-d1e0-439e-90d9-c47da9b285c6&callback=dspCMCallback
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-rc-region
us-east-1a
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
90
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/javascript; charset=utf-8
server
envoy

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d&bidder=154&bidder_uid=fa021524-d1e0-439e-90d9-c47da9b285c6&callback=dspCMCallback
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:54 GMT
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftr...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftr...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUE0RTJFMkMtNzM0OC00MEQ3LUIxQjEtMzZCOTgyRjI5NDVE&gdpr=0&gdpr_consent=PM_CONSENT&google_cm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEM6CbGt7RF_vL5KfQyuZ1vI&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160835&pmc=1&pr=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D463751c9cb2c447f9b8faf6842c94c2d_2%...
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d_2&bidder=159&bidder_uid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d_2&bidder=159&bidder_uid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&callback=dspCMCallback
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-rc-region
us-east-1a
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
90
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript; charset=utf-8
server
envoy

Redirect headers

cache-control
no-store, no-cache, private
location
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d_2&bidder=159&bidder_uid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&callback=dspCMCallback
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Oct 2024 08:21:53 GMT
server
nginx
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1729239714455
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1729239714455
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=995d419d-f746-40ae-8fb8-99aab453f632&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fa021524-d1e0-439e-90d9-c47da9b285c6&ssp=revcontent
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=995d419d-f746-40ae-8fb8-99aab453f632&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=995d419d-f746-40ae-8fb8-99aab453f632&callback=dspCMCallback
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-rc-region
us-east-1a
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
90
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/javascript; charset=utf-8
server
envoy

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=995d419d-f746-40ae-8fb8-99aab453f632&callback=dspCMCallback
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:54 GMT
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftr...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftr...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTBCQkFDNTgtN0I1Ri00NUM0LTlBRUYtNEExNjYwMEFCNUQ2&gdpr=0&gdpr_consent=PM_CONSENT&google_cm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEBqHj8J9UyB8RIc-coc4KN0&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160835&pmc=1&pr=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D463751c9cb2c447f9b8faf6842c94c2d_2%...
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d_2&bidder=159&bidder_uid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d_2&bidder=159&bidder_uid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&callback=dspCMCallback
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-rc-region
us-east-1a
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
90
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript; charset=utf-8
server
envoy

Redirect headers

cache-control
no-store, no-cache, private
location
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=463751c9cb2c447f9b8faf6842c94c2d_2&bidder=159&bidder_uid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&callback=dspCMCallback
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Oct 2024 08:21:54 GMT
server
nginx
/
trends.revcontent.com/api/delivery/ 		10 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=280778&width=1600&rev_allow_cookies=1&site_url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&icr_url=&va=0&user_uuid=undefined&time=1729239714462&up=pc&bn=chrome&bv=129&widget_width=1336&style_id=0&an=false&mr=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash
f492d70b652982a7225e00dcd06cbd170c2fbfd1191bc1fc862b21f7f4b37076
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=931536000; includeSubDomains
x-rc-region
us-east-1a
content-encoding
gzip
x-envoy-upstream-service-time
24
access-control-allow-credentials
true
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
envoy
config.js
cdn.confiant-integrations.net/iYtKgOJzDhgYK7NVnh3GhPloz0U/gpt_and_prebid/ 		121 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/iYtKgOJzDhgYK7NVnh3GhPloz0U/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6b17d8fd2f78c26672db60fe93e748246cb8c5d362be74e83e86b3cbd6c6f81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"a636a0cb8b2352156730766d15734306"
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/javascript
last-modified
Fri, 18 Oct 2024 08:05:54 GMT
vary
Accept-Encoding
x-amz-id-2
fYb3/MDuAhprafSmtWCeWiN0n3ePx0i+o4zyA69vqXM5oIfd5Z5NQfwMNVW03u+am/cUQO7ebdrqy8Oo3RGIsg==
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
GF40JWEEF5JBZN0Z
cf-ray
8d471e185c6139c6-YYZ
accept-ranges
bytes
content-length
27635
server
cloudflare
x-amz-server-side-encryption
AES256
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c8f4a52d360f8b2769173956a94e5bfdd5daef3b4195d5763fb2e661cba83b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"329a26fdf4158808934392b89c06feff"
age
447
via
1.1 google
cf-ray
8d471e19e8bfa2b8-YUL
accept-ranges
bytes
content-length
19616
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 08:12:05 GMT
vary
Origin, Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://btloader.com/tag?h=freestar-io&upapi=true
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Vll%2BdhGaaG7sWlAkCe3yNAzgOxmCep03Lo166MS9jCyAjwa41tGDslQWARUaqPiAGZPWtHcrfmwh9WXBdxsyyVS2DXHjwf%2FlDPhqHIsh4l8x1D9Oo8g7T0%2BQKIsHY5cOmMTdHQGbWGW9zyZsuNFYlqNritm5tGMW4k0zg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d471e189d3da293-YUL
expires
Fri, 18 Oct 2024 09:21:54 GMT
content-length
167
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
apstag.js
c.amazon-adsystem.com/aax2/ 		324 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.44.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-44-103.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"907cbdd883935369790d45cc9bd9e8b7"
age
3542
via
1.1 6f1c32addde00f50ba0fcba618c903d6.cloudfront.net (CloudFront), 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Eu7-vvFJYFZuyO0wjBKg9l_3ifiiIyQaUq7MKUhn8-oAWStsDWQ-aQ==
date
Fri, 18 Oct 2024 07:22:53 GMT
content-type
application/javascript
last-modified
Wed, 28 Aug 2024 22:46:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P7, IAD89-C1
x-amz-server-side-encryption
AES256
hadron.js
cdn.hadronid.net/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=432000
content-encoding
br
cf-bgj
minify
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
5335
cf-cache-status
HIT
x-amz-request-id
4GNMNHQXA94JVW78
cf-ray
8d471e18b970a308-YUL
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
4d97a662ad
pb-rtd.ccgateway.net/v1.0/realtime/ 		387 B
735 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-rtd.ccgateway.net/v1.0/realtime/4d97a662ad?profile_id=5fcbd134-2276-46c7-8591-7d8cf11df5d6&url=https%253A%252F%252Fwww.duboiscountyherald.com%252F&context=true&audience=true&deal_ids=true&custom_taxonomy=true
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.200.182.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-182-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f540dcf7f143b9bda7f90339d888fafe0c568ffc9da621e80031db59565974a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=3600
etag
"387-8b88d56"
access-control-allow-credentials
true
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
387
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json; charset=utf-8
vary
Origin
edgekit.min.js
cdn.edkt.io/PV483g/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/PV483g/edgekit.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7688bed060dc05a30fd14e6e29a955ee015636fe8c9b9887b3255187e1bc1edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=hN1WWg==, md5=OltQLBgOXZCjEuc09sLDfQ==
etag
"3a5b502c180e5d90a312e734f6c2c37d"
age
62012
x-goog-stored-content-encoding
gzip
expires
Fri, 18 Oct 2024 15:08:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6718
date
Thu, 17 Oct 2024 15:08:22 GMT
last-modified
Fri, 11 Oct 2024 10:50:17 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY2ofQvuOLBSLJ8_DAkKz0OuZfMtODon50PrK8sFwK6slxlxXnNLOVk_81veuTzuZ5Rm2Hs9Au6ec0qWjOY
cache-control
public, max-age=86400,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1728643817986339
content-length
6718
server
UploadServer
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---&b=1&tp=k6YbczGlqu7Uc7hvfpHM3Z29yyGPWN%2BoXG%2B%2BDyYO0NI%3D
42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---&b=1&tp=k6YbczGlqu7Uc7hvfpHM3Z29yyGPWN%2BoXG%2B%2BDyYO0NI%3D
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---&b=1&tp=k6YbczGlqu7Uc7hvfpHM3Z29yyGPWN%2BoXG%2B%2BDyYO0NI%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Oct 2024 08:21:54 GMT
vary
origin
fed
ups.analytics.yahoo.com/ups/58657/ 		2 B
304 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=1---&url=https://www.duboiscountyherald.com/&pixelId=58657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:60:807::2 , United States, ASN14196 (YAHOO-CHA, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
age
0
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-ycpi
1
access-control-allow-origin
https://www.duboiscountyherald.com
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Fri, 18 Oct 2024 08:21:54 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Origin
server
ATS
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.duboiscountyherald.com&gdpr=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36cd619ac68a4a39eb1be94925967f014d1e7dc4a679f6dc86807416c2ae930

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8d471e189f0ba2c2-YUL
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		194 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.duboiscountyherald.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/did-0047/ 		378 B
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0047/any?duid=9773e70d4767--01jafbg2p3hf013mcm2pv1ddw0&us_privacy=1---&gdpr=0&did=did-0047&cd=.duboiscountyherald.com&pu=https%3A%2F%2Fwww.duboiscountyherald.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.239.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-239-21.compute-1.amazonaws.com
Software
/
Resource Hash
8486a8c91bf1e29267549f75e62dd4bff529c81b45115d4791f017f804f78307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=86399, private
trace-id
a1c656d384088804
request-time
4
access-control-allow-credentials
true
expires
Sat, 19 Oct 2024 08:21:54 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
378
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain; charset=UTF-8
vary
Origin
rid
match.adsrvr.org/track/ 		109 B
573 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
853847d0b3a8871826db74ead91dc4c47f5bd5873b54e0f5f655da0b0dd9c7a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sun, 17 Nov 2024 08:21:54 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---&b=1&tp=an3xPZ6ETYQzh4VBROq%2B4oa%2FOnQJlXaJkBD%2F2tLj9Zs%3D
42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---&b=1&tp=an3xPZ6ETYQzh4VBROq%2B4oa%2FOnQJlXaJkBD%2F2tLj9Zs%3D
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.84&coppa=0&us_privacy=1---&b=1&tp=an3xPZ6ETYQzh4VBROq%2B4oa%2FOnQJlXaJkBD%2F2tLj9Zs%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Oct 2024 08:21:54 GMT
vary
origin
fed
ups.analytics.yahoo.com/ups/58657/ 		2 B
43 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=1---&url=https://www.duboiscountyherald.com/&pixelId=58657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:60:807::2 , United States, ASN14196 (YAHOO-CHA, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
age
0
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-ycpi
1
access-control-allow-origin
https://www.duboiscountyherald.com
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Fri, 18 Oct 2024 08:21:54 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Origin
server
ATS
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.duboiscountyherald.com&gdpr=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36cd619ac68a4a39eb1be94925967f014d1e7dc4a679f6dc86807416c2ae930

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8d471e18bf20a2c2-YUL
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		194 B
675 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.duboiscountyherald.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
any
idx.liadm.com/idex/did-0047/ 		378 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0047/any?duid=9773e70d4767--01jafbg2p3hf013mcm2pv1ddw0&us_privacy=1---&gdpr=0&did=did-0047&cd=.duboiscountyherald.com&pu=https%3A%2F%2Fwww.duboiscountyherald.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.239.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-239-21.compute-1.amazonaws.com
Software
/
Resource Hash
8486a8c91bf1e29267549f75e62dd4bff529c81b45115d4791f017f804f78307

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=86399, private
trace-id
a1c656d384088804
request-time
4
access-control-allow-credentials
true
expires
Sat, 19 Oct 2024 08:21:54 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
378
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain; charset=UTF-8
vary
Origin
rid
match.adsrvr.org/track/ 		109 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
853847d0b3a8871826db74ead91dc4c47f5bd5873b54e0f5f655da0b0dd9c7a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sun, 17 Nov 2024 08:21:54 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
quant.js
secure.quantserve.com/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"HP/dXILNCv8vRT01LqWQOg=="
expires
Fri, 25 Oct 2024 08:21:54 GMT
accept-ranges
bytes
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
application/javascript
vary
Accept-Encoding
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
cf-cache-status
HIT
etag
W/"326d6cbd977657e1205bd616d1f2faca"
age
2986
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Fri, 18 Oct 2024 09:21:54 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1193
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY13qmfSkKat0jiGzF-dgNCoHsTkNCpEOsdbre_EMaH5hQ2F3DgnQoEjIov8B0WMYanRHx3d_wGxIg
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d471e180deaa23b-YYZ
access-control-allow-origin
*
x-goog-generation
1599584677716817
server
cloudflare
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		10 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
713ce628535c66ef3e3439611569fed5dbda355deca4884062f1109542c86fff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
Ywu_LJJbtO2GMm2l0tbgOcwiBaPgllWG
etag
W/"9d9b54da8961b1f0e311daa4c7c6289c"
age
8151
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
uRdR-LMItuSrAG8vst3PMC-jCPfqkShhD7Bg7ji2Vk8IuLr3vOS4Qg==
date
Fri, 18 Oct 2024 06:06:04 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 25 Jul 2024 16:07:23 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
freestar_close_button.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/freestar_close_button.svg
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=xUDeFg==, md5=1OG2/3P8Bvg2SBLmidtA+g==
cf-cache-status
HIT
etag
W/"d4e1b6ff73fc06f8364812e689db40fa"
age
2986
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Fri, 18 Oct 2024 09:21:54 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1211
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
image/svg+xml
last-modified
Wed, 04 Sep 2024 08:16:13 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0uiRop5XOlygERQR-X9piLjo6ZJlpv3iUVYJANQRaYgDfUmc-0ijgZVf8kjtozl50L8HFdsLp20Q
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d471e180df3a23b-YYZ
access-control-allow-origin
*
x-goog-generation
1725437773526766
server
cloudflare
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Oct 2024 08:21:54 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4ah0v887101457z8861227858za200zb861227858&_p=1729239713077&_gaz=1&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101686685&cid=189152098.1729239714&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dt=duboiscountyherald.com&dl=https%3A%2F%2Fwww.duboiscountyherald.com%2F&sid=1729239714&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&epn.townnews_crm_group_id=49&ep.generator=BLOX&ep.generator_version=1.82.1&tfd=2060
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=189152098.1729239714&gtm=45je4ah0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&frm=0&tag_exp=101686685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame B049 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=189152098.1729239714&gtm=45je4ah0v887101457z8861227858za200zb861227858&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=1078557306
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=189152098.1729239714&gtm=45je4ah0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&frm=0&tag_exp=101686685&tag_exp=101686685&z=699603353
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 18 Oct 2024 08:21:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
582ae7eab3fb90b4faa0834c13963c08a14373bd307b5043376ce887235c8ba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
index.php
playlist.stnvideo.com/player/data/ 		33 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://playlist.stnvideo.com/player/data/index.php?cmd=loadInitial&session=8yKEYb_s1J43i9zk&instance=298215217&version=STN-5.0.166&age=241018&type=FULL&EXTREF=https%3A%2F%2Fwww.duboiscountyherald.com%2F&REF=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ogSet=1&ESG_key=yFxaHa1K
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.205.224.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-224-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
acbd13bfb0b70324d3f179aea1653b8b315361b683bc26c60e8c7ac6e513d503

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-origin
*
content-length
5215
content-encoding
gzip
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Apache
google-topics-api.20240909-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/google-topics-api.20240909-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/townnews-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59f51b4dbe0d027dca11c8ff9018a05a03d442698f9cbd07ea17356763a32176

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
etag
"8ef876a073fe80373d6c480e20cb8a4d"
x-amz-version-id
LX8w0DqtzaNpquvyA0rgMFdMwWOB63ww
age
2063367
x-cache
HIT
date
Fri, 18 Oct 2024 08:21:54 GMT
last-modified
Mon, 16 Sep 2024 13:23:10 GMT
x-served-by
cache-yul1970071-YUL
x-cache-hits
96
content-type
application/javascript; charset=utf-8
x-amz-id-2
rsOIWrCFPSDQsO/lNVr+CeoG9NsGEs524DXlGfdSxnr9XhT+zZMmmLMgbMwOsUcchLsREmR3Ppk=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=2629743
x-timer
S1729239715.735222,VS0,VE0
via
1.1 varnish
x-amz-request-id
26RP21QJTXXC6PDY
accept-ranges
bytes
access-control-allow-origin
*
abp
18
content-length
1057
server
AmazonS3
x-amz-server-side-encryption
AES256
sync
gum.criteo.com/ 		46 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240909-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
283883
expires
60
date
Fri, 18 Oct 2024 08:21:53 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
page_load
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		59 B
229 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.200.182.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-182-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
5ca0c95977e71167dd5eb84cec5a22eac0f8c2e1b1174e357dee1bf081fa5056

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-origin
https://www.duboiscountyherald.com
content-length
59
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
page_load
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.200.182.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-182-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-max-age
86400
date
Fri, 18 Oct 2024 08:21:55 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
bframe
www.google.com/recaptcha/enterprise/ Frame 56CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nKJmpCPPKoekiw9oL-cYOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nKJmpCPPKoekiw9oL-cYOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5MTD44X&v=3&t=t&pid=89852019&cv=55&rv=4ah0&tc=3&tag_exp=101686685&e=gtag.config&eid=3&u=AgAAAAAAAAAAAAAI&h=Ag&z=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 08:21:54 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
bframe
www.google.com/recaptcha/enterprise/ Frame FFBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zXxlKJV8if8xB0jj7mSPwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-zXxlKJV8if8xB0jj7mSPwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
bframe
www.google.com/recaptcha/enterprise/ Frame 5D3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LdvF8kSAAAAAHtjCXotWkt5byjdinh-RPyWTH5J
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dzNrD7K9EN8GsrOH5bqP_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dzNrD7K9EN8GsrOH5bqP_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
hadronid
id.hadron.ad.gt/api/v1/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8d471e1a9e10a302-YUL
access-control-allow-origin
*
content-length
55794
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
Content-Type; text/javascript; charset=UTF-8
server
cloudflare
access-control-allow-headers
authorization,content-type
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=931536000; includeSubDomains
x-rc-region
us-east-1a
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
vary
Origin
server
envoy
defaultWidget~feedWidget.fc0759b5.delivery.js
assets.revcontent.com/master/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.fc0759b5.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-81.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c42fe8b25d562fb8a997b6b46e32c6d95d0c8d541e5a801b630b2f846fabf38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
public,max-age=60
content-encoding
gzip
etag
W/"fd80945f9733ec4f10d317a3124a1d4e"
age
7579
via
1.1 8d6d65c40f49b96d1f700720137be26a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
FUsCcuazqypNT-9gVNpu1Dg-Y1Xemmbz_CJEQeV-bkmzbVAILzuw_Q==
date
Fri, 18 Oct 2024 06:22:34 GMT
content-type
text/javascript
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
defaultWidget.fc0759b5.delivery.js
assets.revcontent.com/master/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.fc0759b5.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-81.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fa5deb87fcd2378185227321ae20ce283f190455da484428fe964250e7bce59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
public,max-age=60
content-encoding
br
etag
W/"73256e1256a6260b764c62fe4a204400"
age
70363
via
1.1 8d6d65c40f49b96d1f700720137be26a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
mD_u6KRvKQFKDNxZnXxxVj0jm_8XhmNnnY-emR2Sdh6QUg75ZGpUPw==
date
Thu, 17 Oct 2024 12:49:12 GMT
content-type
text/javascript
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
dbc.fc0759b5.delivery.js
assets.revcontent.com/master/ 		83 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/dbc.fc0759b5.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-81.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
822f9fa3c8c128f02bebc611190f23ed8533263b92395e92161dee61578450fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
public,max-age=60
content-encoding
gzip
etag
W/"ffd9c06a0a88cc22bc5db05ec175ed91"
age
1330
via
1.1 8d6d65c40f49b96d1f700720137be26a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
TV0xZ_9LoSz1hd9TGGt3RmyvdpXcah5bsYIiaD1RtMPhhHEj3_JoZA==
date
Fri, 18 Oct 2024 07:59:44 GMT
content-type
text/javascript
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
increment
id5-sync.com/api/esp/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:54 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
tsub-middleware.bundle.c0f5511a001f780f591f.js
cdn.segment.com/analytics-next/bundles/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.c0f5511a001f780f591f.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"f7b3d2021df83853b191aefa39a74b15"
x-amz-version-id
EQDrSFOFyelI4PsWTOH4DKByMTXk3P9P
age
7160364
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
8hQHrE8EGw0JdWqbMKAIDWGFVD_XWkfSDGq8yK7jzy27Pt9HyHPt2A==
date
Sat, 27 Jul 2024 11:22:31 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 26 Jul 2024 21:05:36 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202410080955/ 		301 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202410080955/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/iYtKgOJzDhgYK7NVnh3GhPloz0U/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b031c3238b017ab0fd84b1d17c33de4892a4deaa5e6002a071feebdf98719c60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"60462d29cf50606cdda8d5057fd4de28"
age
122176
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 08 Oct 2024 14:01:56 GMT
vary
Accept-Encoding
x-amz-id-2
WlAY8248/TIFf/9jTPrfmq5p7/l6lKuXxhbHHTy/45ei7DEJxMp2+b3iQySXUCZ4RqpBmFPQs/Y=
cache-control
public, max-age=31536000
x-amz-request-id
ZRVB3SVHWZ477P4X
cf-ray
8d471e1acd7539c6-YYZ
accept-ranges
bytes
content-length
109298
server
cloudflare
x-amz-server-side-encryption
AES256
view
securepubads.g.doubleclick.net/pcs/ Frame 8329 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc9vr8BOht30GZQehNr2_8aq5moyOr2N8SsJD-1W7YOv_RioCvQO6-PkeoN_q7qdAuo8UmpXRHhl-1wbSjh0JhTYOzLffHkPG_asEzw_Dp4WWVCCYzSxAdKByEoJufP4FlzAN_XP4TUCV1BiSbhxDLeWzvcjZdg4dMAbq7ftwjfH4buO5AFf1YinoNRTjSv-FTV7oUgl-FP2BnjzSRbDhNtJvebmplv_vEs376AhFRyArBnzz5bmljJioFYxJy9TDH8pHwGY_wjV2nNdoDMrtcXtZF-XWsYxdKLM-Q0YscCyIttC2z2oz70AyGHTgjnTcv0zIRRvzwGfowTmhxFvKUlKuJ6O582ulZlpNrbryFmJEI2_G8ABNDQsdjScxf4iJevmfoww3KQ4cVL4xILBznhu8lgEB3Ar1N_2fQatQy_MjdUGpaTbF4&sai=AMfl-YTjs0BM8cl-RcqG5cKyfj9sD9AHoQJJ8y1s8gTUwY-L3FLoH8YQDXXfznnDk5D9m4PhKm46hwAwSz_BgMHaGUuIP-ughWoOgVIBKFV3t-SyCIo0vIQP56oKChLB&sig=Cg0ArKJSzG9GQSj9uZJ2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
infolinks_main.js
resources.infolinks.com/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3187c1fba1eb947a579e0d918a350e7e547dff2b3ed769089ae9d69aa647f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"114b-6246c4250a57a"
age
2164
via
1.1 google
cf-ray
8d471e1b9e5b3a02-YYZ
expires
Fri, 18 Oct 2024 08:45:51 GMT
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 09:14:07 GMT
vary
Accept-Encoding
server
cloudflare
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8329 		207 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
594d9c552959444dbb837cc05d990f6bfeafdbee7c69f0e660e8765f3a764352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
etag
17824739513797649852
age
2545
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:39:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 18 Oct 2024 07:39:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65271
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame E22D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk1rszM9sTPloU6MGQFi8ZehuUAWARavBcROk9YobXnpuuMe0rhptTCESM7RFD6y85I1wkfFL8Q74tJYVzz4U8a29oZcldlY7GATCfvLBi6m3uTK69o-qy7VNiZE5S72aMphp198H9osZDCeWuVdmPWZCrZyHSKMBWsIIg3vERKHZZcqcq39SGXb_58CnvdYTVKtcAX9Ip5wCbD_1UFSz2NyRtJI63mIYrP4oy3YEhYQ0j1u2qRm76iNCp2V1qzJiE2jzqEWnD88eNCrJMaZkWAATjic-KUqEmem42V5YxbrVwFscmxhouJwl-rrm5TqUQ9ZND8o06F40NPvw9DHoPTLstSumBKheBT0i276wQvuAKWJyYdd5FuJVzUSvR9-h-nUENponeHKV12tSdKs_zELzn5JyiIIMV4WXbYjDwNUw8L8TLzEDWa7z8aUfeG9pGa4_SDQ&sai=AMfl-YT9NDV_ykzQQODtn1CzIdLu-tj7gDYSifTEV1HkZrRBhvMqyNG1C2ypjeSFjGL00XKT6jabc1pQWHjJfvYwPoU5rkEZAS82HYpWJafWTsz_VJQkkovKePIBFKBb&sig=Cg0ArKJSzMGjqek7RdoZEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241014/r20110914/ Frame E22D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241014/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1614281ea3ceb097071b78b590af2c261515d1454ce40d35d256fc6399a95ba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
etag
15243461546475837925
age
2132
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 07:46:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 18 Oct 2024 07:46:23 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9338
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241014/r20110914/client/ Frame E22D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241014/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
etag
16544991220582087243
age
78037
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:41:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 17 Oct 2024 10:41:18 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1229
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E22D 		207 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
594d9c552959444dbb837cc05d990f6bfeafdbee7c69f0e660e8765f3a764352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
etag
17824739513797649852
age
2545
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:39:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 18 Oct 2024 07:39:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65271
x-xss-protection
0
server
cafe
17546734059605907738
tpc.googlesyndication.com/simgad/ Frame E22D 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17546734059605907738
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d0a15496b63bad78a982af762d4cb976591df27c3f55a35b81f2cf012c68c8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 08:21:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/jpeg
last-modified
Fri, 11 Oct 2024 16:44:13 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
16576
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame E22D 		0
0
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.duboiscountyherald.com&url=https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8d471e1b1807a2c2-YUL
content-length
0
content-type
application/json
date
Fri, 18 Oct 2024 08:21:55 GMT
debug
OPTIONS block
expires
Sat, 18 Oct 2025 08:21:55 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		132 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.duboiscountyherald.com&url=https://www.duboiscountyherald.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b1e9214d922711300867289147423ef37971b56cdc02071b9ad61d510f6807

