observer.com Open in urlscan Pro
192.0.66.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Effective URL:
https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Submission: On January 05 via manual (January 5th 2023, 7:08:05 am UTC) from FR — Scanned from FR

Summary HTTP 286 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 73 IPs in 8 countries across 52 domains to perform 286 HTTP transactions. The main IP is 192.0.66.160, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is observer.com. The Cisco Umbrella rank of the primary domain is 152913.
TLS certificate: Issued by R3 on December 2nd 2022. Valid for: 3 months.

This is the only time observer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	192.0.66.160 192.0.66.160	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.78.43 13.225.78.43	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.78.113 13.225.78.113	16509 (AMAZON-02) (AMAZON-02)
1	13.225.85.39 13.225.85.39	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:833a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	13.225.78.42 13.225.78.42	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.217.70.44 52.217.70.44	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.5.21.159 3.5.21.159	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:c800:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	54.231.130.25 54.231.130.25	16509 (AMAZON-02) (AMAZON-02)
4 12	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:1c00:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
2	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2	2001:41d0:701... 2001:41d0:701:1000::96f	16276 (OVH) (OVH)
1	3.236.169.101 3.236.169.101	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
25	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
5	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.203.125.156 23.203.125.156	16625 (AKAMAI-AS) (AKAMAI-AS)
4	54.156.218.215 54.156.218.215	() ()
2	146.75.122.132 146.75.122.132	() ()
3	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	52.29.44.102 52.29.44.102	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2600:9000:211... 2600:9000:211e:c600:6:44e3:f8c0:93a1	() ()
1	2a00:1450:400... 2a00:1450:400c:c00::9d	() ()
3	35.201.67.47 35.201.67.47	() ()
2	35.190.91.160 35.190.91.160	() ()
2	35.190.59.101 35.190.59.101	() ()
6	2606:4700::68... 2606:4700::6810:9440	() ()
1	2a00:1450:400... 2a00:1450:4001:811::2003	() ()
1	34.111.8.32 34.111.8.32	() ()
2	34.120.117.212 34.120.117.212	() ()
1	2600:9000:21f... 2600:9000:21f3:dc00:1a:ba5c:3900:93a1	() ()
1	2606:4700::68... 2606:4700::6812:1b55	() ()
2 3	95.131.136.1 95.131.136.1	() ()
2	192.229.220.129 192.229.220.129	() ()
2	2600:1f18:e8a... 2600:1f18:e8a:cd06:e361:a2ce:b047:17c	() ()
286	73

30 192.0.66.160 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

observer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-43.fra2.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-113.fra2.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:833a (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

sandbox.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.42 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-42.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

c2-sandbox.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.70.44 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

htldotbid.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1af (United States)

ASN13335 (CLOUDFLARENET, US)

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.21.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

ams-depr-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:c800:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.130.25 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1c00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.236.169.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-101.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.203.125.156 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-156.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.156.218.215 (None, )

ASN- ()

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.122.132 (None, )

ASN- ()

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.44.102 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-44-102.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:c600:6:44e3:f8c0:93a1 (None, )

ASN- ()

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (None, )

ASN- ()

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (None, )

ASN- ()

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (None, )

ASN- ()

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (None, )

ASN- ()

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (None, )

ASN- ()

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (None, )

ASN- ()

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.117.212 (None, )

ASN- ()

ls.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:dc00:1a:ba5c:3900:93a1 (None, )

ASN- ()

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b55 (None, )

ASN- ()

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.131.136.1 (None, ) 2 redirects

ASN- ()

action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.220.129 (None, )

ASN- ()

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd06:e361:a2ce:b047:17c (None, )

ASN- ()