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8d471e1b581da2c2-YUL
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
authorization,content-type
truncated
/ Frame E22D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d15ce96dc8f5d42aad87918ecb4ec78855f628d4156841e2c2cb2e903e686f53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 6CC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240909-4-RELEASE.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

abp
82
accept-ranges
bytes
access-control-allow-origin
*
age
82370
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Fri, 18 Oct 2024 08:21:55 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
D/7dis+6wowFsTN+CI3Uqf/HnlTTlVtyfSVcfbTitPdTtKnLVxt4Ll8HFm3TmNRpvFpB4LLmoqs=
x-amz-replication-status
COMPLETED
x-amz-request-id
J0B4BSH0QXAG1N04
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
155009
x-served-by
cache-yul1970060-YUL
x-timer
S1729239715.141572,VS0,VE0
map
bcp.crwdcntrl.net/6/ 		156 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.16.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-16-88.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
138d216289f8d25f704a205e095641e8d7d35d8969c9715ca2aa12f0e5f9db9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
156
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=utf-8
x-server
10.40.6.165
server
Jetty(9.4.38.v20210224)
topics_frame.html
pa.openx.net/ Frame 6BF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Fri, 18 Oct 2024 07:49:26 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AHmUCY3xLdDAQS2udpRiadwVX1p8XSD_OubBn0vnj6hP4FsL-t61lvhlyTeSRdIYqYPFsk9AuDMbmzXIvg
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame D2D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=167439
content-encoding
gzip
content-length
859
content-type
text/html
date
Fri, 18 Oct 2024 08:21:55 GMT
expires
Sun, 20 Oct 2024 06:52:34 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8d471e1c3e9ca2c4-YUL
date
Fri, 18 Oct 2024 08:21:55 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
cookie_sync
s2s.t13.io/ 		2 KB
692 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
1e5dab303d673be1b0f33eb5acf16ac43171f0485cf2f61d9c4ddf7edfe4fc87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
632
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
vary
origin
auction
s2s.t13.io/openrtb2/ 		803 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
a5e74d8eb52b6e89770ca5475be55109410943032a9a543f037d6554b5264158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
371
date
Fri, 18 Oct 2024 08:21:55 GMT
x-prebid
pbs-java/3.8.0
content-type
application/json
vary
origin
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.84&referrer=https%3A%2F%2Fwww.duboiscountyherald.com%2F&tmax=789&gdpr=false&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.121.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-121-246.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
prebid
ads.yieldmo.com/exchange/ 		0
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.49.84&p=%5B%7B%22placement_id%22%3A%22duboiscountyherald.com_adhesion%22%2C%22callback_id%22%3A%22619d3d31b6486a%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B320%2C100%5D%2C%5B300%2C100%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222746532846804869731%22%2C%22gpid%22%3A%22%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%2Fduboiscountyherald.com_adhesion%22%2C%22tid%22%3A%22ec22bb46-4d34-443a-a4fe-e32cb0acd70b%22%2C%22auctionId%22%3A%2288609260-5df4-4043-85b5-1e36ba1a565b%22%7D%5D&page_url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&bust=1729239715093&dnt=false&description=&tmax=789&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=duboiscountyherald.com&w=1600&h=1200&pubcid=2d761e39-1679-4949-9afd-b497ce6473c2&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22714%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222d761e39-1679-4949-9afd-b497ce6473c2%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.79.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-79-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
access-control-request-headers
Cache-Control, Pragma
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
hb-multi
hb.yellowblue.io/ 		82 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.112.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-112-81.iad55.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6177891b54e6c434fb17acdb8849f1287bc44fa78c0574fc7dd5f27701001acb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 f28664317eb9628b30397afa3d6b821c.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.duboiscountyherald.com
x-cache
Miss from cloudfront
content-length
107
x-amz-cf-id
k_v6IRhnptF3JR7qOFSxUgB3Vhe5eBzn5vcdVkUkx7Mh3zGUSxeYig==
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
x-amz-cf-pop
IAD55-P8
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
translator
hbopenbid.pubmatic.com/ 		0
121 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
access-control-allow-credentials
true
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.223.146.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-origin
https://www.duboiscountyherald.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.84&lt=1729239715102&to=420&aun=duboiscountyherald.com_adhesion&pubcid=2d761e39-1679-4949-9afd-b497ce6473c2&gpid=%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%2Fduboiscountyherald.com_adhesion&maxw=970&maxh=90&si=441111&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&gdprApplies=0&uspConsent=1---&schain=1.0%2C1!freestar.com%2C714%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.84%22%7D&ogu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.243.15 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.243.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a7f6b38520afdaf523b4675624f43b2061608570147ccb2ecb84f0b01ad37e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
1288
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.84&lt=1729239715103&to=420&aun=duboiscountyherald.com_adhesion&pubcid=2d761e39-1679-4949-9afd-b497ce6473c2&gpid=%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%2Fduboiscountyherald.com_adhesion&maxw=970&maxh=90&si=441110&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&gdprApplies=0&uspConsent=1---&schain=1.0%2C1!freestar.com%2C714%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.84%22%7D&ogu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.243.15 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.243.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
07a58916b7e098531acaad0d1b7dd30d6467bd60a89342b620ed7cbf243e84a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
1288
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.84&lt=1729239715103&to=420&aun=duboiscountyherald.com_adhesion&pubcid=2d761e39-1679-4949-9afd-b497ce6473c2&gpid=%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%2Fduboiscountyherald.com_adhesion&maxw=970&maxh=90&si=441112&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&gdprApplies=0&uspConsent=1---&schain=1.0%2C1!freestar.com%2C714%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.84%22%7D&ogu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.243.15 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.243.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
73e69119dff6e5e9ba8a41c36deb9f82b76746c5fb633bb9bda41a23e36ca7f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
1288
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.84&lt=1729239715103&to=420&aun=duboiscountyherald.com_adhesion&pubcid=2d761e39-1679-4949-9afd-b497ce6473c2&gpid=%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%2Fduboiscountyherald.com_adhesion&maxw=970&maxh=90&si=441115&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&gdprApplies=0&uspConsent=1---&schain=1.0%2C1!freestar.com%2C714%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.84%22%7D&ogu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.243.15 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.243.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
410b9f73378ef95e5f0445a55c3d1f27283551f58e49b75e0c48e04093d93ec4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
1288
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.84&lt=1729239715103&to=420&aun=duboiscountyherald.com_adhesion&pubcid=2d761e39-1679-4949-9afd-b497ce6473c2&gpid=%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%2Fduboiscountyherald.com_adhesion&t=fclmwi7u&pi=2&gdprApplies=0&uspConsent=1---&schain=1.0%2C1!freestar.com%2C714%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.84%22%7D&ogu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.243.15 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.243.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f1c2496713e9e56aadaedde5e9d69288bb139e892693f3220c783702a1f040c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
1288
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
server
nginx
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ef64cdfac933f98966c76628f415581e236053bfcb0792213181dc92a5c6d379

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
132
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Fri, 18 Oct 2024 08:21:55 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=utf-8
server
envoy
fastlane.json
fastlane.rubiconproject.com/a/api/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=499576&zone_id=2978004&size_id=2&alt_size_ids=1%2C19%2C43%2C44%2C55%2C117%2C221&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.com,714,1,,,&eid_pubcid.org=2d761e39-1679-4949-9afd-b497ce6473c2%5E1&rf=https%3A%2F%2Fwww.duboiscountyherald.com%2F&kw=duboiscountyherald&tg_v.id=a6819c50-564a-45c3-9710-074ccfd02083&tg_i.domain=duboiscountyherald.com&tg_i.page=https%3A%2F%2Fwww.duboiscountyherald.com%2F&tg_i.name=duboiscountyherald-com&tg_i.cat=IAB12%2CIAB12-3&tg_i.sectioncat=IAB12%2CIAB12-3&tg_i.pagecat=IAB12%2CIAB12-3&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=2455&tg_i.fs_ad_product=stickyFooter&tg_i.pbadslot=%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%2Fduboiscountyherald.com_adhesion&tk_flint=pbjs_lite_v8.49.84&x_source.tid=88609260-5df4-4043-85b5-1e36ba1a565b&l_pb_bid_id=2750c45b2b747c4&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ec22bb46-4d34-443a-a4fe-e32cb0acd70b&rp_maxbids=1&p_gpid=%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%2Fduboiscountyherald.com_adhesion&m_ch_mobile=%3F0&slots=1&rand=0.7318235370683435
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
969799904ae418afef0d790aa314c1c9019fb24d126838bc3e9e446497a70cb9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
prebidjs
rtb.openx.net/openrtbb/ 		53 B
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d1552b07d4473cee5e8e3ae4b73396a290163ec0a6cf7fdff3b834be58199143

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-forwarded-for
167.114.209.103
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Fri, 18 Oct 2024 08:21:54 GMT
content-type
text/plain
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.203.46.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-203-46-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.203.46.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-203-46-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.203.46.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-203-46-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		822 B
826 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.203.46.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-203-46-172.compute-1.amazonaws.com
Software
/
Resource Hash
5ade9f337afb1875282b454c0eddd03002f73bf896720fd6c94655efaf87dfab
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.duboiscountyherald.com
content-encoding
gzip
content-length
454
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.203.46.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-203-46-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.203.46.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-203-46-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-allow-credentials
true
openrtb
ex.ingage.tech/v1/ 		69 B
508 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024953d5b3f91b8a77e7863042b2e5d568797cbcd71b76bcb0327209c0f4effc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8d471e1cbf82a2c0-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
cdb
bidder.criteo.com/ 		0
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.84&cb=65574275504&lsavail=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:54 GMT
vary
Origin
server
Kestrel
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
698 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3324d9eba0ea376623dbb84d4e38cd488b3abf0c591bd89f2eda696d98b25457

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ee1OX7XHEhA4NUMLwURb3SUcZRxEPKzxgKdiBtfWHIy89a8jpcV6ydEmiayJP277kWG3P7yyIxoMsrBsWA%2FeRQtfMhJWQvNcDQz8n0haUV4ckaKYPIx5Y9wdPfK3jLtiWK64%2B%2B%2BV"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8d471e1c287d53f5-YYZ
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
37
server
cloudflare
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1729239715141&did=did-0047&se=e30&duid=9773e70d4767--01jafbg2p3hf013mcm2pv1ddw0&tv=8.49.84&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&us_privacy=1---&wpn=prebid&gd...
  • https://rp4.liadm.com/j?dtstmp=1729239715141&did=did-0047&se=e30&duid=9773e70d4767--01jafbg2p3hf013mcm2pv1ddw0&tv=8.49.84&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&us_privacy=1---&wpn=prebid&g...
13 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1729239715141&did=did-0047&se=e30&duid=9773e70d4767--01jafbg2p3hf013mcm2pv1ddw0&tv=8.49.84&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&us_privacy=1---&wpn=prebid&gdpr=0&cd=.duboiscountyherald.com&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjY%3D
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
3.90.118.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-118-198.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-pixel-event-id
4d60f09b-7e5c-4683-abc4-4f00e620f269
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
null
content-length
13
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json

Redirect headers

access-control-allow-origin
https://www.duboiscountyherald.com
location
https://rp4.liadm.com/j?dtstmp=1729239715141&did=did-0047&se=e30&duid=9773e70d4767--01jafbg2p3hf013mcm2pv1ddw0&tv=8.49.84&pu=https%3A%2F%2Fwww.duboiscountyherald.com%2F&us_privacy=1---&wpn=prebid&gdpr=0&cd=.duboiscountyherald.com&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjY%3D
content-length
0
access-control-expose-headers
*
date
Fri, 18 Oct 2024 08:21:55 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
age
3198
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
DMI7FXsvBEP1aHOEcgyhpx1qUMcgiipNZOxMJCF-bpN80XPtX5IW5Q==
date
Fri, 18 Oct 2024 07:28:38 GMT
content-type
application/javascript
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
vary
Accept-Encoding
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 db72f6ab1d9d27534c6158ca17e3af1c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD89-C3
server
AmazonS3
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
582ae7eab3fb90b4faa0834c13963c08a14373bd307b5043376ce887235c8ba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
0ab198dd-b265-462a-ae36-74e163ad6159
config.aps.amazon-adsystem.com/configs/ 		563 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
ee5ebc2e5e093ee9ea3485ae13632e54bba29b488b7956923112de35efe7ded4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=3600
age
1136
via
1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
YvAX5qeSFN0A7jq2UHHgh1UASJAJ7zP0paPa6Q0v6XPQWFz1STG9PQ==
date
Fri, 18 Oct 2024 08:02:59 GMT
content-type
application/javascript
x-amz-cf-pop
IAD12-P3
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.duboiscountyherald.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.44.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-44-103.iad89.r.cloudfront.net
Software
Server /
Resource Hash
3cc3e7477f9c8eef291c048ee6e8e4e15d57a4b95c315089e072ef1dd190fb2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.duboiscountyherald.com
x-cache
Miss from cloudfront
content-length
2865
x-amz-cf-id
gCbNOxQjxnEwR8WkU4KmBGcJAdkSWif-mfWX7-QiErN5XtzN_BmOMQ==
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
IAD89-C1
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		301 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.duboiscountyherald.com%2F&pid=hQITU5fW6ecD8&cb=0&ws=1600x1200&v=24.827.1552&t=789&slots=%5B%7B%22sd%22%3A%22duboiscountyherald.com_adhesion%22%2C%22s%22%3A%5B%221x1%22%2C%22300x50%22%2C%22320x50%22%2C%22468x60%22%2C%22728x90%22%2C%22970x90%22%2C%22300x100%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C714%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&sm=728a9ec3-dad4-495b-b56a-cf612240f120&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.98.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-98-152.iad55.r.cloudfront.net
Software
Server /
Resource Hash
f06c6acc0cf58f1717574c103487b299ab0db5698e09d6bf8928525c5cdd4c34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 6f1c32addde00f50ba0fcba618c903d6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.duboiscountyherald.com
x-cache
Miss from cloudfront
content-length
245
x-amz-cf-id
uHqzSrtPvLqjWCM3XdmYFplVHQ36bvZhBLe0ePx8LVduMW44r7dZLQ==
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
IAD55-P7
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.44.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-44-103.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
age
21689
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
fHuTz71sjkWyk9u1hZftCuBEuhP7QpZ-Up4iJOxyom5O6fT9khqkqw==
date
Fri, 18 Oct 2024 02:20:27 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD89-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
298 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
297 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
websiteconfig
btloader.com/ 		873 B
713 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=duboiscountyherald.com
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728a3903df5972b6da9ddb35e987a0cf2e16e8165efa4be4a68317d7aa0ec9f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
MISS
etag
"379dc64eff0a6a06cf555892d8a41fc3"
via
1.1 google
cf-ray
8d471e1c4cc47142-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
434
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
last-modified
Fri, 18 Oct 2024 08:21:55 GMT
vary
Origin, Accept-Encoding
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
135026
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4UFxj4VSru3PvbjD50ysOP2Y%2F8va1e3w8XFNFNk%2FX%2F3RCQn0Y7wrHcf2PM4BVVGvmr33jc6ecR23I1Ma0MZmvg6P2spUKeBwzZXKBPnN%2F6py9nhPRwQqDunxzfy408La0q6W9Ly8TNtXJ1mKgg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 16 Oct 2024 18:56:46 GMT
x-goog-stored-content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3ziI6X1-Yqz1xs7lX5k1u2PzBbANE3_YEp26KPLZOLXBoJ4yhR-PWo-IFi821Ehpi0wKf01SxWtQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d471e1c5f8d713c-YUL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
age
4634
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sat, 19 Oct 2024 07:04:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 07:04:41 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.48459586304958746
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
135026
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbl0hutR9xzUz4Yqt0THuqQF2tawcn4ce6xn05iq9htLM2%2FsoibEoXfwgzgG3oXFPKt4kuo43OxIs4GJafqHk2HD6XYRx6unfJbIlikVAPIhZWeHj6UnItALA8WqJcgFjAMHonSwM5Qcd%2F4pXw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 16 Oct 2024 18:56:46 GMT
x-goog-stored-content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3ziI6X1-Yqz1xs7lX5k1u2PzBbANE3_YEp26KPLZOLXBoJ4yhR-PWo-IFi821Ehpi0wKf01SxWtQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d471e1c5f8e713c-YUL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
474
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47724997a6404b23b52ef610f5ad268f688711585dc12b9538bd3618061fd7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
9
cross-origin-resource-policy
cross-origin
cf-ray
8d471e1ccb26a254-YUL
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 08:20:22 GMT
vary
Accept-Encoding
server
cloudflare
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Fri, 18 Oct 2024 08:36:55 GMT
accept-ranges
bytes
content-length
17407
date
Fri, 18 Oct 2024 08:21:55 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.69.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-69-51.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"ad78eaf46246cac6849005eb8b50ae6f"
age
85609
via
1.1 345356dcab95fbdac024c4e78e835342.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
RPo-WHeNH7pGOw3crDsJYOHypvfj2YYg_THQ8z4k-ang5mGpy7ux_A==
date
Thu, 17 Oct 2024 08:35:07 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:23 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P6
x-amz-server-side-encryption
AES256
ima.js
cdn-ima.33across.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ce363e-403e"
age
203542
cf-ray
8d471e1c5845ab9a-YYZ
expires
Mon, 21 Oct 2024 08:21:55 GMT
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript
last-modified
Tue, 27 Aug 2024 20:25:34 GMT
vary
Accept-Encoding
server
cloudflare
id5-api.js
cdn.id5-sync.com/api/1.0/ 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-amz-id-2
MPn92edlEKY4O+ue+G4cesxgW5K91/HSbRBWcKfqIsyCZGN0jsdqz8RGT2ZzNKGxFG56UB5jXPFikHvZQoY76oeWokHObVEblUU5EbKjK70=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"f24286e1b73c01841e789906d50ce23f"
age
2395
x-amz-request-id
028AA0BD2Y10S7HJ
cf-ray
8d471e1c5f4da2c0-YUL
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
truncated
/ Frame 8329 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0bb87201a0718e2d5e7249b6e05862b335af3bf52aa53fe170f2af2cc8457be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8329 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4THtq0Y7FDu-v3x1wWDFCkwPEnX290l-60sMgnG-cL4bf-qLpRQAS-cvOkM4ydEjBLzMoOHybd2ry5Bj-OI5JXklWp3r89ZpKuCHVhaDIjLgtLop8qRNtKgvnJ_88YujbPHQxIN6BJunwZDpddBJt-wrB7WBvsTFTOss9lusAzoz6VBAobO4nRw5LaD6Jz_d0a4695hvvTaRXgmbKF1Tfgwhq32ilqLBcCq2X3Q8WcnQkrDZ3JnJYPJJTUZO8ftg0UAP5UOn_2gR6IVXq7D2tX_YI9NehUHHw18WpedeoJhT18Ec9vnaCOY8fZrrSpn4e3LekOx4Mf7zGY2FP3CN4Tz4TCik-kp7w8rqFdnrUal2oJYDwR0sYqnma59pjAY6yIBqB8XY2x6Uf6016-rLK9_matq2v3bug_IeyttspmXNJKWLysh9NW4M&sai=AMfl-YRiQzIspX7yn_5aEN1wfC--R2LICU8UyGpg709Rn5w4JP5crvb4pj1NLqmkHMGOOXrTJ9Bou0eaW29svcuG4NtVvuFtXCVbgHTWcwLoEk9BOTmQOP0-sZpCVkrh&sig=Cg0ArKJSzLjl51WOcwbYEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id
1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa
age
16046189
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
sFgxvRUilwiBJIOR2uxQWbmg5TxwIXAeuzltMvYTVAlqATJ0a8sh-A==
date
Mon, 15 Apr 2024 15:05:27 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 12 Apr 2024 21:39:45 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
view
securepubads.g.doubleclick.net/pcs/ Frame E22D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteGR6z5V5ajEgD6O4e5gfwVKd8R5djBZAV_8miOEF-B8BLrpwQTDtDTZHDN0EhHgjNcs9zKtQDuiho1bQqtoii935z2lfLrxhQ2VYhseyN1eZK8fr1Gn8SCRhIu7y73QyInqrbw0P8FDTD8MvdFv-zSnJTU-KI3LkCct4TKdpRBoeJEEXS1FYdwxHvb8_C559qQBNlgtxHTxxHqGjvbqdk0-gpO77__fuKyPF9d7hrmBQygHkQ7mksHjEpRtO7YkA3HGOKIpKfaQe1IvUcPKSgsMICg808CdYLOYGhhWIl5j1abGQrcmImchaPYzhDSkk5q_tsuoMxcr1MJqbA81nfvO39AvtJsG3XAJm6FeAtaXAgfKwNhxa_EnPaY73CLmU2QDi8zAU1eceQjYT_q82-ury9JtQog7CqkrjbUVb37Yd0hrIaE5Y56qtdXPog4w2zJt1dfks_&sai=AMfl-YTrGncCUDN25MlFSYx9uVpZHIH85DVjWCMaLMGWq_HLymXSFaOlujfLFYkkMtTSHOx7-7npMpAZ_-BnofYWdrgzUBOtdiUHgHK9eJcupuAEObtxxh-Yzdzeoixu&sig=Cg0ArKJSzO70fEsAeKbQEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
index.php
playlist.stnvideo.com/player/data/ 		19 B
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://playlist.stnvideo.com/player/data/index.php?cmd=readPageMeta&session=8yKEYb_s1J43i9zk&instance=298215217&version=STN-5.0.166&age=241018&type=FULL&EXTREF=https%3A%2F%2Fwww.duboiscountyherald.com%2F&REF=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ogSet=1&ESG_key=yFxaHa1K&UMSE_urlHash=undefined&UMPD_title=duboiscountyherald.com&UMPD_keywords=dubois+county+herald&UMPD_description=&UMPD_revised=undefined&UMPD_published=undefined&smVersion=2
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.205.224.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-224-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
68b80d77a2c366af5fe812bd2858243971b21ee7118bc6a6aeb182c4153abd2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-origin
*
content-length
39
content-encoding
gzip
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Apache
ice.js
resources.infolinks.com/js/1959.008-4.010/ 		193 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1959.008-4.010/ice.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df9f9b78f713dce0353fa00d2f7758ce8afd5d2e62364fe2fb1d1a1cc6f7d10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"302da-622c9b18e47fa"
age
8384
via
1.1 google
cf-ray
8d471e1d7f033a02-YYZ
expires
Sun, 17 Nov 2024 06:02:11 GMT
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 13:52:02 GMT
vary
Accept-Encoding
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8329 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E22D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
6220e2143f05f7-86928262.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6220e2143f05f7-86928262.jpeg
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-2.iad12.r.cloudfront.net
Software
Cloudinary /
Resource Hash
b50b682d8544fc8116b146124a94e23af6ff04349d6c1e41d2f06c91a8766f9e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-request-id
7fe03c9f0940c4f36411c806786de4d7
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag
"3f93fdeecdf0c8a85d76cf2fde7bd373"
age
81749
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
cSsYzLDmrQ2N9ef4oy-l8hjvL2xUO1C19KGi6WNe6Saw9pdCnRU39w==
date
Thu, 17 Oct 2024 09:39:26 GMT
content-type
image/jpeg
last-modified
Thu, 17 Oct 2024 09:39:02 GMT
strict-transport-security
max-age=604800
cache-control
public, no-transform, max-age=604800
timing-allow-origin
*
via
1.1 3542174e2d71e2c3dffc0069aa7cbb34.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
24237
x-amz-cf-pop
IAD12-P2
server
Cloudinary
66fa861c185fb4-76088965.JPG
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/66fa861c185fb4-76088965.JPG
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-2.iad12.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1b4345ca589a04a4012a06e6a6efc02622fee36a7879f2863628d79947b11b4f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-request-id
6dc0671f9d57dd706f78d357bfeca340
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag
"2cda2810027a9bbb49f0f94f8255e1d9"
age
162618
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
se6noLEJN5_G8EP7EnW9_haKflmCdCWdu4JDNQGdJ1y9qZ_bJRosBg==
date
Wed, 16 Oct 2024 11:11:37 GMT
content-type
image/jpeg
last-modified
Wed, 16 Oct 2024 11:06:26 GMT
strict-transport-security
max-age=604800
cache-control
public, no-transform, max-age=604800
timing-allow-origin
*
via
1.1 3542174e2d71e2c3dffc0069aa7cbb34.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
16059
x-amz-cf-pop
IAD12-P2
server
Cloudinary
66e1a8c710bbf2-41342523.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/66e1a8c710bbf2-41342523.jpeg
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-2.iad12.r.cloudfront.net
Software
cloudflare /
Resource Hash
1c02b4106567c28ae5645013362d89788a03756ae3754f09b69d2cb810d0a91f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-request-id
73ecfbb0916e0e547b943c19d5ed4b31
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
etag
"579987a13a72f6ca8f03747659035646"
age
72337
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
sNcHPShpCfuvj7-y5kvTbseINR-vVDRsnj6Ka2WbpZneGqhol254Dg==
date
Thu, 17 Oct 2024 12:16:18 GMT
content-type
image/jpeg
last-modified
Wed, 11 Sep 2024 18:40:08 GMT
vary
Accept-Encoding
strict-transport-security
max-age=604800
cache-control
public, no-transform, max-age=604800
timing-allow-origin
*
via
1.1 3542174e2d71e2c3dffc0069aa7cbb34.cloudfront.net (CloudFront)
cf-ray
8d0687f6fee0c9a3-IAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
25129
x-amz-cf-pop
IAD12-P2
server
cloudflare
66ffafcc763b80-33375667.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/66ffafcc763b80-33375667.jpg
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-2.iad12.r.cloudfront.net
Software
Cloudinary /
Resource Hash
7433db7c0a5c2ce4103b9a0ca006bc7e6b8e674276615cc3e2720fc6f2040ed0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-request-id
9de9c6b1ed5a94d28481e8c9c3879233
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag
"5aa8ba06b8ad7b92c65c1c28a5f06218"
age
563924
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
tLvxkNGnGMgc9I7wd7IPPpwyz4vxBdeTubaW6eH4x7A0Xs2qcNKd3g==
date
Fri, 11 Oct 2024 19:43:11 GMT
content-type
image/jpeg
last-modified
Fri, 04 Oct 2024 18:58:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=604800
cache-control
public, no-transform, max-age=604800
timing-allow-origin
*
via
1.1 3542174e2d71e2c3dffc0069aa7cbb34.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
14594
x-amz-cf-pop
IAD12-P2
server
Cloudinary
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&src=aps&ver=1.13.1&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
vary
origin
pixel;r=1745999006;labels=keywords.dubois%20county%20herald%2Ctitle.duboiscountyherald.com%2Cauthor.Dubois%20County%20Herald;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.duboiscountyherald.com%2F;n...
pixel.quantserve.com/ 		35 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1745999006;labels=keywords.dubois%20county%20herald%2Ctitle.duboiscountyherald.com%2Cauthor.Dubois%20County%20Herald;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.duboiscountyherald.com%2F;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=duboiscountyherald.com;dst=1;et=1729239715498;tzo=420;ogl=type.website%2Curl.https%3A%2F%2Fwww%252Eduboiscountyherald%252Ecom%2F%2Cimage.https%3A%2F%2Fbloximages%252Enewyork1%252Evip%252Etownnews%252Ecom%2Fduboiscountyherald%252Ecom%2Fcontent%2Ftncm%2Cimage%3Awidth.600%2Cimage%3Aheight.154%2Ctitle.duboiscountyherald%252Ecom%2Csite_name.Dubois%20County%20Herald;ses=fe97198a-4ce6-467f-be9c-ad8a051a385a;uht=2;fpan=1;fpa=P0-463905475-1729239715144;pbc=;cm=undefined;gdpr=0;us_privacy=1---;gpp_sid=-1;mdl=
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Fri, 18 Oct 2024 08:21:55 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["wIMyVPdwTctNd2CE/F7cEQ=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["K6ilNKGFCzhN9vrdrNyW4w=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["P4uOkxwZmMqTvAEyU3J99A=="],"pcode":["p-UeXruRVtZz7w6"]}],"trigger_data":"1"}]}
content-type
image/gif
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-east-1a
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
x-envoy-upstream-service-time
1
vary
Origin
server
envoy
access-control-allow-credentials
true
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.85.87.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-87-71.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
x-envoy-upstream-service-time
1
vary
Origin
server
envoy
access-control-allow-credentials
true
setuid
s2s.t13.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs2s.t13.io%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526gpp%253D%2526gpp_sid%253D%252...
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1983122268661007137
86 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1983122268661007137
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/png

Redirect headers

cache-control
no-store, no-cache, private
location
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1983122268661007137
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
f7e8d874-8e5a-4e95-9239-8b0af8bffbc9
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
country
api.btloader.com/ 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5714937848528896
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
vary
Origin
474
p.ad.gt/api/v1/p/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/474
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939f0b0164a211716833381eecdb890a3cc486e805aec4de3a529c614e5c8946

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
217
cf-ray
8d471e1eafdca31b-YUL
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 08:14:28 GMT
vary
Accept-Encoding
server
cloudflare
halo_match
ids.ad.gt/api/v1/ 		43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&halo_id=060ixe7ju6a65dg9iefi9ld8dfc9glgge7huom2wi0e0ykq6umou60k4koi6q0qqm
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
server
nginx/1.27.1
ip_match
ids.ad.gt/api/v1/ 		0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/html; charset=utf-8
server
nginx/1.27.1
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&adnxs_id=1983122268661007137&gdpr=0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&adnxs_id=1983122268661007137&gdpr=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-store, no-cache, private
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&adnxs_id=1983122268661007137&gdpr=0
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
934d4990-fe01-4bc8-948a-315267a4eb65
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729239716-7CA6BOH9-YQW4&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
content-length
259
date
Fri, 18 Oct 2024 08:21:55 GMT
server
Kestrel
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4
  • https://ids.ad.gt/api/v1/pbm_match?pbm=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-store, no-cache, private
location
https://ids.ad.gt/api/v1/pbm_match?pbm=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Oct 2024 08:21:53 GMT
server
nginx
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001729239716-7CA6BOH9-YQW4&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&rub=M2EGOFS6-15-DASZ&gdpr=0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&rub=M2EGOFS6-15-DASZ&gdpr=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&rub=M2EGOFS6-15-DASZ&gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Pragma
no-cache
content-length
0
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001729239716-7CA6BOH9-YQW4&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729239716...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001729239716-7CA6BOH9-YQW4&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=276b2029-492d-4354-8c5e-3b5cfe7222a9%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttd_puid=276b2029-492d-4354-8c5e-3b5cfe7222a9%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&tapad_id=276b2029-492d-4354-8c5e-3b5cfe7222a9
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&tapad_id=276b2029-492d-4354-8c5e-3b5cfe7222a9
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

strict-transport-security
max-age=31536000
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&tapad_id=276b2029-492d-4354-8c5e-3b5cfe7222a9
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Fri, 18 Oct 2024 08:21:56 GMT
server
Jetty(11.0.13)
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&google_gid=CAESEIZUVk8qFjb36gN2hk5vBnE&google_cver=1&google_ula=450542624,0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&google_gid=CAESEIZUVk8qFjb36gN2hk5vBnE&google_cver=1&google_ula=450542624,0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&google_gid=CAESEIZUVk8qFjb36gN2hk5vBnE&google_cver=1&google_ula=450542624,0
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
357
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001729239716-7CA6BOH9-YQW4
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTIzOTcxNi03Q0E2Qk9IOS1ZUVc0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTIzOTcxNi03Q0E2Qk9IOS1ZUVc0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Server
173.194.207.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTIzOTcxNi03Q0E2Qk9IOS1ZUVc0
content-length
453
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/html; charset=utf-8
server
nginx/1.27.1
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&uid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&uid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-cache, no-store, private
location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&uid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Fri, 18 Oct 2024 08:21:55 GMT
tcn
Choice
content-type
text/plain; charset=utf8
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-6-34
x-xss-protection
0
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001729239716-7CA6BOH9-YQW4&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001729239716-7CA6BO...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001729239716-7CA6BOH9-YQW4&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
  • https://ids.ad.gt/api/v1/adb_match?adb=13006426327223697673403991016966352950&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=13006426327223697673403991016966352950&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://ids.ad.gt/api/v1/adb_match?adb=13006426327223697673403991016966352950&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
dcs
dcs-prod-va6-1-v066-0674c7a22.edge-va6.demdex.com 4 ms
pragma
no-cache
x-tid
Pa7Pa65bSL4=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Fri, 18 Oct 2024 08:21:55 GMT
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26auid%3DAU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26auid...
  • https://ids.ad.gt/api/v1/openx?openx_id=67254bc0-d344-0e99-1cb1-87bfaaf6532a&id=AU1D-0100-001729239716-7CA6BOH9-YQW4&auid=AU1D-0100-001729239716-7CA6BOH9-YQW4
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=67254bc0-d344-0e99-1cb1-87bfaaf6532a&id=AU1D-0100-001729239716-7CA6BOH9-YQW4&auid=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

location
https://ids.ad.gt/api/v1/openx?openx_id=67254bc0-d344-0e99-1cb1-87bfaaf6532a&id=AU1D-0100-001729239716-7CA6BOH9-YQW4&auid=AU1D-0100-001729239716-7CA6BOH9-YQW4
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
server
OXGW/0.0.0
/
optimise.net/ 		9 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=duboiscountyherald.com&t=desktop&c=CA&r=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
95076e3c3b5dc4727185c8fd9ea54c3e91eaf74644408a59083f5465f5a48d7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.duboiscountyherald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
0

Response headers

access-control-max-age
3600
access-control-expose-headers
fs-client-rtt,fs-country
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires
0
fs-client-rtt
16
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
fs-country
CA
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=duboiscountyherald.com&t=desktop&c=CA&r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-expose-headers
fs-client-rtt,fs-country
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
expires
0
fs-client-rtt
20
fs-country
CA
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id
6p7m0DymtVd2iHKfdr7k4GM1yYafy1xS
age
16335552
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
6N9KWCfshInF_zTmmtbjycDpcEWiQVjIyhqvVvn-F_t5UJ4JknAjDA==
date
Fri, 12 Apr 2024 06:42:44 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 12 Apr 2024 03:48:56 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=aIEzG7L69&w=4586867054870528&o=5714937848528896&cv=2.1.60-1-gb71443f&widget=false&checksum=c4f44e62&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.duboiscountyherald.com%2F&sid=HKM3rst5ev&pm=true&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:55 GMT
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3786016670823712&correlator=1624748704165383&eid=31084129%2C31087831%2C95344563%2C31086886%2C676982961&output=ldjh&gdfp_req=1&vrg=202410140101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=21798091349%2Cduboiscountyherald.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df3279937e3412467%3AT%3D1729239714%3ART%3D1729239714%3AS%3DALNI_MbP3r7vUcY3GmDf9y02l0cq8QHssg&gpic=UID%3D00000f2b6e94bd5b%3AT%3D1729239714%3ART%3D1729239714%3AS%3DALNI_MaqULQdsFvCdliS8xqePUgSXTYuJA&abxe=1&dt=1729239715568&lmt=1729235106&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&vis=1&psz=338x-1&msz=300x-1&fws=516&ohw=1600&td=1&egid=41585&tan=5ef0f11a-04d6-462a-9f93-d392062f0e1f&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729239712904&idt=719&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dbb3d5eaa-aafe-4b12-86f6-33921bb28e0b%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dduboiscountyherald.com_adhesion%26fs_ad_product%3DstickyFooter%26fs_clientservermask%3D13010000000010220000202%26amznbid%3D1%26amznp%3D1%26fs-auuid%3Df00820c4-d8a8-4694-9aee-c0a1b22ffabc%26fsbid%3Dtimeout%26fspbg%3Dfs_universal%26fs_source%3Dclient%26fs_auction_id%3D88609260-5df4-4043-85b5-1e36ba1a565b%26freestar_path%3D%252F%26freestar_domain%3Dduboiscountyherald.com%26custom_bidder_size%3Drubicon_320x50%26fs_format%3Dbanner%26fs_size%3D320x50%26fs_pb%3D0.24%26fs_adid%3D525241c52e28145%26fs_bidder%3Drubicon&cust_params=browser%3DChrome%26k%3Ddubois%2520county%2520herald%26page%3Dhomepage%252Capp-editorial%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26fs_session_id%3D16761594-a8d8-49f0-8ca4-a37f45881c03%26fs_pageview_id%3Df3606d34cc18e9d0cf23db39f6df6d4f%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D16%26fs_testgroup%3Doptimised&adks=377132284&frm=20&eo_id_str=ID%3Da7da8c15223bacd1%3AT%3D1729239714%3ART%3D1729239714%3AS%3DAA-AfjYCtmPWZoCobvutPzBXrEA3&gblpids=%2F21798091349%2Fduboiscountyherald.com%2Fhomepage%2Fduboiscountyherald.com_adhesion
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
2c73ed886ad256e62e981cdf1b494a7b360bf712c19915f8d12d096d50ac7c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
27821
x-xss-protection
0
server
cafe
manage
router.infolinks.com/usync/ Frame A99F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.duboiscountyherald.com&purl=https%3A%2F%2Fwww.duboiscountyherald.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8d471e1f7a47ab84-YYZ
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3119781&wsid=0&pdom=www.duboiscountyherald.com&purl=https%3A%2F%2Fwww.duboiscountyherald.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

via
1.1 google
cf-ray
8d471e1f2f8d3a02-YYZ
content-length
0
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:55 GMT
server
cloudflare
gsd
router.infolinks.com/ 		0
33 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3119781&pdom=www.duboiscountyherald.com&purl=https%3A%2F%2Fwww.duboiscountyherald.com%2F&jsv=1959.008-4.010&_cb=17292397156190
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

via
1.1 google
cf-ray
8d471e1f8fc33a02-YYZ
content-length
0
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:55 GMT
server
cloudflare
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
582ae7eab3fb90b4faa0834c13963c08a14373bd307b5043376ce887235c8ba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=8yKEYb_s1J43i9zk&instance=298215217&version=production-5.0.166&age=241018&key=yFxaHa1K&c_id=13062&seq=1&order=2&vIndex=0&absoluteTime=3091.5&relativeTime=1515.3&cmd=GET&EXTREF=https://www.duboiscountyherald.com/&REF=https://www.duboiscountyherald.com/
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-80-206.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

accept-ranges
bytes
content-length
26
date
Fri, 18 Oct 2024 08:21:55 GMT
etag
"1a-5b72883b37f80"
content-type
image/gif
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3786016670823712&vrg=202410140101&nw_id=132916964%5C%2C21798091349%2C21798091349&nslots=10&eid=31084129%2C31087831%2C95344563%2C31086886%2C676982961&pub_url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&qid=CNSfp_e_l4kDFRiVywEdBDU50Q&iu=%2F132916964%2C21798091349%2Fduboiscountyherald.com%2Fhomepage&e=12&ret=1x1&req=1x1&bm=0&efh=1&stk=0&ifi=5
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5MTD44X&v=3&t=t&pid=89852019&cv=55&rv=4ah0&tc=3&tag_exp=101686685&e=*&eid=0&u=AgAAAAAAAAAAAAAI&h=Ag&z=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
checksync.php
contextual.media.net/ Frame 1F58 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C590%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C357%2C237%2C556%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C122%2C201%2C2039%2C246%2C4%2C521%2C126%2C203%2C522%2C446%2C326%2C404%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C2124%2C337%2C338%2C459%2C339%2C77%2C38%2C2100%2C2022%2C141%2C262%2C461%2C222%2C542%2C345%2C543%2C226%2C468%2C10000%2C624%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-124-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13653
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 08:21:55 GMT
expires
Fri, 18 Oct 2024 08:21:55 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
sync.cootlogix.com/api/sync/iframe/ Frame 04B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.7.202 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Fri, 18 Oct 2024 08:21:55 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
pd
freestar-d.openx.net/w/1.0/ Frame 8735
Redirect Chain
  • https://freestar-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://freestar-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
733
content-type
text/html
date
Fri, 18 Oct 2024 08:21:54 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Oct 2024 08:21:55 GMT
location
https://freestar-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F69 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=136406
content-encoding
gzip
content-length
5633
content-type
text/html
date
Fri, 18 Oct 2024 08:21:55 GMT
expires
Sat, 19 Oct 2024 22:15:21 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7B28 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
366
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8d471e1f8cfeac8d-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 08:21:55 GMT
expires
Fri, 18 Oct 2024 12:21:55 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 98F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
76397
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 18 Oct 2024 08:21:55 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2908618, 115281
X-Served-By
cache-lga21993-LGA, cache-yul1970047-YUL
X-Timer
S1729239716.780539,VS0,VE0
pbcas
ads.yieldmo.com/ Frame 5996 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.235.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-235-250.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 18 Oct 2024 08:21:55 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 5112 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 08:21:55 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 063A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1096
content-type
text/html; charset=utf-8
date
Fri, 18 Oct 2024 08:21:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_ed0f0007-5316-46bd-82c2-13cd9371aedc&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F8%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F8%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/8/2.gif?puid=E5194B54F9F118B5&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/7/3.gif?puid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/6/4.gif?puid=1983122268661007137&gdpr=0&gdpr_consent=
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F821%2F5%2F5.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/821/5/5.gif?puid=092195aa-482f-444e-87eb-386cea32473e&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F4%2F6.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/826/4/6.gif?puid=78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F10%2F3%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/10/3/7.gif?puid=2856366307302385724&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F104%2F2%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/104/2/8.gif?puid=995d419d-f746-40ae-8fb8-99aab453f632&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=M2EGOFS6-15-DASZ&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTUxOTRCNTRGOUYxMThCNQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-be10HqVap2O4v4diV5EXZIS-cm_hMN7Km0j9m7cAGw
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKgswIT62rHo0a65psjYl90&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-be10HqVap2O4v4diV5EXZIS-cm_hMN7Km0j9m7cAGw&...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
70 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-length
70
date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
image/gif
server
Kestrel

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Routing-Server-ID
-1
Frontend-ID
14
Pragma
no-cache
Connection
Keep-Alive
Expires
Sat, 01 Jan 2011 12:00:00 GMT
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Date
Fri, 18 Oct 2024 08:21:58 GMT
Content-Length
0
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_0a423b6a-56c8-418b-89f1-05f1cad9f7e7&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/html;charset=utf-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

location
https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
content-length
199
date
Fri, 18 Oct 2024 08:21:55 GMT
server
Kestrel
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_d08680e9-de77-4a37-9bec-3a1f22a87eaa&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/html;charset=utf-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

location
https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
content-length
199
date
Fri, 18 Oct 2024 08:21:55 GMT
server
Kestrel
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_225dc0d1-03f6-407c-8ae6-f90fe76287bb&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/8/2.gif?puid=276b2029-492d-4354-8c5e-3b5cfe7222a9&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/429/7/3.gif?puid=EA4E2E2C-7348-40D7-B1B1-36B982F2945D&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/5/5.gif?puid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/4/6.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/4/6.gif?puid=1983122268661007137&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAMuJ07OJDUAABVUjLRLVg&id5AccountNum=155&numCascadesAllowed=9
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AAMuJ07OJDUAABVUjLRLVg&id5AccountNum=155&numCascadesAllowed=9
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
text/html;charset=utf-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://id5-sync.com/k/155.gif?puid=AAMuJ07OJDUAABVUjLRLVg&id5AccountNum=155&numCascadesAllowed=9
Content-Length
0
Date
Fri, 18 Oct 2024 08:21:57 GMT
Server
gunicorn
Connection
keep-alive
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_e7ee0c4d-223c-4415-a710-0d19aac71243&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/8/2.gif?puid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/7/3.gif?puid=1983122268661007137&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F6%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F6%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/6/4.gif?puid=E5194B54F9F118B5&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/5/5.gif?puid=d488114b-9613-41c8-aafb-e8c864b80352&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/4/6.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/4/6.gif?puid=1983122268661007137&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F3%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F3%2F7.gif%3Fpuid...
  • https://id5-sync.com/c/441/826/3/7.gif?puid=78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-be10HqVap2O4v4diV5EXZIS-cm_hMN7Km0j9m7cAGw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F2%2F8.gif%3Fpuid%3...
  • https://id5-sync.com/cq/441/124/2/8.gif?puid=31bcb647-c910-4a77-a526-04ecd3827f17&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
0
0
iu3
s.amazon-adsystem.com/ Frame 365F
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-Vidazoo_n-nativo_n-adMed...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-Vidazoo_n-nativo_n-adMed...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-Vidazoo_n-nativo_n-adMediaV1_snb_n-Beeswax_smrt_n-inmobi_cnv_n-sharethrough_rbd_ppt_n-Rise_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-107.compute-1.amazonaws.com
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
471
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 18 Oct 2024 08:21:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
40NFSQ161R6ZN89G53VX

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Oct 2024 08:21:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-Vidazoo_n-nativo_n-adMediaV1_snb_n-Beeswax_smrt_n-inmobi_cnv_n-sharethrough_rbd_ppt_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
7FEF9H0YZQ2SGSJG9AKF
882.json
id5-sync.com/g/v2/ 		632 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
d64ab3fbed754de38481461a75c567e9384e8fadad8a382ee12f278d61f9bbb2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
vary
Origin
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		60 B
230 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.200.182.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-182-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d3ec1e21478202d824b3df5af93434051930055afce455d50c3e78eb21fb6f2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-origin
https://www.duboiscountyherald.com
content-length
60
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
sync
ups.analytics.yahoo.com/ups/58827/ 		0
0
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.200.182.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-182-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-max-age
86400
date
Fri, 18 Oct 2024 08:21:55 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f139.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
age
502
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 09:13:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:13:33 GMT
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
630
x-xss-protection
0
server
sffe
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f139.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
age
671
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 09:10:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:10:44 GMT
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1129
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		265 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
18e9bed62ddd0305c90cd1ca399d459bc4eb94d406d1eebeb745ac6d180d96ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 08:21:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95058
x-xss-protection
0
server
Google Tag Manager
p
api.segment.io/v1/ 		21 B
182 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-144-222.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
21
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/json
vary
Origin
882.json
id5-sync.com/g/v2/ 		632 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
56e6582336deb2e0e60d629081d661e1b17b6cc50b775f1fb78bc1914780f999
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
vary
Origin
match
seg.ad.gt/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v2/match
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
allow
POST
cf-cache-status
DYNAMIC
cf-ray
8d471e202e04a2f8-YUL
date
Fri, 18 Oct 2024 08:21:55 GMT
server
cloudflare
vary
origin, access-control-request-method, access-control-request-headers
event
p.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.duboiscountyherald.com
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8d471e1fbfeba278-YUL
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 18 Oct 2024 08:21:55 GMT
server
cloudflare
vary
Origin
collect
a.ad.gt/api/v1/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e1f7c6aa254-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:55 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
getpixels
pixels.ad.gt/api/v1/ 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=33b3c6c0c8c4aed88bd36f92a8db6ea1&url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e207d4ea261-YUL
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:56 GMT
server
cloudflare
match
seg.ad.gt/api/v2/ 		4 KB
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v2/match
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46890c0200f474edc359655ccf7b3b3cb286bdaa7c7eeb41b8f3f490db0dcd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8d471e211e7aa2f8-YUL
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers, accept-encoding
server
cloudflare
event
p.ad.gt/api/v1/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e207857a278-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:56 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
segments
seg.ad.gt/api/v1/ 		16 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fwww.duboiscountyherald.com%252F&partner_id=474&tagger_id=33b3c6c0c8c4aed88bd36f92a8db6ea1&au_id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8d471e202e03a2f8-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
16
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
vary
Origin
server
cloudflare
css2
fonts.googleapis.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a86ef2999a5af962f217a9a65615a898748ee2b90882ef7120a613c20bab2501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 18 Oct 2024 07:12:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
icon
fonts.googleapis.com/ 		569 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 18 Oct 2024 08:21:55 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
strip.png
mp.mmvideocdn.com/mini-player/assets/pga/ 		0
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.mmvideocdn.com/mini-player/assets/pga/strip.png
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.85.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-6.iad89.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

etag
"634628402d572c332f135506cba90456"
x-amz-version-id
a_zvfKQyhJT0NRUlYENOZ33KPaZedv_f
age
843994
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
YSaI4GtoM6afoYzUP96iZlFsUgNZT9FXCEU2_FWTipko7MPTDLpKkA==
date
Tue, 08 Oct 2024 13:55:22 GMT
content-type
image/png
last-modified
Thu, 05 Sep 2024 12:58:34 GMT
cache-control
private, no-store
via
1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
33668
x-amz-cf-pop
IAD89-C3
server
CloudFront
x-amz-server-side-encryption
AES256
ou27j1va87mo3r8th3ar286gs0db9ai4.jpg
cdnmedia.sendtonews.com/videos/video_thumb/XL/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnmedia.sendtonews.com/videos/video_thumb/XL/ou27j1va87mo3r8th3ar286gs0db9ai4.jpg
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.215.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c53a2922c0f96a939a17629cd22e5fcc5cb739169f70f71d99b95742dc343679

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

etag
"bce99eb591488d091be2f31ca0f5463b"
age
10166
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 08:21:56 GMT
last-modified
Fri, 18 Oct 2024 05:32:18 GMT
x-served-by
cache-iad-kcgs7200096-IAD, cache-yul1970031-YUL
x-cache-hits
22, 0
content-disposition
attachment
x-amz-id-2
N9zzR1EJoLtsKihehS0IgQCmIKS7UneN6nP+hWZsyhaHByA2iP2Rqj9IcYIs1ty2/D2yuPRXjgBPl7dvXMpzbtF2zX3iCFpY
content-type
image/jpeg
cache-control
max-age=86400
x-timer
S1729239716.150655,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-request-id
TPHMJSW1FK6NHE80
accept-ranges
bytes
content-length
38689
server
AmazonS3
x-amz-server-side-encryption
AES256
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=8yKEYb_s1J43i9zk&instance=298215217&version=production-5.0.166&age=241018&key=yFxaHa1K&c_id=13062&seq=1&order=3&vIndex=0&absoluteTime=3250.2&relativeTime=1674&cmd=RTP&sC_ID=4735&sm_id=3927506&status=LVFNLNOY&ac_id=2010&EXTREF=https://www.duboiscountyherald.com/&REF=https://www.duboiscountyherald.com/
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-80-206.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

accept-ranges
bytes
content-length
26
date
Fri, 18 Oct 2024 08:21:55 GMT
etag
"1a-5b72883b37f80"
content-type
image/gif
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
38599228599068856711f1775c9817.94246171playlist.m3u8
cdnmedia.sendtonews.com/videos/m3u8/ 		305 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnmedia.sendtonews.com/videos/m3u8/38599228599068856711f1775c9817.94246171playlist.m3u8
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.215.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5ce224d0f1e7dee681547b837051148ddd9e1d4ddbdd0f08d9cc98f9619b8cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag
"c1f9f07cfc525e5c4886fe1b5a9133a3"
age
8984
access-control-allow-methods
GET, HEAD, POST
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
HIT, MISS
date
Fri, 18 Oct 2024 08:21:56 GMT
last-modified
Fri, 18 Oct 2024 05:32:15 GMT
content-disposition
attachment
x-served-by
cache-iad-kcgs7200121-IAD, cache-yul1970069-YUL
content-type
application/x-mpegURL
x-amz-id-2
0YSM7CaN5T1so7hezLbxWaagqsNEyVeimye9VNrARKm09rHkpnZ7K71SfT5RbS2zzksSB5ATitMiyqXOHemUGYxuINz4NsP/cpyCEGfC2Fc=
x-cache-hits
6, 0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control
max-age=86400
x-timer
S1729239716.150310,VS0,VE15
via
1.1 varnish, 1.1 varnish
x-amz-request-id
CKVCE771KN2ZDNSY
accept-ranges
bytes
access-control-allow-origin
*
content-length
305
server
AmazonS3
x-amz-server-side-encryption
AES256
factors
factor-service.prod.voltaxservices.io/ 		47 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://factor-service.prod.voltaxservices.io/factors?mmPlayerLvl1=ca:desktop:www.duboiscountyherald.com:chrome:linux:%2f92056281%2fessentiallysports-premium:01j6f1nt0x7bqa207w
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5200:1a:7b6f:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
45a286c893be6e52f85e587d39391cf6148bbce42701e8e9e0da66c033588cc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=600
content-encoding
gzip
access-control-allow-methods
PUT, POST, DELETE, PATCH
via
1.1 65566883560611dde36b4dfe13fd3272.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
71
x-amz-cf-id
Y7ovWIHgpuMZL0abAsmbc6Hh8taJ8bM-EJnXSHBbgVXoHCMKQONebA==
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/json; charset=utf-8
last-modified
Fri, 18 Oct 2024 08:21:56 GMT
server
CloudFront
x-amz-cf-pop
IAD55-P3
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
ssps
factor-service.prod.voltaxservices.io/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://factor-service.prod.voltaxservices.io/ssps?mmPlayerLvl1=FLOOR:ca:desktop:www.duboiscountyherald.com:chrome:linux:%2f92056281%2fessentiallysports-premium:01j6f1nt0x7bqa207w
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5200:1a:7b6f:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
454ebcc8ede502c1e0eb057e0b2981127e978167e9c816d5ed14ef5a17acea90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=600
content-encoding
gzip
access-control-allow-methods
PUT, POST, DELETE, PATCH
via
1.1 65566883560611dde36b4dfe13fd3272.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
525
x-amz-cf-id
N1sLvqUIcExpCIFVzI5wB_eLsDq9wRGF_4jQq5MDvAVvBxsBhacPtA==
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/json; charset=utf-8
last-modified
Fri, 18 Oct 2024 08:21:56 GMT
server
CloudFront
x-amz-cf-pop
IAD55-P3
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
voltax_mp_bridge.html
mp.mmvideocdn.com/mini-player/scripts/ Frame FCFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mp.mmvideocdn.com/mini-player/scripts/voltax_mp_bridge.html
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:9000:e:8add:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
3271218
alt-svc
h3=":443"; ma=86400
cache-control
private, no-store
content-encoding
gzip
content-type
text/html
date
Tue, 10 Sep 2024 11:41:38 GMT
etag
W/"05385d03c1a1b13348c6ae45a38c2524"
last-modified
Thu, 05 Sep 2024 07:59:30 GMT
server
CloudFront
vary
Accept-Encoding Origin
via
1.1 c974a69619205281e0e6b8e73f95e4b4.cloudfront.net (CloudFront)
x-amz-cf-id
8qh60LUS2IVR3afPleKPK8yZaETq2YgM0cJF9ugb-gTrF8tK8A5qIA==
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
pROuiWvBbpXDCKItMFRf3Mlg8VpOZCtc
x-cache
Hit from cloudfront
apstag.js
c.amazon-adsystem.com/aax2/ Frame BF58 		324 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.44.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-44-103.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"907cbdd883935369790d45cc9bd9e8b7"
age
3542
via
1.1 6f1c32addde00f50ba0fcba618c903d6.cloudfront.net (CloudFront), 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Eu7-vvFJYFZuyO0wjBKg9l_3ifiiIyQaUq7MKUhn8-oAWStsDWQ-aQ==
date
Fri, 18 Oct 2024 07:22:53 GMT
content-type
application/javascript
last-modified
Wed, 28 Aug 2024 22:46:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P7, IAD89-C1
x-amz-server-side-encryption
AES256
2960f87904
pb-rtd-minutemedia.ccgateway.net/v1.0/realtime/ 		387 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-rtd-minutemedia.ccgateway.net/v1.0/realtime/2960f87904?profile_id=5fcbd134-2276-46c7-8591-7d8cf11df5d6&url=https%253A%252F%252Fwww.duboiscountyherald.com%252F&eid=audigent.com%3A060ixe7ju6a65dg9iefi9ld8dfc9glgge7huom2wi0e0ykq6umou60k4koi6q0qqm&context=true&audience=true&deal_ids=true&custom_taxonomy=true
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.88.158.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-88-158-247.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f540dcf7f143b9bda7f90339d888fafe0c568ffc9da621e80031db59565974a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=3600
etag
"387-8b88d56"
access-control-allow-credentials
true
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
387
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/json; charset=utf-8
vary
Origin
454
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/454?url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ref=
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fcf5f2729bcd1b804539b3d2f52d28a3d9d4c77f050fb1ad9c6d61952981797