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	293 KB
30	observer.com observer.com — Cisco Umbrella Rank: 152913	596 KB
26	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321 stats.g.doubleclick.net	210 KB
25	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 330	543 KB
14	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	2 KB
13	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28784 ad4m.at — Cisco Umbrella Rank: 9270 assets.ad4m.at	446 KB
13	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 3278 api.permutive.com — Cisco Umbrella Rank: 2610	109 KB
10	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 4461 t.skimresources.com p.skimresources.com r.skimresources.com ls.skimresources.com	23 KB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	308 B
8	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 9667 log.outbrainimg.com — Cisco Umbrella Rank: 2791 images.outbrainimg.com	34 KB
8	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1645 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3882 odb.outbrain.com mcdp-chidc2.outbrain.com Failed mv.outbrain.com Failed	114 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103 region1.google-analytics.com — Cisco Umbrella Rank: 2124	84 KB
7	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 3133 tag.bounceexchange.com — Cisco Umbrella Rank: 4027 api.bounceexchange.com	181 KB
6	cookielaw.org cdn.cookielaw.org	114 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 780	50 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 237	5 KB
5	metaffiliation.com 2 redirects action.metaffiliation.com img.metaffiliation.com	171 KB
4	postrelease.com jadserve.postrelease.com	2 KB
4	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1403 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1874	1 KB
4	amazonaws.com htldotbid.s3.amazonaws.com — Cisco Umbrella Rank: 196974 ams-depr-public.s3.amazonaws.com — Cisco Umbrella Rank: 150263 ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 29491 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5658	533 KB
3	defybrick.com rock.defybrick.com flint.defybrick.com	20 KB
3	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1004 secure.quantserve.com — Cisco Umbrella Rank: 1458 pixel.quantserve.com	11 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1457 id5-sync.com — Cisco Umbrella Rank: 522	18 KB
3	google.fr adservice.google.fr — Cisco Umbrella Rank: 17421 www.google.fr	1 KB
3	gstatic.com fonts.gstatic.com	58 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	195 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	795 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 791	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98393 static-de.ad4mat.net — Cisco Umbrella Rank: 155945	4 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	95 KB
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	22 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 4304	3 KB
2	tinypass.com sandbox.tinypass.com — Cisco Umbrella Rank: 640560	100 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3525 pixel.wp.com — Cisco Umbrella Rank: 2942	3 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 4030 p1.parsely.com — Cisco Umbrella Rank: 3257	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	150 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	2 KB
1	onetrust.com geolocation.onetrust.com	295 B
1	quantcount.com rules.quantcount.com	643 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	573 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 452	457 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11371	553 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 35086	608 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 4889	149 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 318	812 B
1	prmutv.co 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co	391 B
1	permutive.app 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app	104 KB
1	piano.io c2-sandbox.piano.io — Cisco Umbrella Rank: 958473	2 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 10786	3 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 4190	33 KB
1	htlbid.com htlbid.com — Cisco Umbrella Rank: 20730	1 KB
286	52