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
EXPIRED
cross-origin-resource-policy
cross-origin
cf-ray
8d471e202caca254-YUL
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 08:21:56 GMT
vary
Accept-Encoding
server
cloudflare
prebid
prediction.voltaxam.com/player/creatives/ 		38 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prediction.voltaxam.com/player/creatives/prebid
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20aa:2200:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
315e68380b693aab62994099ea3f82acee453d53d8dbd37b588a1fe3567f6bbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
access-control-allow-methods
PUT, POST, DELETE, PATCH
via
1.1 c242c974a465288488c7876cabca7752.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
KLoj97N3yfxxX_MIgs1eUdfTxKZbhcEbQrdFbaQ0Qxmv8BFC4dBpFQ==
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
IAD89-C2
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
predict
prediction.voltaxam.com/player/ 		199 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prediction.voltaxam.com/player/predict
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20aa:2200:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3f73b3a0cd992d619ee1fa2795d7504a9bd8c601b328f859cc464dcc394795b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
access-control-allow-methods
PUT, POST, DELETE, PATCH
via
1.1 c242c974a465288488c7876cabca7752.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
169
x-amz-cf-id
xINyPl07kIIovYB965mVZUWiXCjJrCn3MPKlCFFb69l2pHd0_kMnqQ==
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
IAD89-C2
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		423 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75eaff1b0db3d278028ca29165d0e696ab4fe9d0ecf694b1ee84623c1f9a2d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:56 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147932
date
Fri, 18 Oct 2024 08:21:56 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
dcd
factor-service.prod.voltaxservices.io/ 		875 KB
82 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://factor-service.prod.voltaxservices.io/dcd?au=/92056281,21798091349/duboiscountyherald-premium
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:5200:1a:7b6f:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
646e328ff87976c256a247d833a801d808ab5ca1422d4c5a8832768d40a089a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=600
content-encoding
gzip
access-control-allow-methods
PUT, POST, DELETE, PATCH
via
1.1 65566883560611dde36b4dfe13fd3272.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
hLZdLJBKoDwMw5vUK4tTTx28eEfmdrlE3vWIpj4AJSh9UT3d5fg91g==
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/json; charset=utf-8
last-modified
Fri, 18 Oct 2024 08:21:56 GMT
server
CloudFront
x-amz-cf-pop
IAD55-P3
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.162.125.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-109.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://www.duboiscountyherald.com/

Response headers

x-amz-cf-id
i5_vtexKTVh55jssSWOrH6pmQLpvhp4O_2lTJMVFCxH8thOV31ayqw==
content-encoding
gzip
x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
age
916
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
via
1.1 185e69fae2e25450e587a1fae1f63962.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 08:06:39 GMT
content-type
application/javascript
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://fonts.googleapis.com/

Response headers

age
76342
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 17 Oct 2025 11:09:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 11:09:33 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f94.1e100.net
Software
sffe /
Resource Hash
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://fonts.googleapis.com/

Response headers

age
228233
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 16:58:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 16:58:02 GMT
last-modified
Thu, 21 Apr 2022 16:50:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22768
x-xss-protection
0
server
sffe
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f94.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://fonts.googleapis.com/

Response headers

age
228427
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 16:54:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 16:54:48 GMT
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
128352
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f94.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://fonts.googleapis.com/

Response headers

age
76334
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 17 Oct 2025 11:09:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 11:09:41 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
38599228599068856711f1775c9817.94246171base.en.vtt
cdnmedia.sendtonews.com/videos/cc_text/ 		12 KB
12 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://cdnmedia.sendtonews.com/videos/cc_text/38599228599068856711f1775c9817.94246171base.en.vtt
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.215.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ff3b4169cddd9cfa514cb3b585352855d231a7c8998a9fc684ecbd61d6e2f9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.duboiscountyherald.com
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag
"f14700f4ad7a809beca55ce0b8fa9a5d"
age
0
access-control-allow-methods
GET, HEAD, POST
x-cache
HIT, MISS
date
Fri, 18 Oct 2024 08:21:56 GMT
last-modified
Fri, 18 Oct 2024 05:29:44 GMT
x-served-by
cache-iad-kiad7000049-IAD, cache-yul1970069-YUL
x-cache-hits
3, 0
content-type
text/vtt
x-amz-id-2
4IeIZLT+P+MTDerfl2dE9cAaWYwMiYTVDkRTWOg9tYE2ruCn0yZYIilbBRG3kdwb3VfADpu67t7xYIUPcUVXFw==
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-timer
S1729239716.150280,VS0,VE18
via
1.1 varnish, 1.1 varnish
x-amz-request-id
7NNGF3307WA5F8BA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12096
server
AmazonS3
x-amz-server-side-encryption
AES256
setuid
s2s.t13.io/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&...
  • https://s2s.t13.io/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=995d419d-f746-40ae-8fb8-99aab453f632
86 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=995d419d-f746-40ae-8fb8-99aab453f632
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
image/png

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://s2s.t13.io/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=995d419d-f746-40ae-8fb8-99aab453f632
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:55 GMT
select
fundingchoicesmessages.google.com/f/AGSKWxVSe1KGIpIyyJTpFQpPJNQsobmVP9SBP4oscJeHHlAR7GfKtZ3cG-4uEPHxFeHBN6PJ5VpRx8BFP6m3AA0zLzGudahY42BsyD7Ufg-XkFCjtZAJgOtTojsCnXai73GccETHHO4F3SL-_WGmE2GroLVyt7Rmx... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVSe1KGIpIyyJTpFQpPJNQsobmVP9SBP4oscJeHHlAR7GfKtZ3cG-4uEPHxFeHBN6PJ5VpRx8BFP6m3AA0zLzGudahY42BsyD7Ufg-XkFCjtZAJgOtTojsCnXai73GccETHHO4F3SL-_WGmE2GroLVyt7RmxCL6oxYAENAdiVwkWWdj4KgTmSfAWMpO/_/delayedad./ad/select?/banner728x90_/ad/?section=/ad_www_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxUPD0xmZnYVZPX03o5ddtfCFBSgg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f138.1e100.net
Software
ESF /
Resource Hash
cc00425c3a3d831c51dd6a73915543e88dab8066ac5862add4b0c4d509f7b54d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VTicb4ptfXDxPRMv_d5-bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXMs2XpiB5vAhiO3mZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMzOMLDADrKknp"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VTicb4ptfXDxPRMv_d5-bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxUPD0xmZnYVZPX03o5ddtfCFBSgg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
369b0c21906fdd75d4370af92e7f46c9b494a3f7b8c0bde8ef47aaf480a73145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
br
etag
16970699533094014674
age
472
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 09:14:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 18 Oct 2024 08:14:03 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
15115
x-xss-protection
0
server
cafe
AGSKWxWIo5tUoJLtVwYShuSXxnww44rJStkcz95wYFrmIDtf4MfMFe57lyQmg0DL9UYtZKR_Jdw5_Z8EW1QOPJ-V1gvo0g0rVOe6vwUETd0a_jXrCkt4VaygpSZYC6OmRuWHtwEcFDWxkw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIo5tUoJLtVwYShuSXxnww44rJStkcz95wYFrmIDtf4MfMFe57lyQmg0DL9UYtZKR_Jdw5_Z8EW1QOPJ-V1gvo0g0rVOe6vwUETd0a_jXrCkt4VaygpSZYC6OmRuWHtwEcFDWxkw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3y7QUUcgh7gMbmabL7ds4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIibY8nWEzvYBA5075JRcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBoZmegZm8QUGAJg6LsQ"
content-security-policy
script-src 'report-sample' 'nonce-3y7QUUcgh7gMbmabL7ds4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
0
x-xss-protection
0
server
ESF
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Sat, 19 Oct 2024 08:21:55 GMT
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BF58 		6 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.44.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-44-103.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
age
21689
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
fHuTz71sjkWyk9u1hZftCuBEuhP7QpZ-Up4iJOxyom5O6fT9khqkqw==
date
Fri, 18 Oct 2024 02:20:27 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD89-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
config.aps.amazon-adsystem.com/configs/ Frame BF58 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
30b03856aa4b06101fb7e96d907728241e0b9cd698732442bf350e98a21a465e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
age
2418
via
1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
vUOSmoqaQdJvzYKuMW7dtDvYwYMgE15ATwYQjE-ENYIsEa9am_8sKw==
date
Fri, 18 Oct 2024 07:41:38 GMT
content-type
application/javascript
x-amz-cf-pop
IAD12-P3
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ Frame BF58 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.duboiscountyherald.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.44.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-44-103.iad89.r.cloudfront.net
Software
Server /
Resource Hash
fcd544f5f46f7768e47ba49da112aa5d98404e96c786d36cb45c716f7d45a561

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.duboiscountyherald.com
x-cache
Miss from cloudfront
content-length
1764
x-amz-cf-id
ETXYiKPJTlZ31N3G7qvBYJU4FggDdC2BRr-q8JosplJx7MQsH_J7NQ==
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
IAD89-C1
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ Frame BF58 		253 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.duboiscountyherald.com%2F&pid=y65NTbUFRgM9w&cb=0&ws=1600x1200&v=24.827.1552&t=5000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A10%2C%22id%22%3A%22stn_accompanying_content%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%22csngn4%22%5D&schain=1.0%2C1%21stnvideo.com%2CSTN_0004809%2C1%2C%2C%2C&sm=dc0e359f-c132-4b00-a4d0-544adcfd58ef&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22id5%22%3A%22ID5*RabXXzlmvMhEe1noRZR3eENHWB1IItax7Viukrx05nTPyL6YAzyYVv9ni6vWFp2X%22%2C%22pubcommon%22%3A%22c0454a23-cdfb-4963-8149-b7245776ba48%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.98.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-98-152.iad55.r.cloudfront.net
Software
Server /
Resource Hash
16a001384ccbe0e76a0d7b408ab5d88da6c7cf545b19a29038bb7701e81ca79a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 6f1c32addde00f50ba0fcba618c903d6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.duboiscountyherald.com
x-cache
Miss from cloudfront
content-length
216
x-amz-cf-id
TDt_HS6PvwwSkoVX1o3LqSh2T4zWd-YqfIq-T6YlvImijY-5dzcZJA==
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
IAD55-P7
server
Server
logo.png
mp.mmvideocdn.com/mini-player/assets/pga/ 		0
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.mmvideocdn.com/mini-player/assets/pga/logo.png
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.85.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-6.iad89.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

etag
"0e0f7255c3b11689f7b76388703a6816"
x-amz-version-id
fJQgTmVUsbu5hzS3rWuVwXhrKc2A9tre
age
843994
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
hjNbkNrV-Iuf5cNLNI_iSBOv7zQzhQVUbLnssrSfzFzS5zNuPel82A==
date
Tue, 08 Oct 2024 13:55:23 GMT
content-type
image/png
last-modified
Tue, 03 Sep 2024 10:11:17 GMT
cache-control
private, no-store
via
1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
28051
x-amz-cf-pop
IAD89-C3
server
CloudFront
x-amz-server-side-encryption
AES256
syncframe
gum.criteo.com/ Frame B8D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.duboiscountyherald.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:55 GMT
server
Kestrel
server-processing-duration-in-ticks
704543
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
bounce
id5-sync.com/ 		30 B
244 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
297 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
join-ad-interest-groups.html
proton.ad.gt/ Frame 6997 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://proton.ad.gt/join-ad-interest-groups.html
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
ad-auction-allowed
true
age
1207
apigw-requestid
f1RjghTJPHcEP0Q=
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8d471e25091da257-YUL
content-encoding
br
content-type
text/html
date
Fri, 18 Oct 2024 08:21:56 GMT
last-modified
Fri, 18 Oct 2024 06:13:16 GMT
server
cloudflare
supports-loading-mode
fenced-frame
vary
Accept-Encoding
setuid
s2s.t13.io/
Redirect Chain
  • https://openrtb-us-east-1.axonix.com/syn?redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Daxonix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3DxxEMODO_...
  • https://s2s.t13.io/setuid?bidder=axonix&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=5a3bd5ac-9f56-4343-bbc8-5a22f4ade813
86 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=axonix&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=5a3bd5ac-9f56-4343-bbc8-5a22f4ade813
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
image/png

Redirect headers

access-control-max-age
1728000
location
https://s2s.t13.io/setuid?bidder=axonix&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=5a3bd5ac-9f56-4343-bbc8-5a22f4ade813
x-emodo-server
vektor-server-production-no-zone-5cf6959874-bqgm6
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
content-length
0
date
Fri, 18 Oct 2024 08:21:56 GMT
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
container.html
b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F122 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202410080955/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 08:21:54 GMT
expires
Fri, 18 Oct 2024 08:21:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame BF58 		54 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Fri, 18 Oct 2024 08:36:55 GMT
accept-ranges
bytes
content-length
17407
date
Fri, 18 Oct 2024 08:21:55 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
ima.js
cdn-ima.33across.com/ Frame BF58 		16 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ce363e-403e"
age
203542
cf-ray
8d471e1c5845ab9a-YYZ
expires
Mon, 21 Oct 2024 08:21:55 GMT
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/javascript
last-modified
Tue, 27 Aug 2024 20:25:34 GMT
vary
Accept-Encoding
server
cloudflare
hadron.js
cdn.hadronid.net/ Frame BF58 		56 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fwww.duboiscountyherald.com%2F&_it=amazon&partner_id=454
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=432000
content-encoding
br
cf-bgj
minify
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
5337
cf-cache-status
HIT
x-amz-request-id
4GNMNHQXA94JVW78
cf-ray
8d471e22cf6ba308-YUL
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
38599228599068856711f1775c9817.94246171.m3u8
cdnmedia.sendtonews.com/videos/m3u8/300k/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnmedia.sendtonews.com/videos/m3u8/300k/38599228599068856711f1775c9817.94246171.m3u8
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.215.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75c3fe59af593c601afee8dcdf633aab583c6904a54a96275f9645ce245d2640

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag
"40a8f487bfc00426f11a8b9942931a85"
age
4606
access-control-allow-methods
GET, HEAD, POST
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
HIT, MISS
date
Fri, 18 Oct 2024 08:21:56 GMT
last-modified
Fri, 18 Oct 2024 05:32:14 GMT
content-disposition
attachment
x-served-by
cache-iad-kcgs7200166-IAD, cache-yul1970069-YUL
content-type
application/x-mpegURL
x-amz-id-2
ggnBquyJPXs8bR56feSmTgcWlxpLeioJnGhWq0o+42lwSpbih+nem+Nz7Z21F4W9ySxbGKYyeNSJ/yhqvjb27A==
x-cache-hits
6, 0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control
max-age=86400
x-timer
S1729239716.297437,VS0,VE16
via
1.1 varnish, 1.1 varnish
x-amz-request-id
6DHX1DXD4H47CF9R
accept-ranges
bytes
access-control-allow-origin
*
content-length
3822
server
AmazonS3
x-amz-server-side-encryption
AES256
AGSKWxWIo5tUoJLtVwYShuSXxnww44rJStkcz95wYFrmIDtf4MfMFe57lyQmg0DL9UYtZKR_Jdw5_Z8EW1QOPJ-V1gvo0g0rVOe6vwUETd0a_jXrCkt4VaygpSZYC6OmRuWHtwEcFDWxkw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIo5tUoJLtVwYShuSXxnww44rJStkcz95wYFrmIDtf4MfMFe57lyQmg0DL9UYtZKR_Jdw5_Z8EW1QOPJ-V1gvo0g0rVOe6vwUETd0a_jXrCkt4VaygpSZYC6OmRuWHtwEcFDWxkw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AyCZwpiFwsToFFv-OwwGVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY8nWEzvYBGbcPryeUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmukZmMUXGAAA4KUvfw"
content-security-policy
script-src 'report-sample' 'nonce-AyCZwpiFwsToFFv-OwwGVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
0
x-xss-protection
0
server
ESF
envelope
lexicon.33across.com/v1/ Frame BF58 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.13.1&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Fri, 18 Oct 2024 08:21:55 GMT
content-type
application/json
vary
origin
454
p.ad.gt/api/v1/p/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/454
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/454?url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b089cfcd4c5a86666fd5dff409063900fc5561279cd9210939540536ac859290

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
30
cf-ray
8d471e2359b8a31b-YUL
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 08:20:20 GMT
vary
Accept-Encoding
server
cloudflare
ip_match
ids.ad.gt/api/v1/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-length
0
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
text/html; charset=utf-8
server
nginx/1.27.1
ppnt_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
  • https://ids.ad.gt/api/v1/ppnt_match?uid=K0gi2k498rt8&ev=1&pid=562316&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ppnt_match?uid=K0gi2k498rt8&ev=1&pid=562316&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://ids.ad.gt/api/v1/ppnt_match?uid=K0gi2k498rt8&ev=1&pid=562316&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-5bdc7dc56b-tcrbx
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
server
Jetty(10.0.14)
amo_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001729239716-7CA6BOH9-YQW4
  • https://ids.ad.gt/api/v1/amo_match?turn_id=6984884236114738032&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/amo_match?turn_id=6984884236114738032&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location
https://ids.ad.gt/api/v1/amo_match?turn_id=6984884236114738032&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length
0
pragma
no-cache
date
Fri, 18 Oct 2024 08:21:54 GMT
impr_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&impr_uid=31bcb647-c910-4a77-a526-04ecd3827f17
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&impr_uid=31bcb647-c910-4a77-a526-04ecd3827f17
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&impr_uid=31bcb647-c910-4a77-a526-04ecd3827f17
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
text/plain
colossus
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001729239716-7CA6BOH9-YQW4&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-...
  • https://ids.ad.gt/api/v1/colossus?cls_id=d2d79743-abc0-44cd-9425-d63f32fec978&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?cls_id=d2d79743-abc0-44cd-9425-d63f32fec978&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
44.236.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-214-89.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Cache-Control
no-cache, no-store, must-revalidate
Location
http://ids.ad.gt/api/v1/colossus?cls_id=d2d79743-abc0-44cd-9425-d63f32fec978&id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Pragma
no-cache
Connection
keep-alive
Expires
0
Date
Fri, 18 Oct 2024 08:21:56 GMT
Server
nginx
/
onetag-sys.com/match/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=180&uid=AU1D-0100-001729239716-7CA6BOH9-YQW4&gdpr=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
0
sync.1rx.io/usersync/audigent/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26unruly_id%3D%5BRX_UUID%5D
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Fri, 18 Oct 2024 08:21:43 GMT
pragma
no-cache
ium
ssum-sec.casalemedia.com/ 		0
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=060ixe7ju6a65dg9iefi9ld8dfc9glgge7huom2wi0e0ykq6umou60k4koi6q0qqm&gdpr=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqpl1QN1ddM%2FzjF37KLVr%2F8FFPGjsrQspIrgnkkjW68DDeqMRbAgjVqD95501A7RaeVQ3YemrYiNz3N%2B%2BeSExNUTzyhP1zSaS9Y%2FIpvkLC6H1f8pGEX0rXDov4D36mWaE2iXWEsZJnsV5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d471e243d6dac26-YYZ
expires
Fri, 18 Oct 2024 08:21:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Fri, 18 Oct 2024 08:21:56 GMT
vary
Accept-Encoding
server
cloudflare
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001729239716-7CA6BOH9-YQW4%26sas_uid%3D%5bsas_uid%5d&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&sas_uid=[sas_uid]&gdpr=0&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&sas_uid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
HTTP/1.1
Server
216.22.16.41 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

date
Fri, 18 Oct 2024 08:21:56 GMT
content-length
0

Redirect headers

cache-control
no-cache,no-store
location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001729239716-7CA6BOH9-YQW4&sas_uid=[sas_uid]&gdpr=0&cklb=1
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Fri, 18 Oct 2024 08:21:56 GMT
pragma
no-cache
AGSKWxWIo5tUoJLtVwYShuSXxnww44rJStkcz95wYFrmIDtf4MfMFe57lyQmg0DL9UYtZKR_Jdw5_Z8EW1QOPJ-V1gvo0g0rVOe6vwUETd0a_jXrCkt4VaygpSZYC6OmRuWHtwEcFDWxkw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIo5tUoJLtVwYShuSXxnww44rJStkcz95wYFrmIDtf4MfMFe57lyQmg0DL9UYtZKR_Jdw5_Z8EW1QOPJ-V1gvo0g0rVOe6vwUETd0a_jXrCkt4VaygpSZYC6OmRuWHtwEcFDWxkw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0PyqtMgh5rV_vDxhdUHfpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY8nWEzvYBGYcazrOqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfQMzOILDADT8i9M"
content-security-policy
script-src 'report-sample' 'nonce-0PyqtMgh5rV_vDxhdUHfpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWIo5tUoJLtVwYShuSXxnww44rJStkcz95wYFrmIDtf4MfMFe57lyQmg0DL9UYtZKR_Jdw5_Z8EW1QOPJ-V1gvo0g0rVOe6vwUETd0a_jXrCkt4VaygpSZYC6OmRuWHtwEcFDWxkw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIo5tUoJLtVwYShuSXxnww44rJStkcz95wYFrmIDtf4MfMFe57lyQmg0DL9UYtZKR_Jdw5_Z8EW1QOPJ-V1gvo0g0rVOe6vwUETd0a_jXrCkt4VaygpSZYC6OmRuWHtwEcFDWxkw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZXwdE7utTuHN0nZBi0Y_FA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY8nWEzvYBA7ceX2ZUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmukZmMUXGAAA_18v7g"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZXwdE7utTuHN0nZBi0Y_FA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUwmkGSIWVGO6pbqkv-6c10pff6PP9EHQunbqhOWo7reCCPC5uDmKmNZKeUI-krs66sPLDA_Q1MohuWZjGp4p3ni9XBLfDcuUNDfd267gROwT8CB9tOdNh8zOal94NEjT-jp9atEQ==
fundingchoicesmessages.google.com/f/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUwmkGSIWVGO6pbqkv-6c10pff6PP9EHQunbqhOWo7reCCPC5uDmKmNZKeUI-krs66sPLDA_Q1MohuWZjGp4p3ni9XBLfDcuUNDfd267gROwT8CB9tOdNh8zOal94NEjT-jp9atEQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjM5NzE2LDM4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmR1Ym9pc2NvdW50eWhlcmFsZC5jb20vIixudWxsLFtbOCwiVHkwaGVNZnpYM3MiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f138.1e100.net
Software
ESF /
Resource Hash
1a53fff07fce0107c3ad79224956ba1a5d9df23b59418a11d27a3fe94642fb4e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-x_ugUIOJEEamfTuaIE-M0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XAs2XpiB5vAhk1fzjAqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJrqGZjHFxgAAE8aSsI"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-x_ugUIOJEEamfTuaIE-M0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
iu3
s.amazon-adsystem.com/ Frame 4DD4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-adMediaV1_rx_n-acuityads_n-Beeswax_smrt_cnv_n-adman-v2_n-sharethrough_n-simpli.fi_rbd_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-107.compute-1.amazonaws.com
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
373
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 18 Oct 2024 08:21:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K87VY4R9C24P67JPBB61
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5MTD44X&v=3&t=t&pid=89852019&cv=55&rv=4ah0&tc=3&tag_exp=101686685&e=*&eid=0&u=AgAAAAAAAAAAAAAI&h=Ag&z=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 08:21:56 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
activeview
pagead2.googlesyndication.com/pcs/ Frame 8329 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstP0Jt0JSKrnVAq3W-8IkwDKgUGcMay5X4vQGDPIbgkRf93oO5HmS9fYHK2nDS0g65MoOdO7D8wthZo_GJ_QAnRioZsahVu_4lbrN_D802mc_1EbVB3nQO5uRXTTjXaEo0b_lTzj9nJas5UaykHlcoTUyQUpD3Js45_t6N1IjmEdUROsqQwmN4bx5Qs0rF2sx7M2w&sig=Cg0ArKJSzDo8wqYIide-EAE&id=lidar2&mcvt=1228&p=1,799,2,800&tm=1322.4000005722046&tu=94.90000057220459&mtos=1228,1228,1228,1228,1228&tos=1228,0,0,0,0&v=20241016&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3717240474&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2517251500&rst=1729239715013&rpt=295&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 18 Oct 2024 08:21:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
38599228599068856711f1775c9817.94246171-00001.ts
cdnmedia.sendtonews.com/videos/m3u8/300k/ 		527 KB
528 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnmedia.sendtonews.com/videos/m3u8/300k/38599228599068856711f1775c9817.94246171-00001.ts
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.215.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
652d77232314628c90babb92028cf32b76ccdb4b41fe9b8fa310179e42f09673

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag
"0876966a22a2b5fb2299d077cafbf2ea"
age
4606
access-control-allow-methods
GET, HEAD, POST
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
HIT, MISS
date
Fri, 18 Oct 2024 08:21:56 GMT
last-modified
Fri, 18 Oct 2024 05:31:34 GMT
content-disposition
attachment
x-served-by
cache-iad-kiad7000066-IAD, cache-yul1970069-YUL
content-type
video/mp2t
x-amz-id-2
b7h21jpLIWlJHfreo/zRM/G15YigJPSuYqoPY1niZdFK6OGIfM1h1nWG1JZslyTXIDaZCAOJ4B0=
x-cache-hits
4, 0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control
max-age=86400
x-timer
S1729239717.887093,VS0,VE18
via
1.1 varnish, 1.1 varnish
x-amz-request-id
6DHV6RQ1KXHS8YYJ
accept-ranges
bytes
access-control-allow-origin
*
content-length
539748
server
AmazonS3
x-amz-server-side-encryption
AES256
activeview
pagead2.googlesyndication.com/pcs/ Frame E22D 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGtFh5L9ak5ykNFnYdq-NYxDbqGhz_tujWgbOpi3G6ayOXuNoYs0DuhCMoqz9jfx-z-eTEzoMNapktJUdh9KD08kx6aQYPZLsnPHh4YyLBIh5SYL6g28U_m5XjInAHbZy62Fjwx-_5Rn3mMmmZEPDHtx3s2HWUMxJKvaMoRUM1m4KC0Bwd6jLpXfCmpgtIXzOXtQ&sig=Cg0ArKJSzJp1Bi7PKnFpEAE&id=lidar2&mcvt=1441&p=256,436,346,1164&tm=1487.5&tu=46.5&mtos=1441,1441,1441,1441,1441&tos=1441,0,0,0,0&v=20241016&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2514794258&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2517251500&rst=1729239715025&rpt=391&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 18 Oct 2024 08:21:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
582ae7eab3fb90b4faa0834c13963c08a14373bd307b5043376ce887235c8ba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers
event
p.ad.gt/api/v1/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e26cb1ea278-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
v3
id5-sync.com/gm/ 		700 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
023d12604872e4a87af173dc8486af161a6e8d577e4bea3c2fdfb0ca56e22b02
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json
vary
Origin
sync
sync.inmobi.com/ Frame D19C
Redirect Chain
  • https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp...
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BID5UID%7D&gdpr_co...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BID5UID%7D&gdpr_consent=&gdpr=0&us_privacy=1---&gdpr_pd=&source=2&google_push=&retry=
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.33.59.55 Washington, United States, ASN8069 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 18 Oct 2024 08:21:57 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE
access-control-allow-origin
*
content-length
0
date
Fri, 18 Oct 2024 08:21:56 GMT
location
https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BID5UID%7D&gdpr_consent=&gdpr=0&us_privacy=1---&gdpr_pd=&source=2&google_push=&retry=
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
4
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		162 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.duboiscountyherald.com%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
cafe /
Resource Hash
51ed20d663bbe28c00b9e7d91fa5d2d5d5b0d1bbb6c92307413268e8e8343450
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:57 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
63
date
Fri, 18 Oct 2024 08:21:57 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=8yKEYb_s1J43i9zk&instance=298215217&version=production-5.0.166&age=241018&key=yFxaHa1K&c_id=13062&seq=1&order=4&vIndex=0&absoluteTime=4429.5&relativeTime=2853.3&cmd=IMA&EXTREF=https://www.duboiscountyherald.com/&REF=https://www.duboiscountyherald.com/&imaVersion=3.673.0&imaAttempt=2
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-80-206.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

accept-ranges
bytes
content-length
26
date
Fri, 18 Oct 2024 08:21:56 GMT
etag
"1a-5b72883b37f80"
content-type
image/gif
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
page_load
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ 		60 B
230 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/page_load
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.88.158.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-88-158-247.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d3ec1e21478202d824b3df5af93434051930055afce455d50c3e78eb21fb6f2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-origin
https://www.duboiscountyherald.com
content-length
60
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
AGSKWxU4OZjWBLtKQwUtm_UAJCmQsCoVRQsZaGj26y2cZGk1u8fTNJoEaFTcfXZIiTLjZ-ag3HXe2d9YHgHr0MfSmEo867V_DkfwMgwbut7WXDSoiW5rH5zBTIIVrqRDYtF6F3T796ZeBA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU4OZjWBLtKQwUtm_UAJCmQsCoVRQsZaGj26y2cZGk1u8fTNJoEaFTcfXZIiTLjZ-ag3HXe2d9YHgHr0MfSmEo867V_DkfwMgwbut7WXDSoiW5rH5zBTIIVrqRDYtF6F3T796ZeBA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjM5NzE3LDI0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbS8iLG51bGwsW1s4LCJUeTBoZU1melgzcyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f138.1e100.net
Software
ESF /
Resource Hash
6a522c4c2f24f04a11fee133d4a1d632041b76f989f9a28ec6741ec0fa3f450e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3cyz9ST18A8QaVdx9UHflA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXMs3XpiB5tAw44tCkoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgaGpnoG5vEFBgDiT0mq"
content-security-policy
script-src 'report-sample' 'nonce-3cyz9ST18A8QaVdx9UHflA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
v1
btlr.sharethrough.com/universal/ 		0
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.203.46.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-203-46-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.203.46.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-203-46-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.94.208 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-147-135-94.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache,no-store
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Fri, 18 Oct 2024 08:21:56 GMT
content-type
application/json; charset=UTF-8
vary
Origin
prebidvideo
ads.yieldmo.com/exchange/ 		0
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.79.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-79-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:57 GMT
access-control-request-headers
Cache-Control, Pragma
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.154.9 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
9f6ae987a4b3683795c0e5133484ab8a903b609526518ce2a43a6c1d2e2863b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
Pragma
no-cache
access-control-allow-credentials
true
Observe-Browsing-Topics
?1
Expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
171
x-prebid
pbs-java/3.14.0
Content-Type
application/json
vary
origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
an-x-request-uuid
f65738e3-20a7-4b3e-8a42-3baa30e388cc
content-length
19
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 18 Oct 2024 08:21:57 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
translator
hbopenbid.pubmatic.com/ 		0
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:57 GMT
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
455 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1107412
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7d4300be237cd392278d43c30662ef7a1422e0d3b7c13bb8b91c099a7ef1a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8m3J%2By8C0LcarSMix6kYaxnU2d6sxBz7dlXpDRZmoB3U3icwTpxWZZ5MVEaYGqAUkXagerHKIwAMFR7zNtg49mIZiubuKk62VRYd3PJLf%2BX%2Bw96IBmuvJpwdvKjUvTO9MDl0eF0"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8d471e28cc3353f5-YYZ
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
37
server
cloudflare
unruly_prebid
targeting.unrulymedia.com/ 		11 B
244 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, max-age=0, no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
11
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=33860057&componentId=prebid&componentSubId=mustang&timestamp=1729239717066&_fw_bidfloor=0&_fw_bidfloorcur=&pbjs_version=9.9.0&pKey=1047507454&_fw_gdpr_consent=undefined&_fw_gdpr=false&_fw_us_privacy=1---&gpp=&gpp_sid=-1&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22STN_0004809%22%2C%22hp%22%3A1%7D%5D%7D&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060ixe7ju6a65dg9iefi9ld8dfc9glgge7huom2wi0e0ykq6umou60k4koi6q0qqm%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.duboiscountyherald.com%2F&playerSize=881x495&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.210 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Pragma
no-cache
x-sticky-vk
1729239717346000-58
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.duboiscountyherald.com
Date
Fri, 18 Oct 2024 08:21:57 GMT
Content-Type
application/xml;charset=UTF-8
Server
nginx
auction
pbs.nextmillmedia.com/openrtb2/ 		43 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.46.116 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1022841.ip-15-204-46.us
Software
/
Resource Hash
90f64d1cc38ddf1f87072fda4949f973a898ea9a0d93a4ce2d0304a8bb02298c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
x-trace-id
3b687549-60ac-41ee-a561-fd325602c569
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
43
date
Fri, 18 Oct 2024 08:21:57 GMT
x-prebid
pbs-go/43.31.0
content-type
text/plain; charset=utf-8
vary
Origin
hb
hb.undertone.com/ 		0
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3590&domain=duboiscountyherald.com&gdpr=0&gdprstr=&ccpa=1---&gpp=&gpp_sid=-1
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-30.iad61.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront)
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
x-amz-cf-id
q1d5rd3Ed8UbxXyvXAAE-jlze8y-DowbORFK8HUp388UB-tnRzO6Mw==
date
Fri, 18 Oct 2024 08:21:57 GMT
x-amz-cf-pop
IAD61-P3
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.9.0&referrer=https%3A%2F%2Fwww.duboiscountyherald.com%2F&tmax=5000&gdpr=false&us_privacy=1---
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.121.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-121-246.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
x-auction-status
12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&groups=1273
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
463
Date
Fri, 18 Oct 2024 08:21:57 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers
*
collect
a.ad.gt/api/v1/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e27d892a254-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
getpixels
pixels.ad.gt/api/v1/ 		0
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=df558ca2aefd0c04942ad408ac7276c5&url=https%3A%2F%2Fwww.duboiscountyherald.com%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e27d949a261-YUL
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
server
cloudflare
match
seg.ad.gt/api/v2/ 		4 KB
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v2/match
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea983c1ec538e00518dfd2d11b5715302081af22b2d4718f9faca6ecd994c9cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8d471e27da35a2f8-YUL
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers, accept-encoding
server
cloudflare
segments
seg.ad.gt/api/v1/ 		16 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fwww.duboiscountyherald.com%252F&partner_id=454&tagger_id=df558ca2aefd0c04942ad408ac7276c5&au_id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8d471e27ea39a2f8-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
16
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json
vary
Origin
server
cloudflare
collect
a.ad.gt/api/v1/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e27e895a254-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
match
seg.ad.gt/api/v2/ 		4 KB
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v2/match
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa57b00d8efa2a90861206647dd0312907d36486ec19a62fb510bfb27b8ffc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8d471e27ea3ba2f8-YUL
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers, accept-encoding
server
cloudflare
segments
seg.ad.gt/api/v1/ 		16 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fwww.duboiscountyherald.com%252F&partner_id=474&tagger_id=33b3c6c0c8c4aed88bd36f92a8db6ea1&au_id=AU1D-0100-001729239716-7CA6BOH9-YQW4
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8d471e27ea3da2f8-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
16
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json
vary
Origin
server
cloudflare
page_load
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/page_load
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.244.44.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-44-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-max-age
86400
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5MTD44X&v=3&t=t&pid=89852019&cv=55&rv=4ah0&tc=3&tag_exp=101686685&es=1&e=gtm.historyChange-v2&eid=53&u=AgAAAAAAAAAAAAAI&h=Ag&z=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 18 Oct 2024 08:21:57 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
38599228599068856711f1775c9817.94246171.m3u8
cdnmedia.sendtonews.com/videos/m3u8/1000k/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnmedia.sendtonews.com/videos/m3u8/1000k/38599228599068856711f1775c9817.94246171.m3u8
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.215.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e28e48a13fc2117fe697cf036b3e568922c12c5c93ed5696166a4e5094ba71c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag
"f3227e3822051e356d31224ef758142a"
age
4606
access-control-allow-methods
GET, HEAD, POST
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
HIT, MISS
date
Fri, 18 Oct 2024 08:21:57 GMT
last-modified
Fri, 18 Oct 2024 05:32:13 GMT
content-disposition
attachment
x-served-by
cache-iad-kcgs7200064-IAD, cache-yul1970069-YUL
content-type
application/x-mpegURL
x-amz-id-2
viKOU4Y0H/D03tGh97UyiT41Jmst/aElSmT93pj5AcS8zjisG1yW2TiGXbbKjTLt4ODEBDW9+4tzWT1mLAQDKA==
x-cache-hits
4, 0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control
max-age=86400
x-timer
S1729239717.178873,VS0,VE15
via
1.1 varnish, 1.1 varnish
x-amz-request-id
6DHJYSS7EY5W4NRK
accept-ranges
bytes
access-control-allow-origin
*
content-length
3824
server
AmazonS3
x-amz-server-side-encryption
AES256
285.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/882/8.gif?o=api&id5id=ID5*NGzMIUisp7Y1sUKWNF5sBjKNQ2M56M3PnJK17M2-_QrPyHEgYT6DPtdiLeaLq6oD&gdpr_consent=undefined&gdpr=false
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/882/2/7/2.gif?puid=1983122268661007137&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F104%2F6%2F3.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/882/104/6/3.gif?puid=995d419d-f746-40ae-8fb8-99aab453f632&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=M2EGOFS6-15-DASZ&gdpr=0
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/285.gif?puid=M2EGOFS6-15-DASZ&gdpr=0
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
text/html;charset=utf-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://id5-sync.com/k/285.gif?puid=M2EGOFS6-15-DASZ&gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Pragma
no-cache
content-length
0
ads
selector.voltaxam.com/ 		125 B
618 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://selector.voltaxam.com/ads
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-99-84.iad55.r.cloudfront.net
Software
/
Resource Hash
a045b83e113e0188b42ef821be158592c381a0832dafa3a4b32d0db1654e5d6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

x-region
us-west-2
cache-control
private,no-store
content-encoding
gzip
access-control-allow-methods
PUT, POST, DELETE, PATCH
via
1.1 e84404231b384141b3b0f51e40964ef6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
136
x-amz-cf-id
P5eJ28ARtBah1fRV0m_-EnwgpLH-WEIyccsznPpTTPPRcwaFhfg6QA==
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
IAD55-P7
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
AGSKWxVIlbo_TsyvrWNdOR6bUdlKt2N6610gJEOvBvfk30PJJEuJdpVO-4bHCRyEDZ3wNekgEUHFQvBFBJnkyRZruRv7VTTN2km8JPFj0eFTqh5L4t45SrGVhwKDpWJ6frERJqHDiFtfEg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVIlbo_TsyvrWNdOR6bUdlKt2N6610gJEOvBvfk30PJJEuJdpVO-4bHCRyEDZ3wNekgEUHFQvBFBJnkyRZruRv7VTTN2km8JPFj0eFTqh5L4t45SrGVhwKDpWJ6frERJqHDiFtfEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjM5NzE3LDI3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZHVib2lzY291bnR5aGVyYWxkLmNvbS8iLG51bGwsW1s4LCJUeTBoZU1melgzcyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f138.1e100.net
Software
ESF /
Resource Hash
700272f0ba7c739bb64dff3feccbad9317df197132fa8005ef9cb3777669f215
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hwEQggvpWQ8QXnnmEbH_ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNGQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcCzdemIHm0DDmuMzGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMzOMLDACkp08x"
content-security-policy
script-src 'report-sample' 'nonce-hwEQggvpWQ8QXnnmEbH_ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
join-ad-interest-groups.html
proton.ad.gt/ Frame 104C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://proton.ad.gt/join-ad-interest-groups.html
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
ad-auction-allowed
true
age
1207
apigw-requestid
f1RjghTJPHcEP0Q=
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8d471e25091da257-YUL
content-encoding
br
content-type
text/html
date
Fri, 18 Oct 2024 08:21:56 GMT
last-modified
Fri, 18 Oct 2024 06:13:16 GMT
server
cloudflare
supports-loading-mode
fenced-frame
vary
Accept-Encoding
join-ad-interest-groups.html
proton.ad.gt/ Frame CAC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://proton.ad.gt/join-ad-interest-groups.html
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
ad-auction-allowed
true
age
1207
apigw-requestid
f1RjghTJPHcEP0Q=
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8d471e25091da257-YUL
content-encoding
br
content-type
text/html
date
Fri, 18 Oct 2024 08:21:56 GMT
last-modified
Fri, 18 Oct 2024 06:13:16 GMT
server
cloudflare
supports-loading-mode
fenced-frame
vary
Accept-Encoding
event
p.ad.gt/api/v1/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e292c6aa278-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
event
p.ad.gt/api/v1/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e292c6ba278-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
38599228599068856711f1775c9817.94246171-00002.ts
cdnmedia.sendtonews.com/videos/m3u8/1000k/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnmedia.sendtonews.com/videos/m3u8/1000k/38599228599068856711f1775c9817.94246171-00002.ts
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.215.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3ce6d2df32560139da68b20a43e18072c2afea48e8e350106d982807cdb7a7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag
"905d76104e4332359d59c6ea9d8f03b6"
age
4606
access-control-allow-methods
GET, HEAD, POST
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
HIT, MISS
date
Fri, 18 Oct 2024 08:21:57 GMT
last-modified
Fri, 18 Oct 2024 05:30:32 GMT
content-disposition
attachment
x-served-by
cache-iad-kcgs7200028-IAD, cache-yul1970069-YUL
content-type
video/mp2t
x-amz-id-2
HghkuDl8iU6uCcI+hMBQW1yD21LYR+V/KguCQS3Ko5mjLU39o98sgyf9FWUKrkUKh2hopWB+XA0=
x-cache-hits
3, 0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control
max-age=86400
x-timer
S1729239717.306209,VS0,VE20
via
1.1 varnish, 1.1 varnish
x-amz-request-id
6DHNKBR2CJBE3YZ2
accept-ranges
bytes
access-control-allow-origin
*
content-length
1570364
server
AmazonS3
x-amz-server-side-encryption
AES256
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 18 Oct 2024 08:21:57 GMT
AGSKWxUUCLHPWYWU73aI33_bcDJm5_3DaBeZ46VxR1X2YUseO4zJW5P1qcpqKKx0Twl358VrX3g4mZoFApyRv1U5K4x0suSFc0C08tThpZUmf-fmIsCOTYWttid9JaXw9wYd1fuul86Iiw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUUCLHPWYWU73aI33_bcDJm5_3DaBeZ46VxR1X2YUseO4zJW5P1qcpqKKx0Twl358VrX3g4mZoFApyRv1U5K4x0suSFc0C08tThpZUmf-fmIsCOTYWttid9JaXw9wYd1fuul86Iiw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4qY2YpIIWqGxQh_cy9AyAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY-nWEzvYBHb8-XidUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmukZmMUXGAAADT0wGQ"
content-security-policy
script-src 'report-sample' 'nonce-4qY2YpIIWqGxQh_cy9AyAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
0
x-xss-protection
0
server
ESF
event
p.ad.gt/api/v1/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e2a0cc8a278-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
event
p.ad.gt/api/v1/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e2a0cc9a278-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
event
p.ad.gt/api/v1/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e2a1cd2a278-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
event
p.ad.gt/api/v1/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

cf-ray
8d471e2a1cd3a278-YUL
access-control-allow-origin
https://www.duboiscountyherald.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.duboiscountyherald.com%2F&domain=www.duboiscountyherald.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0&gpp_sid=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.duboiscountyherald.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 18 Oct 2024 08:21:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
211637
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.duboiscountyherald.com%2F&domain=www.duboiscountyherald.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0&gpp_sid=-1
  • https://mug.criteo.com/sid?cpp=6Z-VqHx1ZThkSjBvcFNsd1ZiK0tuUEFnai9BdC9HV1laYXF0RUJ6alM4K284ckZ6Uk9VRTg1Vk9MNUptK3R5a3FEY2RaeGhpN2lZV2xTU1FuRE9CeXJTSHlXMkcxUTZaZk5xSDZIeDAyd0hRaG5SdE56czRUK1plYkRZSk...
474 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6Z-VqHx1ZThkSjBvcFNsd1ZiK0tuUEFnai9BdC9HV1laYXF0RUJ6alM4K284ckZ6Uk9VRTg1Vk9MNUptK3R5a3FEY2RaeGhpN2lZV2xTU1FuRE9CeXJTSHlXMkcxUTZaZk5xSDZIeDAyd0hRaG5SdE56czRUK1plYkRZSkE4YjcwREFQRzh1Zm1BYjV4SFpkYStobmZNZlRFNmpPWWlHdVZkYzdvekpMSWV0L2IrajVmZUhreEw3WXRUeWROZjZISllkNkR4N2JnREJDT1hnRFhFZk1RWXVNd1hUOFpNYXpuUGNVOWE4ekdoOVBoOW5jdzhKNzZsWVNPVEVEQWZ0bDdvV3pGdWYvQVF2eVZ3dmNxdWJGWVFSMVpnYVVJcERaUjJqalhsWlF0TkxNS3M1U21lVitQZFpIbUwyMFFaaEFkN2djWGMwdGt0bmc3b2ZqODI5ZVRvR3VMZGtzRzgwL01WNFlsL3pUZEJ3Q3plZWM9fA&cppv=2
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f90a0df47a8c280a512aff603b64c13d2587ebd86862f71649fd1e9860b0ab67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
778697
expires
0
access-control-allow-origin
null
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=6Z-VqHx1ZThkSjBvcFNsd1ZiK0tuUEFnai9BdC9HV1laYXF0RUJ6alM4K284ckZ6Uk9VRTg1Vk9MNUptK3R5a3FEY2RaeGhpN2lZV2xTU1FuRE9CeXJTSHlXMkcxUTZaZk5xSDZIeDAyd0hRaG5SdE56czRUK1plYkRZSkE4YjcwREFQRzh1Zm1BYjV4SFpkYStobmZNZlRFNmpPWWlHdVZkYzdvekpMSWV0L2IrajVmZUhreEw3WXRUeWROZjZISllkNkR4N2JnREJDT1hnRFhFZk1RWXVNd1hUOFpNYXpuUGNVOWE4ekdoOVBoOW5jdzhKNzZsWVNPVEVEQWZ0bDdvV3pGdWYvQVF2eVZ3dmNxdWJGWVFSMVpnYVVJcERaUjJqalhsWlF0TkxNS3M1U21lVitQZFpIbUwyMFFaaEFkN2djWGMwdGt0bmc3b2ZqODI5ZVRvR3VMZGtzRzgwL01WNFlsL3pUZEJ3Q3plZWM9fA&cppv=2
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
285196
expires
0
access-control-allow-origin
https://www.duboiscountyherald.com
content-length
0
date
Fri, 18 Oct 2024 08:21:57 GMT
server
Kestrel
prebid
id5-sync.com/api/config/ 		195 B
486 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
abc076e93d4dbba7305a62b3a03557257b1b6a0f9cde1b11bd45d1e67e6ac825
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
sync
cookies.nextmillmedia.com/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=-1&type=image
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.28.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-28-204.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

date
Fri, 18 Oct 2024 08:21:57 GMT
server
fasthttp
content-length
0
stv
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid[]=-1
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e8d8e1a9cc81c503bae82937c96656&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo040f_7428193629734571085&gdpr=0&gdpr_consent=undefined
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=undefined
23 B
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=undefined
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
HTTP/1.1
Server
52.45.226.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-226-91.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
b74e7c9dbf57703b7b6bde0f9ef962837d00c74dfd9c5560e88ba61ea47a456b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
23
Date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
text/plain
Server
gunicorn
Connection
keep-alive

Redirect headers

Cache-Control
no-cache
Location
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=undefined
Pragma
no-cache
x-sticky-vk
1729239718523028-322
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
0
Date
Fri, 18 Oct 2024 08:21:58 GMT
Server
nginx
auction_end
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/auction_end
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.244.44.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-44-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.duboiscountyherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://www.duboiscountyherald.com
access-control-max-age
86400
date
Fri, 18 Oct 2024 08:21:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction_end
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ 		60 B
230 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/auction_end
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.88.158.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-88-158-247.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d3ec1e21478202d824b3df5af93434051930055afce455d50c3e78eb21fb6f2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-origin
https://www.duboiscountyherald.com
content-length
60
date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
297 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.duboiscountyherald.com
date
Fri, 18 Oct 2024 08:21:57 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6Z-VqHx1ZThkSjBvcFNsd1ZiK0tuUEFnai9BdC9HV1laYXF0RUJ6alM4K284ckZ6Uk9VRTg1Vk9MNUptK3R5a3FEY2RaeGhpN2lZV2xTU1FuRE9CeXJTSHlXMkcxUTZaZk5xSDZIeDAyd0hRaG5SdE56czRUK1plYkRZSkE4YjcwREFQRzh1Zm1BYjV4SFpkYStobmZNZlRFNmpPWWlHdVZkYzdvekpMSWV0L2IrajVmZUhreEw3WXRUeWROZjZISllkNkR4N2JnREJDT1hnRFhFZk1RWXVNd1hUOFpNYXpuUGNVOWE4ekdoOVBoOW5jdzhKNzZsWVNPVEVEQWZ0bDdvV3pGdWYvQVF2eVZ3dmNxdWJGWVFSMVpnYVVJcERaUjJqalhsWlF0TkxNS3M1U21lVitQZFpIbUwyMFFaaEFkN2djWGMwdGt0bmc3b2ZqODI5ZVRvR3VMZGtzRzgwL01WNFlsL3pUZEJ3Q3plZWM9fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 18 Oct 2024 08:21:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
220091
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
setuid
s2s.t13.io/
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D...
  • https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1404747330581755325
86 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1404747330581755325
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
image/png

Redirect headers

date
Fri, 18 Oct 2024 08:21:57 GMT
location
https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1404747330581755325
content-length
0
229.json
id5-sync.com/g/v2/ 		632 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/229.json
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
355ffdebb36464dfecac2c82f77f37b1fabcf8c7962d124afa7606906a1f3ccc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
application/json
vary
Origin
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
582ae7eab3fb90b4faa0834c13963c08a14373bd307b5043376ce887235c8ba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
setuid
s2s.t13.io/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%...
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3722413151978372000V10
86 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3722413151978372000V10
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
image/png

Redirect headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
cache-control
max-age=0, no-cache, no-store
location
https://s2s.t13.io/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3722413151978372000V10
pragma
no-cache
expires
Fri, 18 Oct 2024 08:21:58 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
content-length
154
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
text/html
server
Apache
setuid
s2s.t13.io/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=rubicon&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3...
  • https://s2s.t13.io/setuid?bidder=resetdigital&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=000001608506EC0D
86 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=resetdigital&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=000001608506EC0D
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
image/png

Redirect headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
location
https://s2s.t13.io/setuid?bidder=resetdigital&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=000001608506EC0D
content-length
0
date
Fri, 18 Oct 2024 08:21:58 GMT
content-type
text/html
bridge3.673.0_en.html
imasdk.googleapis.com/js/core/ Frame 6E50 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.673.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.duboiscountyherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
246651
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
257403
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Oct 2024 11:51:07 GMT
expires
Wed, 15 Oct 2025 11:51:07 GMT
last-modified
Mon, 14 Oct 2024 19:57:21 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::94 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:21:58 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
16746
date
Fri, 18 Oct 2024 08:21:58 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5D5A 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
2079
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:47:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 07:47:19 GMT
last-modified
Thu, 11 Apr 2024 19:10:13 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges
bytes
content-length
13943
x-xss-protection
0
server
sffe
json
trc.taboola.com/unknown-site-on-townnews-network/trc/3/ 		31 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/unknown-site-on-townnews-network/trc/3/json?tim=01%3A21%3A59.743&lti=deflated&data=%7B%22id%22%3A292%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1725886917359%2C%22vi%22%3A1729239719740%2C%22cv%22%3A%2220240909-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.duboiscountyherald.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.duboiscountyherald.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7666%2C%22nsid%22%3A%22townnews-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22thumbnails-c%3Apub%3Dtownnews-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A7132.828125%2C%22mw%22%3A1336%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-c%3Apub%3Dtownnews-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240909-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Fri, 18 Oct 2024 08:21:59 GMT
content-type
text/plain;charset=utf-8
x-served-by
cache-yul1970071-YUL
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
25338
x-timer
S1729239720.792947,VS0,VE31
x-vcl-time-ms
31
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.duboiscountyherald.com
x-service-version
v1
server
nginx
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729239717166&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729239717166&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...
43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729239717166&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3927506&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729239719762&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2596&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.duboiscountyherald.com%2F&c8=duboiscountyherald.com&c9=
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Server
3.167.37.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-37-16.iad61.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 c813b6a2744af01ddcd5259923d9b0fa.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
AMer8SagfyRDgvBoexC2h5YWzRJuIVFyYb2Vu0_H1uZ-99CF5dnxkA==
date
Fri, 18 Oct 2024 08:21:59 GMT
content-type
image/gif
x-amz-cf-pop
IAD61-P4

Redirect headers

location
/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1729239717166&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=2&ns_st_ad=1&ns_st_ci=3927506&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1729239719762&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2596&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.duboiscountyherald.com%2F&c8=duboiscountyherald.com&c9=
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 c813b6a2744af01ddcd5259923d9b0fa.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
Mq3cr_SYZgr1pvBk_Eqp9UmjvhDwdpykSRWktPlhcrMrE8XOS5gdVg==
date
Fri, 18 Oct 2024 08:21:59 GMT
x-amz-cf-pop
IAD61-P4
csi
csi.gstatic.com/ 		0
532 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~m2egoh26&c=3281404279811&slotId=1640702139905.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4003:c03::78 Santiago, Chile, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:22:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
ACJ0pHgwRQIhANivAR6wIE0g5eVOz0buPX4mkbgg9Tr6_zwlfIhDLw8dAiBgDVZsw90wzV4eiD5ktJPYD64nAzDrMikARdNifRaMBw%3D%3D
r4---sn-tt1e7nls.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/Egh...
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/E...
  • https://r9---sn-quxapm-3c2s.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/...
  • https://r1---sn-p5qddn7z.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc...
  • https://r4---sn-tt1e7nls.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc...
10 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-tt1e7nls.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/Eghovf3BOnoBAQ%3D%3D/expire/1760775719/sparams/expire,ei,ip,id,itag,requiressl,acao,ctier,source,susc,xpc/sig/AJfQdSswRAIgLHDN6FuOPTzrylwZpXkmaB-nNnDY7OvsrjQXvl2TA4MCIFRlgguxZGgL7glJP1o9OzNFP_xtGq19BNqYNBRc6k4Z/rm/sn-quxapm-3c2s7y,sn-p5qeed7e/rrc/79,104/fexp/24350595,24350675,24350705/req_id/ce3231401b9336e2/rms/rdu,nvh/redirect_counter/2/cms_redirect/yes/cmsv/e/ipbypass/yes/met/1729239720,/mh/H-/mip/167.114.209.103/mm/29/mn/sn-tt1e7nls/ms/rdu/mt/1729239430/mv/u/mvi/4/pl/20/lsparams/ipbypass,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms/lsig/ACJ0pHgwRQIhANivAR6wIE0g5eVOz0buPX4mkbgg9Tr6_zwlfIhDLw8dAiBgDVZsw90wzV4eiD5ktJPYD64nAzDrMikARdNifRaMBw%3D%3D?file=file.mp4
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H3
Server
74.125.0.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s23-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
private, max-age=86400
client-protocol
quic
Content-Range
bytes 0-20546235/20546236
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:22:00 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
20546236
date
Fri, 18 Oct 2024 08:22:00 GMT
last-modified
Thu, 03 Oct 2024 17:30:59 GMT
content-type
video/mp4
vary
Origin
server
gvs 1.0

Redirect headers

cache-control
private, max-age=900
location
https://r4---sn-tt1e7nls.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/Eghovf3BOnoBAQ%3D%3D/expire/1760775719/sparams/expire,ei,ip,id,itag,requiressl,acao,ctier,source,susc,xpc/sig/AJfQdSswRAIgLHDN6FuOPTzrylwZpXkmaB-nNnDY7OvsrjQXvl2TA4MCIFRlgguxZGgL7glJP1o9OzNFP_xtGq19BNqYNBRc6k4Z/rm/sn-quxapm-3c2s7y,sn-p5qeed7e/rrc/79,104/fexp/24350595,24350675,24350705/req_id/ce3231401b9336e2/rms/rdu,nvh/redirect_counter/2/cms_redirect/yes/cmsv/e/ipbypass/yes/met/1729239720,/mh/H-/mip/167.114.209.103/mm/29/mn/sn-tt1e7nls/ms/rdu/mt/1729239430/mv/u/mvi/4/pl/20/lsparams/ipbypass,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms/lsig/ACJ0pHgwRQIhANivAR6wIE0g5eVOz0buPX4mkbgg9Tr6_zwlfIhDLw8dAiBgDVZsw90wzV4eiD5ktJPYD64nAzDrMikARdNifRaMBw%3D%3D?file=file.mp4
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:22:00 GMT
content-length
0
date
Fri, 18 Oct 2024 08:22:00 GMT
last-modified
Wed, 02 May 2007 10:26:10 GMT
vary
Origin
server
gvs 1.0
content-type
text/html
debug
trc-events.taboola.com/unknown-site-on-townnews-network/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/unknown-site-on-townnews-network/log/2/debug?tim=01%3A21%3A59.836&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=3759&cv=20240909-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-fastly-to-nlb-rtt
28040
date
Fri, 18 Oct 2024 08:22:00 GMT
server
nginx
access-control-allow-credentials
true
debug
trc-events.taboola.com/unknown-site-on-townnews-network/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/unknown-site-on-townnews-network/log/2/debug?tim=01%3A21%3A59.837&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=4998&cv=20240909-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-fastly-to-nlb-rtt
28040
date
Fri, 18 Oct 2024 08:22:00 GMT
server
nginx
access-control-allow-credentials
true
debug
trc-events.taboola.com/unknown-site-on-townnews-network/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/unknown-site-on-townnews-network/log/2/debug?tim=01%3A21%3A59.838&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=1063&cv=20240909-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.duboiscountyherald.com
URL: https://www.duboiscountyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

x-fastly-to-nlb-rtt
28040
date
Fri, 18 Oct 2024 08:22:00 GMT
server
nginx
access-control-allow-credentials
true
13815
check.analytics.rlcdn.com/check/ 		25 B
385 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13815
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-58.iad89.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.duboiscountyherald.com/

Response headers

x-amz-apigw-id
f1kaTH5GDoEENAA=
x-amzn-trace-id
Root=1-67121aa8-17c697d5543f4b474bb7299b
x-amzn-requestid
0becbc22-db39-463b-b590-aa579c632dff
via
1.1 88b63cb2f8aab28c7291262ffc15282e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
25
x-amz-cf-id
8L_y3Nw5FQmQPM-34h5nCNXBuBpQ3A3tpTcYyXuKIpPR8ziU2dFMaQ==
date
Fri, 18 Oct 2024 08:22:00 GMT
content-type
application/json
x-amz-cf-pop
IAD89-C1
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4ah0v887101457za200zb861227858&_p=1729239713077&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101686685&cid=189152098.1729239714&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&dt=duboiscountyherald.com&dl=https%3A%2F%2Fwww.duboiscountyherald.com%2F&sid=1729239714&sct=1&seg=0&_s=2&tfd=7589
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.duboiscountyherald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 08:22:00 GMT
content-type
text/plain
server
Golfe2
/
events3.bqstreamer.com/ 		0
289 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events3.bqstreamer.com/
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDxtRb4dv5T6vi6VmJDTCW8DXY%2FRsjjNi%2FREY4i7gnjXcHlgvvnIE1LQGa50XAcz3Dk7j6omoheWzYovvu2A5DrGrC3bLPlJlfnEnic%2FXc%2BFEYPNZKw5DbsTBMaBTMDNgUrmMRiVM7Tc0Zb01eEdSLyQ9EY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d471e3e7964a281-YUL
access-control-allow-origin
*
date
Fri, 18 Oct 2024 08:22:00 GMT
content-type
text/plain
vary
Accept-Encoding
server
cloudflare
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=8yKEYb_s1J43i9zk&instance=298215217&version=production-5.0.166&age=241018&key=yFxaHa1K&c_id=13062&seq=1&order=5&vIndex=0&absoluteTime=8157.3&relativeTime=6581.1&ldt=HB_IMP&sC_ID=4735&sm_id=3927506&status=LVFNLNOY&ac_id=2010&adSystem=GDFP&adIndex=-1&visiblestatecd=I&soundcd=OFF&bidvl=9.28&lineItem=&adX=false&iu=/92056281,21798091349/duboiscountyherald-premium&demandOwner=STN&network=Direct&payingEntity=Direct&netCpm=3.48&advertiserId=5071200917&CO_ID=2147&sCO_ID=1239&isClientAdRequest=true&bidProvider=direct
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.80.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-80-206.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.duboiscountyherald.com/

Response headers

accept-ranges
bytes
content-length
26
date
Fri, 18 Oct 2024 08:22:00 GMT
etag
"1a-5b72883b37f80"
content-type
image/gif
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
ads
selector.voltaxam.com/ 		125 B
618 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://selector.voltaxam.com/ads
Requested by
Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-99-84.iad55.r.cloudfront.net
Software
/
Resource Hash
a045b83e113e0188b42ef821be158592c381a0832dafa3a4b32d0db1654e5d6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.duboiscountyherald.com/

Response headers

x-region
us-west-2
cache-control
private,no-store
content-encoding
gzip
access-control-allow-methods
PUT, POST, DELETE, PATCH
via
1.1 e84404231b384141b3b0f51e40964ef6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
136
x-amz-cf-id
mnQj7IzcRBbxo4rPzs1LwYI-PIAtFISRitemPQF_stwXziLJRBJ3wg==
date
Fri, 18 Oct 2024 08:22:00 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
IAD55-P7
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
bid
aax.amazon-adsystem.com/e/dtb/ Frame BF58 		101 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.duboiscountyherald.com%2F&pid=y65NTbUFRgM9w&cb=1&ws=1600x1200&v=24.827.1552&t=5000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A10%2C%22id%22%3A%22stn_accompanying_content%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%22csngn4%22%5D&schain=1.0%2C1%21stnvideo.com%2CSTN_0004809%2C1%2C%2C%2C&sm=dc0e359f-c132-4b00-a4d0-544adcfd58ef&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%2C%22id5%22%3A%22ID5*NGzMIUisp7Y1sUKWNF5sBjKNQ2M56M3PnJK17M2-_QrPyHEgYT6DPtdiLeaLq6oD%22%2C%22pubcommon%22%3A%22c0454a23-cdfb-4963-8149-b7245776ba48%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.98.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-98-152.iad55.r.cloudfront.net
Software
Server /
Resource Hash
c29cc40579237b0734ccf14abeb111d8a2c6a293e96b836007e8e912547cd2da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 6f1c32addde00f50ba0fcba618c903d6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.duboiscountyherald.com
x-cache
Miss from cloudfront
content-length
113
x-amz-cf-id
pDp4b9HpJRNmX5O9XE07uCdLeqNHGO_A2Dos2MoLXhbgQgIV9STtlw==
date
Fri, 18 Oct 2024 08:22:01 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
IAD55-P7
server
Server
ACJ0pHgwRQIhANivAR6wIE0g5eVOz0buPX4mkbgg9Tr6_zwlfIhDLw8dAiBgDVZsw90wzV4eiD5ktJPYD64nAzDrMikARdNifRaMBw%3D%3D
r4---sn-tt1e7nls.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/Egh... 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-tt1e7nls.gvt1.com/videoplayback/id/a8e3b48f97960aac/itag/37/source/dclk_video_ads/acao/yes/cpn/5F1UEOGlt9R9kVVQ/ctier/L/ei/pxoSZ7K4GJCq3rsPtrXH6Ag/ip/0.0.0.0/requiressl/yes/susc/dvc/xpc/Eghovf3BOnoBAQ%3D%3D/expire/1760775719/sparams/expire,ei,ip,id,itag,requiressl,acao,ctier,source,susc,xpc/sig/AJfQdSswRAIgLHDN6FuOPTzrylwZpXkmaB-nNnDY7OvsrjQXvl2TA4MCIFRlgguxZGgL7glJP1o9OzNFP_xtGq19BNqYNBRc6k4Z/rm/sn-quxapm-3c2s7y,sn-p5qeed7e/rrc/79,104/fexp/24350595,24350675,24350705/req_id/ce3231401b9336e2/rms/rdu,nvh/redirect_counter/2/cms_redirect/yes/cmsv/e/ipbypass/yes/met/1729239720,/mh/H-/mip/167.114.209.103/mm/29/mn/sn-tt1e7nls/ms/rdu/mt/1729239430/mv/u/mvi/4/pl/20/lsparams/ipbypass,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms/lsig/ACJ0pHgwRQIhANivAR6wIE0g5eVOz0buPX4mkbgg9Tr6_zwlfIhDLw8dAiBgDVZsw90wzV4eiD5ktJPYD64nAzDrMikARdNifRaMBw%3D%3D?file=file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.0.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s23-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.duboiscountyherald.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=10485760-

Response headers

cache-control
private, max-age=86400
client-protocol
quic
Content-Range
bytes 10485760-20546235/20546236
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 08:22:00 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
10060476
date
Fri, 18 Oct 2024 08:22:00 GMT
last-modified
Thu, 03 Oct 2024 17:30:59 GMT
content-type
video/mp4
vary
Origin
server
gvs 1.0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/duboiscountyherald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
582ae7eab3fb90b4faa0834c13963c08a14373bd307b5043376ce887235c8ba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.duboiscountyherald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.duboiscountyherald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Fri, 18 Oct 2024 08:22:03 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaG3Ao1gAHFw_-nrG3fPbisCkoH-PPWq4rKI5dCQOtXJoAj8pb6hIhM4a4eOVjs4NfeOFV0nMnaKbYg8USB931rAJc6Q
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58827/sync?redir=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid=

Verdicts & Comments Add Verdict or Comment

520 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| dataLayer boolean| tncms_access_control_sync object| TNCMS function| $ function| jQuery function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| logProductListViewed object| logProductClicked object| logProductViewed object| logProductAdded object| logProductRemoved object| logCheckoutStarted object| logCheckoutStepViewed object| logCheckoutStepCompleted object| logPaymentInfoEntered object| logOrderCompleted object| googletag object| gptAdSlots object| maillist_signup_config object| flippxp function| gtag object| freestar function| TNStats_Tracker object| TNTracker function| placeItems function| cssGridPolyfill function| toArray object| _pubfigInstanceManagerConfig function| handleMessageFromNative function| stubFunc function| mmPlayerCallback string| mmCC string| mmRC string| mmCTC object| mmTargetConfig object| mmPrediction object| mmVoltaxPlayerConfig object| tntSignup object| tntShowOfferModalTab object| tntPurchase object| tntOfferPopulateModal object| ggeac object| google_tag_data object| google_js_reporting_queue object| tntPayment object| paymentPromisesSpreedly function| SpreedlyIdentifyPaymentCard function| SpreedlyallowSubmit function| SpreedlyPayment function| submitPaymentFormSpreedly object| userStatus function| stick_in_parent object| wpJsonRciWidget object| ua_result object| revcontent function| renderRCWidget object| google_tag_manager object| recaptcha object| fsprebid object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| _taboola object| buttonWrapper object| closure_lm_207293 string| GoogleAnalyticsObject function| ga object| google_reactive_ads_global_state object| fsprebidChunk object| mnet object| analytics object| TRC function| _typeof object| _tblConsole object| owpbjsChunk object| owpbjs object| PWT function| dspCriteoRTUSCallback function| dspCMCallback object| gaGlobal object| gaplugins object| gaData number| __mobxInstanceCount object| __mobxGlobals object| monti object| voltax object| regeneratorRuntime object| ADAGIO object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YjNhNDM0OTJkNDVlMmU4M2xvYWRlcl9qcw== string| YjNhNDM0OTJkNDVlMmU4M2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_topics_state number| google_unique_id function| load_script object| confiant object| apstag function| _hadron object| edktInitializor object| liQ_instances object| _qevents object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level object| TRCImpl function| pubHadronCb object| __uid2SecureSignalProvider object| __uid2 object| ox_esp object| pbjs object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 function| lotameIsCompatible function| sync16589_aa function| sync16589_c function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ia object| sync16589_ja object| sync16589_s object| sync16589_wa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_ga function| sync16589_ha function| sync16589_t function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_ka function| sync16589_la function| sync16589_y function| sync16589_ma function| sync16589_z function| sync16589_A function| sync16589_u function| sync16589_C function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_qa function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_M function| sync16589_L function| sync16589_N function| sync16589_O function| sync16589_J function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_P function| sync16589_Q function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_S function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea function| sync16589_T function| sync16589_Fa function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Ga function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_Ha function| sync16589_3 function| sync16589_Ja function| sync16589_Ia function| sync16589_4 function| sync16589_La function| sync16589_Ma function| sync16589_Ka function| sync16589_Na function| sync16589_Qa function| sync16589_Pa function| sync16589_Oa function| sync16589_Sa function| sync16589_Ua function| sync16589_Ra function| sync16589_6 function| sync16589_Ta function| sync16589_Xa function| sync16589_Wa function| sync16589_Va function| sync16589_7 function| sync16589_5 function| sync16589_8 function| sync16589_Ya function| sync16589_Za function| sync16589__a function| sync16589_0a function| sync16589_9 function| sync16589_1a function| sync16589_$ function| sync16589_2a function| sync16589_3a function| sync16589_4a object| lotame_sync_16589 object| __id5_finalization_registry number| infolinks_pid object| hadron boolean| __halo_loaded__ object| _33across function| quantserve function| __qc object| ezt object| _aps boolean| apstagLOADED object| apscustom object| __bt object| __bt_intrnl object| au object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded boolean| IL_INIT object| $iceboot object| INFOLINKS string| infolinks_basePath function| _33AcrossIdMappingsProvider function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a object| ID5 object| __bt_tag_d boolean| __bt_already_invoked object| auvars object| PublisherCommonId function| _defineProperty object| google_image_requests string| sUserId function| docReady object| autag object| audDataLayer function| audGtag object| mmBidderBids object| voltaxPlayerPrebid-MHgR-0J15-VEHe-TlCF object| mmAudigentSegments function| setTargeting object| criteo_syncframe_state object| au_seg object| ns_ boolean| fedf5937-68c4-459d-abe8-ba7139750dfd number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| nmmRefreshCounts object| freewheelssp_cache object| closure_lm_985444 object| closure_lm_14609 number| taboola_view_id

355 Cookies

Domain/Path Name / Value
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1729239718050
.3lift.com/sync Name: sync
Value: CgoIgAIQxp_g9akyCgoIoQEQxp_g9akyCgoIgQIQzbHg9akyCgoI4gEQxp_g9akyCgoI5gEQxp_g9akyCgoIhwIQxp_g9akyCgoI5wEQzbHg9akyCgkISRDNseD1qTIKCQgLEM2x4PWpMgoKCIwCEMaf4PWpMgoKCKwCEMaf4PWpMgoKCK0CEM2x4PWpMgoKCM4BEM2x4PWpMgoKCI4BEM2x4PWpMgoKCJQCEM2x4PWpMgoJCDkQzbHg9akyCgkIOhDGn-D1qTIKCQgbEMaf4PWpMgoKCN4BEM2x4PWpMgoJCF8Qxp_g9aky
.smartadserver.com/api Name: pid
Value: 7532398148405229018
.liadm.com/j Name: lidid
Value: 2c514922-7c5a-49ac-8116-f0301c6f7670
www.duboiscountyherald.com/ Name: flipp-uid
Value: 579bba26-ddec-4d45-919d-cde58582842d
.pub.network/ Name: _fsuid
Value: a6819c50-564a-45c3-9710-074ccfd02083
.p.flipp.com/ Name: gid
Value: "71Y0/AACruwlTzrsAsGCpA=="
cdn.taboola.com/ Name: abLdr
Value: 16
.pippio.com/ Name: did
Value: pmhl9lmzCgk6gxFs
.pippio.com/ Name: didts
Value: 1729239713
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
www.duboiscountyherald.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.duboiscountyherald.com/ Name: _ga_THV0ZYGM9S
Value: GS1.1.1729239713.1.0.1729239713.60.0.0
.duboiscountyherald.com/ Name: _gid
Value: GA1.2.523826529.1729239714
.duboiscountyherald.com/ Name: _gat_gtag_UA_24711116_1
Value: 1
.duboiscountyherald.com/ Name: _li_dcdm_c
Value: .duboiscountyherald.com
.duboiscountyherald.com/ Name: _lc2_fpi
Value: 9773e70d4767--01jafbg2p3hf013mcm2pv1ddw0
.duboiscountyherald.com/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1729239714499%7D
.duboiscountyherald.com/ Name: cookie
Value: 2d761e39-1679-4949-9afd-b497ce6473c2
.duboiscountyherald.com/ Name: cookie_cst
Value: TyylLI8srA%3D%3D
www.duboiscountyherald.com/ Name: _lr_retry_request
Value: true
www.duboiscountyherald.com/ Name: _lr_env_src_ats
Value: false
.revcontent.com/ Name: adb_blk
Value: false
.revcontent.com/ Name: __ID
Value: 9cbdbcbe55324998bd0cc1592b6346b9
.33across.com/ Name: check
Value: true
.adsrvr.org/ Name: TDID
Value: 1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec
.mfadsrvr.com/ Name: tuuid
Value: fa021524-d1e0-439e-90d9-c47da9b285c6
.mfadsrvr.com/ Name: c
Value: 1729239714
.mfadsrvr.com/ Name: tuuid_lu
Value: 1729239714
.liadm.com/ Name: lidid
Value: 2c514922-7c5a-49ac-8116-f0301c6f7670
.bidswitch.net/ Name: tuuid
Value: 995d419d-f746-40ae-8fb8-99aab453f632
.bidswitch.net/ Name: c
Value: 1729239714
.bidswitch.net/ Name: tuuid_lu
Value: 1729239714
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EA4E2E2C-7348-40D7-B1B1-36B982F2945D
.doubleclick.net/ Name: IDE
Value: AHWqTUm6Na_SGTRidQ5Lniu3GG689Pwx8WvSLtXc0ZRLL9t6K0OrAiBvyQ46f6cTiKA
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.ccgateway.net/ Name: ccuid
Value: 5fcbd134-2276-46c7-8591-7d8cf11df5d6
.duboiscountyherald.com/ Name: __gads
Value: ID=f3279937e3412467:T=1729239714:RT=1729239714:S=ALNI_MbP3r7vUcY3GmDf9y02l0cq8QHssg
.duboiscountyherald.com/ Name: __gpi
Value: UID=00000f2b6e94bd5b:T=1729239714:RT=1729239714:S=ALNI_MaqULQdsFvCdliS8xqePUgSXTYuJA
.duboiscountyherald.com/ Name: __eoi
Value: ID=a7da8c15223bacd1:T=1729239714:RT=1729239714:S=AA-AfjYCtmPWZoCobvutPzBXrEA3
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 2033594214188024268675
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: fb8263e35cead79e57692763cea0741e
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: u_e7ee0c4d-223c-4415-a710-0d19aac71243
.duboiscountyherald.com/ Name: lotame_domain_check
Value: duboiscountyherald.com
.duboiscountyherald.com/ Name: _cc_id
Value: fb8263e35cead79e57692763cea0741e
.duboiscountyherald.com/ Name: panoramaId_expiry
Value: 1729326115204
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.ad.gt/ Name: au_3p_check
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: 5894bba3-c271-4767-b695-a69675d9bf9b
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.ingage.tech/ Name: __cf_bm
Value: LYaaMRBbfP9ku7hTxHUppejTAhkssU5Bq8ulsVSWrXI-1729239715-1.0.1.1-9gbhXWhq71BTISIJXYfoOeg_ytEJ6IHRu2gRcls1ADTBImViMLGeZOZWfyjrzsSeSW4Moico2PsI1wDVwtwF0A
.rubiconproject.com/ Name: khaos
Value: M2EGOFS6-15-DASZ
.cootlogix.com/ Name: vdz_sync
Value: 6578687a-cb83-973c-9ae5-95d7a6858a0c
www.duboiscountyherald.com/ Name: ccuid
Value: 5fcbd134-2276-46c7-8591-7d8cf11df5d6
.duboiscountyherald.com/ Name: _au_1d
Value: AU1D-0100-001729239716-7CA6BOH9-YQW4
.quantserve.com/ Name: mc
Value: 67121aa3-7f6f3-ac5e2-68203
.duboiscountyherald.com/ Name: __qca
Value: P0-463905475-1729239715144
www.duboiscountyherald.com/ Name: logglytrackingsession
Value: 87ecb52c-07a8-4b5c-a918-6154e9d0bb88
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: 6BEA-WArz_fHbFschLECoNo2acZ_kdZa6dhG8D84fFXZgBo4YDEJK4IRArAV-5rQl0qWC-GRlAOSQ5JNBmJbKKwSNKV3i-JS74vZ5CbNnnc.
.adnxs.com/ Name: uuid2
Value: 1983122268661007137
.duboiscountyherald.com/ Name: ajs_anonymous_id
Value: a0426bb5-69d1-47dc-8823-d0b118e74020
.duboiscountyherald.com/ Name: _ga
Value: GA1.2.189152098.1729239714
.openx.net/ Name: i
Value: 9dc96dfc-f34f-0e92-159c-5b07d9aeafd3|1729239715
.go.sonobi.com/ Name: __uis
Value: d488114b-9613-41c8-aafb-e8c864b80352
.yieldmo.com/ Name: yieldmo_id
Value: Ve7o3YYK3oYhZ0T2AzDp%7C1729209600000%7C0
.tapad.com/ Name: TapAd_TS
Value: 1729239715764
.tapad.com/ Name: TapAd_DID
Value: 276b2029-492d-4354-8c5e-3b5cfe7222a9
.openx.net/ Name: pd
Value: v2|1729239715|vMbwuYgag2hEvPkWgyiK
.3lift.com/ Name: tluidp
Value: 2033594214188024268675
.ad.gt/ Name: au_id
Value: AU1D-0100-001729239716-7CA6BOH9-YQW4
.demdex.net/ Name: demdex
Value: 13006426327223697673403991016966352950
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.turn.com/ Name: uid
Value: 6984884236114738032
.ads.yieldmo.com/ Name: ptrt
Value: 1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec
.dpm.demdex.net/ Name: dpm
Value: 13006426327223697673403991016966352950
.ads.yieldmo.com/ Name: ptrunl
Value: OPTOUT
.ads.yieldmo.com/ Name: ptrc
Value: CAESEPpYOeT-2VCiXVqaDYh0caI
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f5a595c3-5da4-5e07-4c0e-cf5528daa32a.FvOMVqzn5%2FbJ6ambVqxJR66AgzRBuPMOZr8Up%2F4YY0k
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f5a595c3-5da4-5e07-4c0e-cf5528daa32a.FvOMVqzn5%2FbJ6ambVqxJR66AgzRBuPMOZr8Up%2F4YY0k
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9aWVw12kXgdMDs9VKNqjKqdy0Wc.De8IYD3yL21YfFHosd1SSUx1ESXVXWALXruVMq8PWsw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9aWVw12kXgdMDs9VKNqjKqdy0Wc.De8IYD3yL21YfFHosd1SSUx1ESXVXWALXruVMq8PWsw
.amazon-adsystem.com/ Name: ad-id
Value: A3DlsuV_RU-UjzvThVj5Rsk
.rubiconproject.com/ Name: khaos_p
Value: M2EGOFS6-15-DASZ
.media.net/ Name: visitor-id
Value: 3722413151978372000V10
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAEGcYBCCktci4BjABOgS9RxseQgTVJLIf.YgpPvXbZ2lMpDzwP4MLOihhrC6uuLwgq2l6GgwnFwgE
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAEGcYBCCktci4BjABOgS9RxseQgTVJLIf.YgpPvXbZ2lMpDzwP4MLOihhrC6uuLwgq2l6GgwnFwgE
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEM6CbGt7RF_vL5KfQyuZ1vI&KRTB&16514-CAESEM6CbGt7RF_vL5KfQyuZ1vI&KRTB&23025-CAESEM6CbGt7RF_vL5KfQyuZ1vI&KRTB&23386-CAESEM6CbGt7RF_vL5KfQyuZ1vI
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7016
.bing.com/ Name: MUID
Value: 068F70305A5168BB2CE4652C5B6A69BD
.c.bing.com/ Name: MR
Value: 0
.yahoo.com/ Name: A3
Value: d=AQABBKQaEmcCEG5EEUDXVW5Ggkv4TzYXXsUFEgEBAQFsE2cbZwAAAAAA_eMAAA&S=AQAAAudpzLObMSWtXdpgCxZvJ4I
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 56704915
.criteo.com/ Name: uid
Value: 358b8f93-fe97-4c94-99c6-c2ed9a45ccdb
.ipredictive.com/ Name: cu
Value: 814a90dd-dcf3-4d72-8f38-f46cc53042a9|1729239716281
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.thrtle.com/ Name: mc
Value: eyJpZCI6IjU4OGU2YzM4LTUyNTEtNDJmYy04NjA4LTBjZDJjZGRkODZhNCIsImwiOjE3MjkyMzk3MTYyOTIsInQiOjF9
.duboiscountyherald.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1729239714.1.0.1729239716.58.0.0
.go.sonobi.com/ Name: __uir_st
Value: 243545755504164755
.go.sonobi.com/ Name: __uin_st
Value: 9aWVw12kXgdMDs9VKNqjKqdy0Wc
.media.net/ Name: data-o
Value: 86493b3a-f1c8-0b85-2c05-ed810f660ef2~~8
.media.net/ Name: data-so
Value: d488114b-9613-41c8-aafb-e8c864b80352~~8
.linkedin.com/ Name: bcookie
Value: "v=2&b1df3e34-dcd1-43f6-8e6c-2141ce445767"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjkyMzk3MTY7MjswMjGxLptdo2NPo90ZkAT6L8QNgRlkoYB6ZTGDmA09F5jYxA==
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3421:u=1:x=1:i=1729239716:t=1729326116:v=2:sig=AQF0VDfn7upYTM9WdRHJWz-MA3UP0zyR"
.go.sonobi.com/ Name: __uir_td
Value: 243545755504164755
.go.sonobi.com/ Name: __uin_td
Value: 1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec
.ads.yieldmo.com/ Name: ptrrc
Value: M2EGOFS6-15-DASZ
.simpli.fi/ Name: suid
Value: 3AD3BB29E2174D679BF4FE0DB7167DC6
.w55c.net/ Name: wfivefivec
Value: IbwFQLzg1T1Ifa5
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-9d11d83d-af16-47a3-b844-53e576a269cb-67121aa4-5553&KRTB&23418-9d11d83d-af16-47a3-b844-53e576a269cb-67121aa4-5553&KRTB&23634-9d11d83d-af16-47a3-b844-53e576a269cb-67121aa4-5553
.deepintent.com/ Name: CDIUSER
Value: di_3eecfad9717e4abfb53f8
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220241018%22%7D
.media.net/ Name: data-r1
Value: OPTOUT~~8
.media.net/ Name: data-mf
Value: fa021524-d1e0-439e-90d9-c47da9b285c6~~1
.sitescout.com/ Name: ssi
Value: 78a3b52f-6231-4218-b8c6-2bc5dbbf4372#1729239716283
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:FC93A1D91998426DADBB0C200D25AD03&KRTB&23486-uid:FC93A1D91998426DADBB0C200D25AD03&KRTB&23489-uid:FC93A1D91998426DADBB0C200D25AD03&KRTB&23539-uid:FC93A1D91998426DADBB0C200D25AD03
.tribalfusion.com/ Name: ANON_ID
Value: acnoeUr2PKtFuYnT0tP9efhsmW1HnuZbWQhcM6DxS
.w55c.net/ Name: matchpubmatic
Value: 5
.bidr.io/ Name: bito
Value: AAMuJ07OJDUAABVUjLRLVg
.semasio.net/ Name: SEUNCY
Value: E5194B54F9F118B5
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-epWDUH3D01FhldRUKpGfAy-X11BhlIpQfJENymSR&KRTB&22979-epWDUH3D01FhldRUKpGfAy-X11BhlIpQfJENymSR&KRTB&23462-epWDUH3D01FhldRUKpGfAy-X11BhlIpQfJENymSR
.mxptint.net/ Name: mxpim
Value: R33647_11D954FC4_2A28CAE.1.000000000000000067121AA4
.go.sonobi.com/ Name: __uir_bw
Value: 243545755504164755
.go.sonobi.com/ Name: __uin_bw
Value: 995d419d-f746-40ae-8fb8-99aab453f632
.media.net/ Name: data-bs
Value: 995d419d-f746-40ae-8fb8-99aab453f632~~1
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-9aWVw12kXgdMDs9VKNqjKqdy0Wc&KRTB&23334-9aWVw12kXgdMDs9VKNqjKqdy0Wc&KRTB&23417-9aWVw12kXgdMDs9VKNqjKqdy0Wc&KRTB&23426-9aWVw12kXgdMDs9VKNqjKqdy0Wc
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-6984884236114738032&KRTB&23150-6984884236114738032&KRTB&23527-6984884236114738032&KRTB&23629-6984884236114738032
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-61f0cf4e-a5a4-4d10-aeea-910de8f7b995&KRTB&23340-61f0cf4e-a5a4-4d10-aeea-910de8f7b995&KRTB&23498-61f0cf4e-a5a4-4d10-aeea-910de8f7b995
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAAmsiH2TXNLAJMcxO8AQEBAQEBAQCTn7kTYQEBAJOfuRNh&KRTB&22715-AQAAmsiH2TXNLAJMcxO8AQEBAQEBAQCTn7kTYQEBAJOfuRNh&KRTB&23519-AQAAmsiH2TXNLAJMcxO8AQEBAQEBAQCTn7kTYQEBAJOfuRNh&KRTB&23632-AQAAmsiH2TXNLAJMcxO8AQEBAQEBAQCTn7kTYQEBAJOfuRNh
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:IbwFQLzg1T1Ifa5&KRTB&23421-uid:IbwFQLzg1T1Ifa5
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_11D954FC4_2A28CAE&KRTB&23092-R33647_11D954FC4_2A28CAE
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&KRTB&22918-1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&KRTB&22926-1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&KRTB&23031-1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-814a90dd-dcf3-4d72-8f38-f46cc53042a9&KRTB&23011-814a90dd-dcf3-4d72-8f38-f46cc53042a9&KRTB&23355-814a90dd-dcf3-4d72-8f38-f46cc53042a9
.mathtag.com/ Name: uuid
Value: fa7f6712-1aa4-4200-89ff-f3f61a25c8d0
.admanmedia.com/ Name: admtr
Value: 1eb35dc5-7980-4752-8b4e-8a5298e3aa2d
.pxl.iqm.com/ Name: vidazoo
Value: MTczMDQ0OTMxNjU1Mg==
.pxl.iqm.com/ Name: mnet
Value: MTczMDQ0OTMxNjU1MA==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 8ab7c4c9-dbf0-4d26-be99-a3031faec161
.pxl.iqm.com/ Name: roqad
Value: MTczMDQ0OTMxNjU1MA==
.pxl.iqm.com/ Name: liveramp
Value: MTczMDQ0OTMxNjU1MA==
.pxl.iqm.com/ Name: semcasting
Value: MTczMDQ0OTMxNjU1MA==
.s3xified.com/ Name: admRtbUidCkey34334Ssp245
Value: 43c4221c64c33e0f5bb021dad4b9a752
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1201700%7Crc%3D1201700%7Cunl%3D1201700%7Cc%3D1201700%7Ct%3D1201700%7Ctapad%3D1201700%7Cdv360%3D1201700%7Cpub%3D1201700%7Crhs%3D1201700%7Can%3D1201700
.casalemedia.com/ Name: CMID
Value: ZxIapNHM6U0AAFmxAAVPYgAA
.casalemedia.com/ Name: CMPS
Value: 3505
.casalemedia.com/ Name: CMPRO
Value: 3505
.contextweb.com/ Name: V
Value: K0gi2k498rt8
.contextweb.com/ Name: VP
Value: part_K0gi2k498rt8
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b121c300aac441da
.media.net/ Name: data-g
Value: CAESEEm_H_IxBOrktdabmDmyTRE~~8
.media.net/ Name: data-ttd
Value: 1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec~~1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrS0NDS3MDc2sjC1NDAxMTQztBDiM9TVdXdyCQ13C_LV9UwCAMNRkK8lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrS0NDS3MDc2sjC1NDAxMTQztBDiM9TVdXdyCQ13C_LV9UwCAMNRkK8lAAAA
.zemanta.com/ Name: zuid
Value: gwPeegvxnPxBI5u0MltR
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 32c71990-03ab-4f65-bce5-6a48b99a3064
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 5zcWDshVcXk1SwNlgDo5mz6xG4eIn3rrfiRCVwUpSoQ%2FyFeq7rwB60%2FeJ%2B9Vb8g%2FlD9A8DILE%2BblIRoolLd3xw%3D%3D
.smaato.net/ Name: SCM
Value: 5abef0152d
.smaato.net/ Name: SCMinmobi
Value: 5abef0152d
.smaato.net/ Name: SCM1001145
Value: 5abef0152d
.csync.loopme.me/ Name: viewer_token
Value: 092195aa-482f-444e-87eb-386cea32473e
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:fa7f6712-1aa4-4200-89ff-f3f61a25c8d0
.adform.net/ Name: C
Value: 1
.media.net/ Name: data-exp
Value: setstatuscode~~1
.pubmatic.com/ Name: KRTBCOOKIE_1097
Value: 23028-8ab7c4c9-dbf0-4d26-be99-a3031faec161
.yellowblue.io/ Name: wrvUserID
Value: 9JWIj8H9k
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1991787328590441618&KRTB&23628-1991787328590441618
.pxl.iqm.com/ Name: adx
Value: MTczMDQ0OTMxNjY2MQ==
.media.net/ Name: data-sh
Value: 5894bba3-c271-4767-b695-a69675d9bf9b~~3
openrtb-us-east-1.axonix.com/ Name: ax_cx
Value: 5a3bd5ac-9f56-4343-bbc8-5a22f4ade813
.colossusssp.com/ Name: gtm_usr
Value: d2d79743-abc0-44cd-9425-d63f32fec978
.colossusssp.com/ Name: lmg_r
Value: 66
.media.net/ Name: data-iqm
Value: 8ab7c4c9-dbf0-4d26-be99-a3031faec161~~3
.trustedstack.com/ Name: visitor-id
Value: 3722413161978397000V10
.media.net/ Name: data-co
Value: AQAA-SliknhBbgJp7PeTAQEBAQEBAQCTn7kTzwEBAJOfuRPP~~8
.ads.yieldmo.com/ Name: ptrpp
Value: K0gi2k498rt8
.inmobi.com/ Name: TEST-COOKIE
Value: YES
.nrich.ai/ Name: _nauid
Value: a22b6e1f-f10b-486c-9c81-66f466d5ec94
.postrelease.com/ Name: visitor
Value: fb62fc55-c681-4c9f-a297-c0bb5a364aca
.postrelease.com/ Name: status
Value: 0
.adform.net/ Name: uid
Value: 2856366307302385724
.w55c.net/ Name: matchcasale
Value: 5
.smaato.net/ Name: SCMrise
Value: 5abef0152d
.media.net/ Name: data-c
Value: f0d4b671-ebfc-4ec5-99e9-de8472c55a13~~1
.media.net/ Name: data-c-ts
Value: 1729239716
.media.net/ Name: data-p
Value: kNLt1qrFKdvW~~8
.media.net/ Name: data-ze
Value: gwPeegvxnPxBI5u0MltR~~1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4355490619933601917&KRTB&23231-4355490619933601917&KRTB&23263-4355490619933601917&KRTB&23481-4355490619933601917
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmRpZGxpbmhmam74C5lvbmIOAHheZaEgAAAA
.minutemedia-prebid.com/ Name: wrvUserID
Value: gRWUj5Trkf_mm
.inmobi.com/ Name: iid
Value: ID5-1-cfb855f8-3908-42b0-949d-94f6b3d15fb9
.media.net/ Name: data-mts
Value: 3722413161978397000V10~~1
.media6degrees.com/ Name: acs
Value: 012020k1sljlwkxzt10
.media.net/ Name: data-rk
Value: 1975180303716128096~~8
.media.net/ Name: data-ris
Value: {{APID}}~~25
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-995d419d-f746-40ae-8fb8-99aab453f632
.creativecdn.com/ Name: ts
Value: 1729239716
.go.sonobi.com/ Name: __uir_bs
Value: 243545759799132052
.go.sonobi.com/ Name: __uin_bs
Value: 9d11d83d-af16-47a3-b844-53e576a269cb-67121aa4-5553
.360yield.com/ Name: tuuid
Value: 31bcb647-c910-4a77-a526-04ecd3827f17
.360yield.com/ Name: tuuid_lu
Value: 1729239716
.adx.opera.com/ Name: UID
Value: OPU4dae41c9005e4e96bfb37b9b6dcfffb4
.creativecdn.com/ Name: g
Value: bG8r2D8M3DYcSghJeUSa_1729239716895
.ads.yieldmo.com/ Name: ptrpub
Value: EA4E2E2C-7348-40D7-B1B1-36B982F2945D
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU4dae41c9005e4e96bfb37b9b6dcfffb4&KRTB&23485-OPU4dae41c9005e4e96bfb37b9b6dcfffb4&KRTB&23524-OPU4dae41c9005e4e96bfb37b9b6dcfffb4&KRTB&23575-OPU4dae41c9005e4e96bfb37b9b6dcfffb4
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 1404747330581755325
.smartadserver.com/ Name: csync
Value: 154:8ab7c4c9-dbf0-4d26-be99-a3031faec161
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-UguQmCdUNF85Aekrava9bXliLj_v1jDEZWdDEsYun0M&KRTB&23047-UguQmCdUNF85Aekrava9bXliLj_v1jDEZWdDEsYun0M&KRTB&23234-UguQmCdUNF85Aekrava9bXliLj_v1jDEZWdDEsYun0M&KRTB&23361-UguQmCdUNF85Aekrava9bXliLj_v1jDEZWdDEsYun0M
.ads.yieldmo.com/ Name: ptrrhs
Value: UguQmCdUNF85Aekrava9bXliLj_v1jDEZWdDEsYun0M
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d99999
.rqtrk.eu/ Name: browser_id
Value: 1:599d64f7-8257-4b4e-8996-763e259aebe6
.adsby.bidtheatre.com/ Name: __kuid
Value: d9218c43-7fe1-43f3-948f-f1fcc757cede.498453717
.pxl.iqm.com/ Name: indexch
Value: MTczMDQ0OTMxNzExOA==
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1u9f|8kt.0.1|4is.0.CAESEDQm_1MpWSpI34jjtc6J3Gc|7TZ.0.1|2N.0.AQADC6DD7EME8AIaYTo8AQEBAQEBAQCTn7kS4wEBAJOfuRLj|7dN.0.AAMuJ07OJDUAABVUjLRLVg|8i8.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1u9f|8kt.0.1|4is.0.CAESEDQm_1MpWSpI34jjtc6J3Gc|7TZ.0.1|2N.0.AQADC6DD7EME8AIaYTo8AQEBAQEBAQCTn7kS4wEBAJOfuRLj|7dN.0.AAMuJ07OJDUAABVUjLRLVg|8i8.0.1
.technoratimedia.com/ Name: tads_ipv6
Value: 2607:5300:60:7867::6
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDc2MDGxNDY011GyMEXlGxoYowqYGKMrsEAWqAUAuHAQqw%3D%3D
.lijit.com/ Name: ljt_reader
Value: JhB1ALZHYoOwJZUYT5-8qG1i
.33across.com/ Name: 33x_ps
Value: u%3D212842365473102%3As1%3D1729239717183%3Ats%3D1729239717183
.mediago.io/ Name: __mguid_
Value: 4acc62917f3b9adb2jejr800m2egoh8m
.quantserve.com/ Name: sp
Value: CggIiQ0SAxDXDQoJCL-BAxIDENcN
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAMuJ07OJDUAABVUjLRLVg
.smaato.net/ Name: SCMsovrn
Value: 5abef0152d
.primis.tech/ Name: csuuid
Value: 67121aa52f1dd
.aniview.com/ Name: 1_C_212
Value: 8ab7c4c9-dbf0-4d26-be99-a3031faec161
sync.aniview.com/ Name: 1_C_212
Value: 8ab7c4c9-dbf0-4d26-be99-a3031faec161
.adgrx.com/ Name: ADGRX_UID
Value: 0a503414-8d2a-11ef-b38f-b93d629e9b57
.lijit.com/ Name: _ljtrtb_43
Value: CVqH4w4M1-ISWtDnWV6bsFxY0-MSW47jD166yu_3
.omnitagjs.com/ Name: ayl_visitor
Value: aa6f42c42ac4fb497c5ad47a3a9a349e
.tremorhub.com/ Name: tvid
Value: d716321ea5a14541beed79e207d87fe3
.tremorhub.com/ Name: tv_UIIQ
Value: 8ab7c4c9-dbf0-4d26-be99-a3031faec161
.lijit.com/ Name: _ljtrtb_85
Value: AAMuJ07OJDUAABVUjLRLVg
.server.cpmstar.com/ Name: USER_ID
Value: v%0e%9cT%a5%c9rL%afFf%ad%f4E%5b
.lijit.com/ Name: _ljtrtb_108
Value: 5abef0152d
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.lijit.com/ Name: _ljtrtb_80
Value: M2EGOFS6-15-DASZ
.blismedia.com/ Name: b
Value: 67121AA5F9C1EF71204D72E4BLIS
.w55c.net/ Name: matchbidswitch
Value: 5
.ads.stickyadstv.com/ Name: UID
Value: e8d8e1a9cc81c503bae82937c96656
.illumin.com/ Name: vdz_sync
Value: b9c81d49-ef80-e308-22da-4e8837ff4ecc
.ortb.net/ Name: lluid
Value: 73657c4b-8528-a2cd-e760-a6ca06419c87
.ortb.net/ Name: llum
Value: eyJzaHIiOnsiMSI6MTcyOTIzOTcxNzM3MH19
.brand-display.com/ Name: _knxq_
Value: f0077a86-cd7a-8548-c7bad76f.1729239717.0.1729239717.1729239717
.mfadsrvr.com/ Name: ssh
Value: !google=1729239717!medianet=1729239716!bidswitch=1729239714!revcontent=1729239714
.duboiscountyherald.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_pox-msQF-RIC6CR-i5p0fDBZxvSKn7qaG1_c5zl9rGzr4u9-nYvqlPOURFpSZT9yZpZspd6YQZ2-4E-C8waasFSlu_mLyjJPEhN6m6U2rFt3ZzzYf12dek9FSp9uyslYSO3_1YhtzxRE3cmFiT91PUJJwdg%3D%3D%22%5D%5D
.admanmedia.com/ Name: ac_r
Value: CS43|CS208|CS155
.go.sonobi.com/ Name: HAPLB8G
Value: s8634|ZxIaq
.e-volution.ai/ Name: v_red
Value: 378
.smaato.net/ Name: SCMv
Value: 5abef0152d
.smaato.net/ Name: SCM1000166
Value: 5abef0152d
gtrace.mediago.io/ Name: cst_70
Value: ts=1729239717
.media.net/ Name: data-r
Value: M2EGOFS6-15-DASZ~~1
.technoratimedia.com/ Name: tads_uidp_37
Value: 4dc6fa21-b984-3db4-b5d1-437b363eac65
.technoratimedia.com/ Name: tads_uidp_46
Value: 8909586547722675408
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-03d95a23-8ab2-446a-b089-4f84808455e3-005
.technoratimedia.com/ Name: tads_uid
Value: DA94DF7A1D814F32829E8F7054086CCF
.technoratimedia.com/ Name: tads_uid_cd
Value: 20241015072149+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.e-volution.ai/ Name: v_usr
Value: 6546c966-f7c1-4c89-8ad3-8b6d190d7083
.smaato.net/ Name: SCMg
Value: 5abef0152d
.intentiq.com/ Name: intentIQ
Value: 3oEGJukJia
.intentiq.com/ Name: IQver
Value: 1.9
.admanmedia.com/ Name: lluid
Value: 03c7a86d-dce1-f4bb-7221-803c535b3811
.inmobi.com/ Name: idsp_c
Value: c2d2a56b-bb4c-450c-bf0a-d65d523fcd4b
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVUlhkY3hl
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 2809319783#1729239717631#0#1729239717631
.intentiq.com/ Name: intentIQCDate
Value: 1729239717632
.s3xified.com/ Name: rtbDspUserSyncIDs231123sd3r32
Value: {"1642":"DA94DF7A1D814F32829E8F7054086CCF"}
.360yield.com/ Name: um
Value: !313,PRnsGeuzDa6anTp98HWnPUx7i29Dyg.KezwwrRmQf2Jt9PE9XjT-ZSFEKK18Ad5YTCiRmj9T2Uz2dFTQ,1737015717
.360yield.com/ Name: umeh
Value: !313,0,1791447717,-1
.adkernel.com/ Name: ADKUID
Value: A1589968270781181192
.admanmedia.com/ Name: llum
Value: eyJwaW4iOnsiMyI6MTcyOTIzOTcxNzYxNywiMTMiOjE3MjkyMzk3MTc2ODB9fQ
.pxl.iqm.com/ Name: pubmatic
Value: MTczMDUzNTcxNzcwNg==
.yandex.ru/ Name: i
Value: M4NsWslCCK5BBZspCgrppN93V+o0fxYUAW8IAn9SVeGxppY9pbsb6cufTaC+d5Rd4VJa5ntqr3CU/O3pS75TGfJpOBk=
.yandex.ru/ Name: yandexuid
Value: 6647642251729239717
.yandex.ru/ Name: yashr
Value: 4739417971729239717
.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI5IiwgIk5vdD1BP0JyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjkiKgI/MDoHIkxpbnV4ImCltci4Bg==
.adkernel.com/ Name: SSPZ
Value: 204369
.adkernel.com/ Name: DSP2F_40
Value: 648016
cookies.nextmillmedia.com/ Name: NMUID
Value: 255cf4a0-e93e-4052-8957-5fc54004e81b
.criteo.com/ Name: cto_bundle
Value: NNy04V90N0R2ejJmdzEzN3ZzRnFEMFVMalFSWkJGTzBYRWtEOW9lejklMkIlMkJRdExiV3hqZGJUNmpVN2lhNWpYaFFrNjZtJTJCY0YwZEhvSm42QXBlTXU1M2w5OHZEQmZNZ01EZkc1bzFjSmdtY25hWTBQYkNxRjZvczQ4b210SmRLY096QWV3MjRNTFBBJTJCTnVCZHlqakRpQlhzc2FvZyUzRCUzRA
.duboiscountyherald.com/ Name: cto_bundle
Value: 9w_9Nl9TaDExdENPS3k0MVl3bnlESUo0aGxrMlFBMDlDekowM2xlV2VycGtyMEZxQU9xeFNpem52TG1aZUU4V3NwYk00Y2hjbXU5VWp1TnpabFZuRFBXYiUyRmZiREpNajUyOXBPJTJCQnM2S2NSNHNnZGdSYTZGaFMzU0dyTFZJaW1EZGRhSDRiMTBmYmdaJTJCR0tqYXNUNE54U2R2a3R6VFRpc1ZrQXIwczFqU2QxZmhSQkUlM0Q
.duboiscountyherald.com/ Name: cto_bidid
Value: Jurkal8lMkY4JTJCRDF4QjlHRnVCUTBuQ0tBQ21IUjhwY1RkekZjU3dmcm91enlRNmFhSVBlcDdIMTBKaGolMkJEbWRaY1FnRjdqblQzNUd4dCUyRnVHcW16RlpiR3N1Yjk5OWY1VlQ4clpBRWp3bFFiaXl1ZTh1R1Zhb09qUVFud2tWUG5GQzNFUiUyQm4
.technoratimedia.com/ Name: tads_uidp_50
Value: 73091d1b-3d9f-0956-258a-8d8f8969a2c8
.technoratimedia.com/ Name: tads_uidp_7
Value: 1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec
.technoratimedia.com/ Name: tads_uidp_82
Value: ZxIapNHM6U0AAFmxAAVPYgAA&3505
.rlcdn.com/ Name: rlas3
Value: uYaEzD/IUmvtXMd2hVB4fhOrPedaRW+E0tYgy8gbFtU=
.id5-sync.com/ Name: id5
Value: d9423d5b-604e-77d5-bcb1-e9099df0dcb0#1729239714822#5
.dotomi.com/ Name: DotomiTest
Value: 544f9566aa87042c
.media6degrees.com/ Name: clid
Value: 2sljlwk01170fy9de7rxzdu90000200284021602a02
.technoratimedia.com/ Name: tads_uidp_88
Value: 2033594214188024268675
.sitescout.com/ Name: _ssuma
Value: eyIyNiI6MTcyOTIzOTcxODE0OSwiMTciOjE3MjkyMzk3MTYzOTQsIjM5IjoxNzI5MjM5NzE3Mzk2LCI3IjoxNzI5MjM5NzE3Mzk2fQ
.media.net/ Name: data-sy
Value: DA94DF7A1D814F32829E8F7054086CCF~~3
.technoratimedia.com/ Name: tads_uidp_64
Value: T35pbz4YguLtev41DI8L_ZkAzdmlWDBV
.technoratimedia.com/ Name: tads_uidp_79
Value: 31bcb647-c910-4a77-a526-04ecd3827f17
.w55c.net/ Name: matchtriplelift
Value: 5
.technoratimedia.com/ Name: tads_uidp_62
Value: 3722413151978372000V10
.technoratimedia.com/ Name: tads_uidp_49
Value: AQADV0z-o5zb7QI9ABInAQEBAQEBAQCTn7kYJwEBAJOfuRgn
.aralego.com/ Name: sspid
Value: 4dc6fa21-b984-3db4-b5d1-437b363eac65
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-0a503414-8d2a-11ef-b38f-b93d629e9b57&KRTB&23275-0a503414-8d2a-11ef-b38f-b93d629e9b57
.lijit.com/ Name: ljtrtb
Value: eJyrVjIxVrJScg4r9DApN%2FE11PUMDi9xyQsPM0sqdquINND1DQ43Mc9yMTQzqyyNN1aqBQBdUg5w
.lijit.com/ Name: _ljtrtb_103
Value: OPU4dae41c9005e4e96bfb37b9b6dcfffb4
.admixer.net/ Name: am-uid
Value: da9bf97070a84739beb780902a6be405
.tynt.com/ Name: uid
Value: 3MQyfWcSGqY4IEP7G1GkgQ==
.kargo.com/ Name: ktcid
Value: e33ad6c7-df71-0750-55aa-d1776d2baba4
.id5-sync.com/ Name: 3pi
Value: 2#1729239717432#-1696625495#1983122268661007137|1221#1729239718359#-1781094112|264#1729239716451#-951057855#1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec|104#1729239718123#205812543#995d419d-f746-40ae-8fb8-99aab453f632|10#1729239717966#-262768336#2856366307302385724|108#1729239716018#518811217|429#1729239716277#-1258661044#EA4E2E2C-7348-40D7-B1B1-36B982F2945D|112#1729239716689#177655197#E5194B54F9F118B5|434#1729239717075#709748529|821#1729239717626#-619711741|441#1729239715731#-249280636#u_225dc0d1-03f6-407c-8ae6-f90fe76287bb|826#1729239717779#1357499539#78a3b52f-6231-4218-b8c6-2bc5dbbf4372-67121aa4-5553|285#1729239718359#-1121730655#M2EGOFS6-15-DASZ
.agkn.com/ Name: ab
Value: 0001%3AUIugD%2FMwvLrKoE1CqjhLz0rIntwZFKpi
.iqzone.com/ Name: iq_u_key
Value: b410464f-40f4-4d19-8b2c-4c0944c82ed8
.iqzone.com/ Name: iq_r_key
Value: 277
.resetdigital.co/ Name: ckbk
Value: 000001608506EC0D
.fwmrm.net/ Name: _uid
Value: umo040f_7428193629734571085
.ctnsnet.com/ Name: cid_f8caa0070c5b4e16815f1b10d8350580
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-000001608506EC0D&KRTB&23175-000001608506EC0D
.pxl.iqm.com/ Name: telaria
Value: MTczMDQ0OTMxODQ5NA==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1729239718523%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1729239718523%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1729239718523%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1729239718523%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1729239718523%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1729239718523%7D%5D
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umo040f_7428193629734571085
.ads.stickyadstv.com/ Name: MRM_UID
Value: umo040f_7428193629734571085
.technoratimedia.com/ Name: tads_uidp_61
Value: 212842365473102
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiS15fg_tW3PRAFEhYKB3J1Ymljb24SCwiImuvh_tW3PRAFEhsKDHNoYXJldGhyb3VnaBILCJi_4-X-1bc9EAUSFQoGY2FzYWxlEgsIpKeB6v7Vtz0QBRIVCgZnb29nbGUSCwj03Oft_tW3PRAFEhgKCWJpZHN3aXRjaBILCI6_3vn-1bc9EAUYASABKAIyCwjMteGmlda3PRAFOAFaCWJpZHN3aXRjaGAC
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.krushmedia.com/ Name: krm_usr
Value: 0a1f3279-374c-535d-a9be-ac5fff69dbf2
.krushmedia.com/ Name: krm_r
Value: 615
.pubmatic.com/ Name: SyncRTB4
Value: 1729814400%3A38_15_223_2%7C1730505600%3A35_268%7C1730073600%3A63%7C1729641600%3A216%7C1731801600%3A224%7C1734393600%3A69%7C1730419200%3A56_165_272_54_71_214_201_238_99_178_264_7_176_249_3_21_233_267_46_166_271_48_81_266_96_220_13_55_104_250_243_22_8_5_234_231_240
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 13
.pubmatic.com/ Name: DPSync4
Value: 1729296000%3A255_248%7C1730246400%3A257%7C1729814400%3A252_265%7C1730419200%3A260_259_256_263_236_261_245_228_258_262_235
.rlcdn.com/ Name: pxrc
Value: CKG1yLgGEgUI6AcQABIFCOhHEAASBgi66gEQBRIGCLjrARADEgYI88IrEAM=
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1729261318876
s2s.t13.io/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIxOTgzMTIyMjY4NjYxMDA3MTM3IiwiZXhwaXJlcyI6IjIwMjQtMTEtMDFUMDg6MjE6NTUuNjcxODY2MjM2WiJ9LCJheG9uaXgiOnsidWlkIjoiNWEzYmQ1YWMtOWY1Ni00MzQzLWJiYzgtNWEyMmY0YWRlODEzIiwiZXhwaXJlcyI6IjIwMjQtMTEtMDFUMDg6MjE6NTYuODc3MDgzNzJaIn0sImlubW9iaSI6eyJ1aWQiOiJJRDUtMS1jZmI4NTVmOC0zOTA4LTQyYjAtOTQ5ZC05NGY2YjNkMTVmYjkiLCJleHBpcmVzIjoiMjAyNC0xMS0wMVQwODoyMTo1Ny4yODA1NDk1NzVaIn0sImdyaWQiOnsidWlkIjoiOTk1ZDQxOWQtZjc0Ni00MGFlLThmYjgtOTlhYWI0NTNmNjMyIiwiZXhwaXJlcyI6IjIwMjQtMTEtMDFUMDg6MjE6NTYuMDk4MjM4MTgyWiJ9LCJtZWRpYW5ldCI6eyJ1aWQiOiIzNzIyNDEzMTUxOTc4MzcyMDAwVjEwIiwiZXhwaXJlcyI6IjIwMjQtMTEtMDFUMDg6MjE6NTguNzA3NzY0MDIzWiJ9LCJyZXNldGRpZ2l0YWwiOnsidWlkIjoiMDAwMDAxNjA4NTA2RUMwRCIsImV4cGlyZXMiOiIyMDI0LTExLTAxVDA4OjIxOjU4Ljg1MzQzNTIwNFoifSwic21hcnRhZHNlcnZlciI6eyJ1aWQiOiIxNDA0NzQ3MzMwNTgxNzU1MzI1IiwiZXhwaXJlcyI6IjIwMjQtMTEtMDFUMDg6MjE6NTguNDMwNDM2MzE3WiJ9fX0=
.technoratimedia.com/ Name: tads_uidp_44
Value: M2EGOFS6-15-DASZ
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7825261191287834061P
.owneriq.net/ Name: pmc
Value: 1
io.narrative.io/ Name: io.narrative.guid.v2
Value: 0b59ebc0-8d2a-11ef-9dab-00000a0dbcff
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-Sw0d-139CiCMknwHpxoSZw&KRTB&23557-Sw0d-139CiCMknwHpxoSZw&KRTB&23586-Sw0d-139CiCMknwHpxoSZw
.pubmatic.com/ Name: PugT
Value: 1729239717
.rubiconproject.com/ Name: audit_p
Value: 1|tcR/wBEzWcLxWdLaCndeHO1WuCoMxA8a+JUixCbOKdrTY3ToqFPOoII20M/boOr++XMghyAGR05aczsY9n5+26qg/Kb4Racucpj76PKZXj+AtRE0mAgjCxOu1ASsQGb6Tc5gaaihuXs=
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcLxWdLaCndeHO1WuCoMxA8a+JUixCbOKdrTY3ToqFPOoII20M/boOr++XMghyAGR05aczsY9n5+26qg/Kb4Racucpj76PKZXj+AtRE0mAgjCxOu1ASsQGb6Tc5gaaihuXs=
.audrte.com/ Name: arcki2
Value: 6h82-WFf--pQce7fXFcU-eYIw!20210107!1729239719451!ip#167.114.209.103:49152
.audrte.com/ Name: arcki2_pubmatic
Value: EA4E2E2C-7348-40D7-B1B1-36B982F2945D!20210107!1729239719451
.scorecardresearch.com/ Name: UID
Value: 1BE80512ea19ad0e87a48c61729239719
.scorecardresearch.com/ Name: XID
Value: 1BE80512ea19ad0e87a48c61729239719
.audrte.com/ Name: arcki2_adform
Value: 2856366307302385724!20210107!1729239719964
www.duboiscountyherald.com/ Name: _lr_sampling_rate
Value: 100
.pubmatic.com/ Name: SPugT
Value: 1729239720

17 Console Messages

Source Level URL
Text
network error URL: https://www.duboiscountyherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=172923971312537037016001200669771133282&tnms_dt=duboiscountyherald.com&tnms_upage=1&tnms_do=www.duboiscountyherald.com&tnms_uri=/&tnms_ref=&rt=1729239713128
Message:
Failed to load resource: the server responded with a status of 403 ()
recommendation verbose URL: https://www.duboiscountyherald.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://www.duboiscountyherald.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://www.duboiscountyherald.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://www.duboiscountyherald.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://www.duboiscountyherald.com/tncms/csrf/token/
Message:
Failed to load resource: the server responded with a status of 429 ()
javascript error URL: https://www.duboiscountyherald.com/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=106' from origin 'https://www.duboiscountyherald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id5-sync.com/k/264.gif?puid=1f715ec5-5a73-4ac6-bd54-a3aa3175c0ec&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=060ixe7ju6a65dg9iefi9ld8dfc9glgge7huom2wi0e0ykq6umou60k4koi6q0qqm&gdpr=0
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://p.ad.gt/api/v1/p/474(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://proton.ad.gt') does not match the recipient window's origin ('null').
network error URL: https://id5-sync.com/k/155.gif?puid=AAMuJ07OJDUAABVUjLRLVg&id5AccountNum=155&numCascadesAllowed=9
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pbs.nextmillmedia.com/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id5-sync.com/k/285.gif?puid=M2EGOFS6-15-DASZ&gdpr=0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=undefined
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.ad.gt
a.pub.network
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.google.com
api.btloader.com
api.rlcdn.com
api.segment.io
assets.revcontent.com
b0286e86c9f69621e5e485c197af1c0a.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bloximages.newyork1.vip.townnews.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
c1.adform.net
cdn-gateflipp.flippback.com
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.segment.com
cdn.taboola.com
cdnmedia.sendtonews.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
contextual.media.net
cookies.nextmillmedia.com
csi.gstatic.com
csync.loopme.me
d.pub.network
d.turn.com
dpm.demdex.net
duboiscountyherald.com
eb2.3lift.com
embed.sendtonews.com
eus.rubiconproject.com
events3.bqstreamer.com
ex.ingage.tech
factor-service.prod.voltaxservices.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
fundingchoicesmessages.google.com
g2.gumgum.com
gum.criteo.com
hb.undertone.com
hb.yellowblue.io
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
invstatic101.creativecdn.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
mp.mmvideocdn.com
mug.criteo.com
oa.openxcdn.net
onetag-sys.com
openrtb-us-east-1.axonix.com
optimise.net
p.ad.gt
p.flipp.com
pa.openx.net
pagead2.googlesyndication.com
pb-ing-minutemedia.ccgateway.net
pb-ing.ccgateway.net
pb-rtd-minutemedia.ccgateway.net
pb-rtd.ccgateway.net
pbs.nextmillmedia.com
pippio.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.tapad.com
pixels.ad.gt
playlist.stnvideo.com
prebid-server.rubiconproject.com
prebid.cootlogix.com
prebid.media.net
prediction.voltaxam.com
prg.smartadserver.com
proton.ad.gt
r1---sn-p5qddn7z.gvt1.com
r4---sn-tt1e7nls.gvt1.com
r9---sn-quxapm-3c2s.gvt1.com
redirector.gvt1.com
report2.hb.brainlyads.com
resources.infolinks.com
router.infolinks.com
rp.liadm.com
rp4.liadm.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
s2l.sendtonews.com
s2s.t13.io
s3.tradingview.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
seg.ad.gt
selector.voltaxam.com
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.colossusssp.com
sync.cootlogix.com
sync.go.sonobi.com
sync.inmobi.com
sync.resetdigital.co
sync.smartadserver.com
tags.crwdcntrl.net
targeting.unrulymedia.com
td.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
trends.revcontent.com
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
www.duboiscountyherald.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.tradingview-widget.com
x.bidswitch.net
yeet.revcontent.com
api.rlcdn.com
cm.g.doubleclick.net
ups.analytics.yahoo.com
www.google.com
100.24.224.208
104.16.133.24
104.18.20.206
104.94.117.85
107.178.254.65
108.138.85.2
13.249.39.58
13.249.44.103
13.32.208.81
130.211.23.194
141.226.224.48
141.95.98.65
147.135.94.208
15.197.193.217
15.204.46.116
151.101.193.108
151.101.193.44
151.101.65.44
155.204.117.12
159.223.146.222
161.35.7.202
162.19.138.117
165.227.251.217
172.217.197.149
172.240.155.116
172.253.62.157
172.64.144.166
172.64.149.180
172.64.151.101
172.64.152.89
172.66.41.9
172.66.42.247
173.194.175.155
173.194.175.157
173.194.204.138
173.194.207.139
173.194.207.157
173.194.66.94
173.194.68.103
173.194.68.147
173.194.68.94
173.194.7.6
18.160.10.101
18.160.10.46
18.160.46.8
18.205.224.125
18.214.239.21
18.233.80.206
184.73.16.88
185.167.164.49
185.192.248.28
192.104.183.109
199.232.215.52
20.33.59.55
2001:4998:60:807::2
207.65.37.179
209.85.201.138
209.85.201.97
209.85.232.94
216.22.16.41
216.22.16.69
23.22.201.204
23.50.124.22
23.50.125.215
23.62.160.23
23.62.164.208
2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a
2600:1f18:730:b120:83b1:f93d:9846:6a42
2600:9000:201e:2e00:6:44e3:f8c0:93a1
2600:9000:201e:9000:e:8add:c340:93a1
2600:9000:201e:ac00:e:8add:c340:93a1
2600:9000:20aa:2200:7:d444:a240:93a1
2600:9000:2199:b400:a:e047:754:afe1
2600:9000:24f4:5200:1a:7b6f:2940:93a1
2602:803:c002:200::32
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:293c
2606:4700:20::ac43:4513
2606:4700:20::ac43:4728
2606:4700:20::ac43:4acf
2606:4700:4400::ac40:9296
2607:f350:3:2569:0:10:0:200c
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c19::9c
2607:f8b0:400d:c00::94
2607:f8b0:400d:c01::84
2607:f8b0:400d:c03::61
2607:f8b0:400d:c03::64
2607:f8b0:400d:c07::64
2607:f8b0:400d:c07::71
2607:f8b0:400d:c09::5f
2607:f8b0:400d:c09::71
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c0d::9c
2620:100:a00b::12
2620:100:a00b::30
2620:100:a00b::4
2620:112:f008:200::101
2620:116:800b:21:b08a:1dc5:659b:4055
2800:3f0:4003:c03::78
2a04:4e42::485
3.162.125.109
3.162.125.30
3.167.112.81
3.167.37.16
3.167.69.51
3.167.98.152
3.167.99.84
3.211.28.204
3.226.121.246
3.90.118.198
34.102.146.192
34.107.140.113
34.111.113.62
34.111.152.239
34.120.111.33
34.120.63.153
34.160.152.31
34.36.214.49
34.36.216.150
34.96.70.87
34.98.64.218
35.163.144.222
35.186.253.211
35.207.24.140
35.211.202.130
35.214.160.89
35.236.243.15
35.244.154.8
35.244.159.8
35.244.193.51
35.71.139.29
35.88.158.247
37.19.207.34
44.203.46.172
44.236.214.89
50.57.31.206
51.222.39.186
52.45.226.91
52.5.79.122
52.85.151.6
54.172.235.250
54.200.182.101
54.244.44.101
54.84.92.154
54.85.87.71
63.251.28.210
68.67.181.211
69.173.151.100
69.173.154.9
69.194.240.11
69.194.240.13
74.119.117.17
74.125.0.41
74.214.194.131
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
98.82.156.107
99.86.191.237
00af17ad0ecf7a975579a32695183bfd553947df658074d91bc826c7650602de
023d12604872e4a87af173dc8486af161a6e8d577e4bea3c2fdfb0ca56e22b02
024953d5b3f91b8a77e7863042b2e5d568797cbcd71b76bcb0327209c0f4effc
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f8981a9d73ba11b77e370fb35ce0a54cb48ce5bcfdb66da69265151738350e
07a58916b7e098531acaad0d1b7dd30d6467bd60a89342b620ed7cbf243e84a1
0a59ea34c2a48879f45c688ea266ddf6a95310a7315650138c86fe45c197abe7
0a7d4300be237cd392278d43c30662ef7a1422e0d3b7c13bb8b91c099a7ef1a3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0baa1a84a8805b3a0f781f29f022f2bbb1a328bb2f32224404f2a445bbeb0db1
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
138d216289f8d25f704a205e095641e8d7d35d8969c9715ca2aa12f0e5f9db9e
1614281ea3ceb097071b78b590af2c261515d1454ce40d35d256fc6399a95ba6
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
16a001384ccbe0e76a0d7b408ab5d88da6c7cf545b19a29038bb7701e81ca79a
1760bb9355d5a32c6b3d48ecf53dcfedeca08516b0b921682e9d0ce55ce74b26
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e9bed62ddd0305c90cd1ca399d459bc4eb94d406d1eebeb745ac6d180d96ff
1a3187c1fba1eb947a579e0d918a350e7e547dff2b3ed769089ae9d69aa647f2
1a3cba3a57e7b6bd578bfd37c841b6fa2e2b0f332e83b86848e1183d2a6b5e70
1a53fff07fce0107c3ad79224956ba1a5d9df23b59418a11d27a3fe94642fb4e
1a6b40e6fa459ac23479367ea26d7fa52ff112dd9e751d3077f0494ce7439287
1a7f6b38520afdaf523b4675624f43b2061608570147ccb2ecb84f0b01ad37e8
1b4345ca589a04a4012a06e6a6efc02622fee36a7879f2863628d79947b11b4f
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43
1c02b4106567c28ae5645013362d89788a03756ae3754f09b69d2cb810d0a91f
1c42fe8b25d562fb8a997b6b46e32c6d95d0c8d541e5a801b630b2f846fabf38
1c756dd78f3fe8604ffdb519ffce264517c5e4b02ced287d9279be254d872ae8
1e5dab303d673be1b0f33eb5acf16ac43171f0485cf2f61d9c4ddf7edfe4fc87
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
252d59351666354bfa98e1300c2bd18f57477213d21d2feae41ad55924ab0e67
26faaae2d27c2858ea86473b08cde74b7708e6422426717fc1f0d49c2b13e1b3
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
2c1d2122bde8e57c6a0d64d3ae5ab9311b92a90d939505522ea8017a0332afed
2c73ed886ad256e62e981cdf1b494a7b360bf712c19915f8d12d096d50ac7c4c
30b03856aa4b06101fb7e96d907728241e0b9cd698732442bf350e98a21a465e
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
3112565f088d69bf7e12532f395bff72b11dbf444a52739cd4f1903246e02054
315e68380b693aab62994099ea3f82acee453d53d8dbd37b588a1fe3567f6bbb
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3324d9eba0ea376623dbb84d4e38cd488b3abf0c591bd89f2eda696d98b25457
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9
355ffdebb36464dfecac2c82f77f37b1fabcf8c7962d124afa7606906a1f3ccc
361be67b35447cecbbddcaf6c796a2f78741af1798e236a2a9910096f5344927
369b0c21906fdd75d4370af92e7f46c9b494a3f7b8c0bde8ef47aaf480a73145
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
37b4f2d862bb21b088b8341107cb805b24ab74ff4908b3e6229038b7c4b8edae
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
3825b8f61dd55e2d8f49472f5922c98f8e352643798015b198eb8422ad1c3858
385934cccf5ffca9ba8091630cd82e4f6c306b566560988f70e7b570e3b19420
3b51b0c13d3ba91d6f5fd9099f8989d58c2487727828eae03316dee3dd2a2850
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cc3e7477f9c8eef291c048ee6e8e4e15d57a4b95c315089e072ef1dd190fb2c
3d0a15496b63bad78a982af762d4cb976591df27c3f55a35b81f2cf012c68c8d
3dae3ee58ee64d4ffb07fdcd016491c5c8381c16795b5bcb4d9c5b80c74652db
3dca13bc51e6717395e2c089aeee5a03c74ceca8723088bace51f70f0f620fd2
3f73b3a0cd992d619ee1fa2795d7504a9bd8c601b328f859cc464dcc394795b0
40f5738f48150a48ab90bcb2f0d0d28a32b6047785b1e87ce082b25c6775b2a5
410b9f73378ef95e5f0445a55c3d1f27283551f58e49b75e0c48e04093d93ec4
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
454ebcc8ede502c1e0eb057e0b2981127e978167e9c816d5ed14ef5a17acea90
45a286c893be6e52f85e587d39391cf6148bbce42701e8e9e0da66c033588cc2
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b2c097b4949540419dca0d72a5d6a193995da1f30181da8a24238efc615ee02
4d1c6260cc3a7a2823147ea4cdf05ced64cbc0f5be1b8ca2777a96e0681f5368
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
51ed20d663bbe28c00b9e7d91fa5d2d5d5b0d1bbb6c92307413268e8e8343450
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81
5592ce21caf9ce790ac46d29b99f37dde32ee8954e15c97c537e35087eddc902
56e6582336deb2e0e60d629081d661e1b17b6cc50b775f1fb78bc1914780f999
582ae7eab3fb90b4faa0834c13963c08a14373bd307b5043376ce887235c8ba8
594d9c552959444dbb837cc05d990f6bfeafdbee7c69f0e660e8765f3a764352
59f51b4dbe0d027dca11c8ff9018a05a03d442698f9cbd07ea17356763a32176
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
5ade9f337afb1875282b454c0eddd03002f73bf896720fd6c94655efaf87dfab
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5ca0c95977e71167dd5eb84cec5a22eac0f8c2e1b1174e357dee1bf081fa5056
5e3718c850c94db1e3daa959e53737254c607f52f2d672182df6ac3a91386885
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
6177891b54e6c434fb17acdb8849f1287bc44fa78c0574fc7dd5f27701001acb
63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097
646e328ff87976c256a247d833a801d808ab5ca1422d4c5a8832768d40a089a0
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3
652d77232314628c90babb92028cf32b76ccdb4b41fe9b8fa310179e42f09673
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
66eda4056e4e35b1e14e0205429c71d057159ca8929230923daac1074734f4a3
68b80d77a2c366af5fe812bd2858243971b21ee7118bc6a6aeb182c4153abd2c
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
6a522c4c2f24f04a11fee133d4a1d632041b76f989f9a28ec6741ec0fa3f450e
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df9f9b78f713dce0353fa00d2f7758ce8afd5d2e62364fe2fb1d1a1cc6f7d10
6fa57b00d8efa2a90861206647dd0312907d36486ec19a62fb510bfb27b8ffc6
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa
6ff3b4169cddd9cfa514cb3b585352855d231a7c8998a9fc684ecbd61d6e2f9a
700272f0ba7c739bb64dff3feccbad9317df197132fa8005ef9cb3777669f215
712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc
713ce628535c66ef3e3439611569fed5dbda355deca4884062f1109542c86fff
71850ae0bf8353e8cfad7f285270c0b527a3499a815b13f79665d7952d920678
728a3903df5972b6da9ddb35e987a0cf2e16e8165efa4be4a68317d7aa0ec9f7
73e69119dff6e5e9ba8a41c36deb9f82b76746c5fb633bb9bda41a23e36ca7f9
7433db7c0a5c2ce4103b9a0ca006bc7e6b8e674276615cc3e2720fc6f2040ed0
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
75c3fe59af593c601afee8dcdf633aab583c6904a54a96275f9645ce245d2640
75eaff1b0db3d278028ca29165d0e696ab4fe9d0ecf694b1ee84623c1f9a2d73
7688bed060dc05a30fd14e6e29a955ee015636fe8c9b9887b3255187e1bc1edc
792a6880c380ea4e3d31b25b22a7e14556637786fbf761bdd87739bdc73aea04
7d8a9a1fb284a44981f1a23d3cdca2091e8ada09bf58c5e266f4cff940dac02b
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
8025f8c981f331b9be320e42e991e2aa5c6c73f258f682a9d0d9d83226a5c275
822f9fa3c8c128f02bebc611190f23ed8533263b92395e92161dee61578450fa
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83df928f641d630879a9c3bfa22ccb011da030d9e1e056a445c5335bf735f416
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8486a8c91bf1e29267549f75e62dd4bff529c81b45115d4791f017f804f78307
853847d0b3a8871826db74ead91dc4c47f5bd5873b54e0f5f655da0b0dd9c7a2
872e5b08335308e7b01e883b427bc4ba5315ea189264c4998f72342ce45a30c7
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b276a41b58a12ef909450390357e2e4dfc9710a099c9bfbf4028ab1c1510e02
8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8fa5deb87fcd2378185227321ae20ce283f190455da484428fe964250e7bce59
90f64d1cc38ddf1f87072fda4949f973a898ea9a0d93a4ce2d0304a8bb02298c
916b294525214456151dacefaad66c0816f36fb0c4beed9809f673246eafb2aa
939f0b0164a211716833381eecdb890a3cc486e805aec4de3a529c614e5c8946
93c8f4a52d360f8b2769173956a94e5bfdd5daef3b4195d5763fb2e661cba83b
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
95076e3c3b5dc4727185c8fd9ea54c3e91eaf74644408a59083f5465f5a48d7b
969799904ae418afef0d790aa314c1c9019fb24d126838bc3e9e446497a70cb9
9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464
9e28e48a13fc2117fe697cf036b3e568922c12c5c93ed5696166a4e5094ba71c
9f6ae987a4b3683795c0e5133484ab8a903b609526518ce2a43a6c1d2e2863b2
9fcf5f2729bcd1b804539b3d2f52d28a3d9d4c77f050fb1ad9c6d61952981797
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a045b83e113e0188b42ef821be158592c381a0832dafa3a4b32d0db1654e5d6e
a0bb87201a0718e2d5e7249b6e05862b335af3bf52aa53fe170f2af2cc8457be
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a262f8fff57c683180161ca807330fa2b184f1acc755ee7738cda1195be0e12e
a36cd619ac68a4a39eb1be94925967f014d1e7dc4a679f6dc86807416c2ae930
a46890c0200f474edc359655ccf7b3b3cb286bdaa7c7eeb41b8f3f490db0dcd3
a481ca181e9d6f64e4b75c4b87779e08aa375d45e1ea2ad9c21a7d8e38f361b2
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5e74d8eb52b6e89770ca5475be55109410943032a9a543f037d6554b5264158
a5f7f739a70505b58e9cca0a28565ec9a5d7745817992d1e633a51b3fae09a1f
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a86ef2999a5af962f217a9a65615a898748ee2b90882ef7120a613c20bab2501
a8b44ca082827a3a6385aee2d83db4999df66c899456e950b68e2c6cdf95ad1f
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
abc076e93d4dbba7305a62b3a03557257b1b6a0f9cde1b11bd45d1e67e6ac825
acbd13bfb0b70324d3f179aea1653b8b315361b683bc26c60e8c7ac6e513d503
ae33c40aa889646f2c2b3383d8be2cb2a29f4c84e27cc856536bf576dcd82f33
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b031c3238b017ab0fd84b1d17c33de4892a4deaa5e6002a071feebdf98719c60
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b089cfcd4c5a86666fd5dff409063900fc5561279cd9210939540536ac859290
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a8893bc6eb9e4ea04ce181b9fa01698535a727074f88b615ad7f7619432bf9
b50b682d8544fc8116b146124a94e23af6ff04349d6c1e41d2f06c91a8766f9e
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b6b17d8fd2f78c26672db60fe93e748246cb8c5d362be74e83e86b3cbd6c6f81
b74e7c9dbf57703b7b6bde0f9ef962837d00c74dfd9c5560e88ba61ea47a456b
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c16a1f54128050a2c4334fe3155151163bc9165334fb0c5f97af87c405a982a8
c29cc40579237b0734ccf14abeb111d8a2c6a293e96b836007e8e912547cd2da
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3ce6d2df32560139da68b20a43e18072c2afea48e8e350106d982807cdb7a7b
c4186f5ddb818618ac01834b826f3f66a5ecdfe468dbb8d581e9d160642ff283
c4f84968678a58e2a1dab4a1591f3a271a17f8791d3d660dd6e64c7a700b499a
c53a2922c0f96a939a17629cd22e5fcc5cb739169f70f71d99b95742dc343679
c8b1e9214d922711300867289147423ef37971b56cdc02071b9ad61d510f6807
c99b7e779cd3a4553531a42f98e8436dee768b4fe8040df6beaf3fbd0885a50c
cb24d05e055a5adc88118706c7fc812af86d197890686edd980ae3a627aa0910
cc00425c3a3d831c51dd6a73915543e88dab8066ac5862add4b0c4d509f7b54d
cc9131b9ac86e4c6747e7b79a38d11851ee819c808417044d57e51abde63f5a1
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd4ad2e7d257986d3a0c3877268db59347197d1c90fa6a3af56542c6ec61f38a
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1552b07d4473cee5e8e3ae4b73396a290163ec0a6cf7fdff3b834be58199143
d15ce96dc8f5d42aad87918ecb4ec78855f628d4156841e2c2cb2e903e686f53
d23322e92d1054d064b0e77de96f570d5899025dc71f3bca9a18e8d41c38ea32
d3ec1e21478202d824b3df5af93434051930055afce455d50c3e78eb21fb6f2b
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d64ab3fbed754de38481461a75c567e9384e8fadad8a382ee12f278d61f9bbb2
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dd4b30be23c24195323df8b75da4c0892974e4b3aea4a3dfd6201a020594f235
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee2d220b1903ec202a92646013ee3d1998f8aaf3f9e4da59fca381703755b8d
e2b2d7b41fab3ec60e73430c166feaec074d60c1896010a85dc591c2d02492fc
e2ff429aac35e1b55d4b5e1e299237b84fd6469fa4abc13770b2896981fdb050
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea983c1ec538e00518dfd2d11b5715302081af22b2d4718f9faca6ecd994c9cc
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ee5ebc2e5e093ee9ea3485ae13632e54bba29b488b7956923112de35efe7ded4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
ef64cdfac933f98966c76628f415581e236053bfcb0792213181dc92a5c6d379
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f06c6acc0cf58f1717574c103487b299ab0db5698e09d6bf8928525c5cdd4c34
f1c2496713e9e56aadaedde5e9d69288bb139e892693f3220c783702a1f040c8
f47724997a6404b23b52ef610f5ad268f688711585dc12b9538bd3618061fd7d
f492d70b652982a7225e00dcd06cbd170c2fbfd1191bc1fc862b21f7f4b37076
f540dcf7f143b9bda7f90339d888fafe0c568ffc9da621e80031db59565974a1
f5ce224d0f1e7dee681547b837051148ddd9e1d4ddbdd0f08d9cc98f9619b8cb
f81a3757bdaf2427b6c8b3c93b081d1f996125d72295e9ab800194947b6faaeb
f90a0df47a8c280a512aff603b64c13d2587ebd86862f71649fd1e9860b0ab67
f9fb12066cd19ca3a3062f820750e7c7ea85de852326022b771368d09274a92d
fb56aab064809b73c4644977bf678017ea4b18725647852ae8b949478b4b8b67
fcd544f5f46f7768e47ba49da112aa5d98404e96c786d36cb45c716f7d45a561
ff835b66ff37ee4a4bf9de1a4446e07d37689ad2efb23f9262f01a0f9dbaa01c