	Domain	Requested by
30	observer.com	observer.com
25	cdn.ampproject.org	securepubads.g.doubleclick.net
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com observer.com 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com cdn.ampproject.org
14	securepubads.g.doubleclick.net	htldotbid.s3.amazonaws.com securepubads.g.doubleclick.net observer.com www.googletagservices.com
12	www.google.com	4 redirects tpc.googlesyndication.com observer.com 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
11	api.permutive.com	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app cdn.permutive.com
9	www.facebook.com	observer.com connect.facebook.net
7	cm.g.doubleclick.net	585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
7	www.google-analytics.com	observer.com www.google-analytics.com www.googletagmanager.com
6	cdn.cookielaw.org	observer.com cdn.cookielaw.org
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
6	sb.scorecardresearch.com	2 redirects observer.com
5	assets.ad4m.at	as.ad4m.at
5	widgets.outbrain.com	observer.com widgets.outbrain.com
5	assets.bounceexchange.com	securepubads.g.doubleclick.net tag.bounceexchange.com assets.bounceexchange.com
4	images.outbrainimg.com
4	jadserve.postrelease.com	s.ntv.io
4	ad4m.at	as.ad4m.at ad4m.at
4	googleads.g.doubleclick.net	observer.com
4	as.ad4m.at	585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	c.amazon-adsystem.com	htldotbid.s3.amazonaws.com c.amazon-adsystem.com
3	action.metaffiliation.com	2 redirects as.ad4m.at
3	t.skimresources.com	s.skimresources.com
3	log.outbrainimg.com	widgets.outbrain.com
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	observer.com connect.facebook.net
2	flint.defybrick.com	rock.defybrick.com
2	img.metaffiliation.com	as.ad4m.at
2	ls.skimresources.com	s.skimresources.com
2	r.skimresources.com	s.skimresources.com
2	p.skimresources.com
2	ups.analytics.yahoo.com	2 redirects
2	sync.1rx.io	2 redirects
2	x.bidswitch.net	2 redirects
2	odb.outbrain.com	widgets.outbrain.com
2	www.googletagservices.com	securepubads.g.doubleclick.net 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
2	id5-sync.com	cdn.id5-sync.com
2	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com
2	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
2	585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.fr	securepubads.g.doubleclick.net
2	cdn.permutive.com	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app observer.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	sandbox.tinypass.com	observer.com sandbox.tinypass.com
2	www.googletagmanager.com	observer.com
2	fonts.googleapis.com	observer.com securepubads.g.doubleclick.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	rock.defybrick.com	widgets.outbrain.com
1	api.bounceexchange.com	assets.bounceexchange.com
1	pixel.quantserve.com
1	www.google.fr
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	s.skimresources.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	cms.quantserve.com	585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
1	static-de.ad4mat.net	as.ad4m.at
1	widget-pixels.outbrain.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	prod-rtb.ad4mat.net	observer.com
1	tag.bounceexchange.com	assets.bounceexchange.com
1	s.ntv.io	observer.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	cdn.id5-sync.com	observer.com
1	dyv1bugovvq1g.cloudfront.net	htldotbid.s3.amazonaws.com
1	ams-pageview-public.s3.amazonaws.com
1	d15kdpgjg3unno.cloudfront.net	htldotbid.s3.amazonaws.com
1	ams-depr-public.s3.amazonaws.com	observer.com
1	ib.adnxs.com	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
1	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
1	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app	htldotbid.s3.amazonaws.com
1	htldotbid.s3.amazonaws.com	htlbid.com
1	c2-sandbox.piano.io	sandbox.tinypass.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.wp.com	observer.com
1	p1.parsely.com	observer.com
1	www.npttech.com	observer.com
1	stats.wp.com	observer.com
1	cdn.parsely.com	observer.com
1	ak.sail-horizon.com	observer.com
1	htlbid.com	observer.com
0	mv.outbrain.com Failed	widgets.outbrain.com
0	mcdp-chidc2.outbrain.com Failed	widgets.outbrain.com
286	89

This site contains links to these domains. Also see Links.

Domain
www.observer.com
artobserved.observer.com
www.facebook.com
twitter.com
www.linkedin.com
www.francebleu.fr
www.reuters.com
www.bbc.com
www.scmp.com
observermedia.com
instagram.com
www.observermedia.com
privacyportal.onetrust.com
wpvip.com

Subject Issuer	Validity	Valid
observer.com R3	`2022-12-02` - `2023-03-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
htlbid.com Amazon	`2022-10-21` - `2023-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
ak.sail-horizon.com Amazon	`2022-12-20` - `2024-01-16`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
api.sail-personalize.com Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-11-12` - `2023-02-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.prmutv.co R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2023-02-25`	a year	crt.sh
api.permutive.com R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
queue.amazonaws.com Amazon	`2022-08-19` - `2023-08-14`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
tag.bounceexchange.com R3	`2022-11-25` - `2023-02-23`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.postrelease.com Amazon	`2022-11-27` - `2023-12-25`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.skimresources.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-25` - `2023-11-08`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.wunderkind.co R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
rock.defybrick.com Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.metaffiliation.com Gandi Standard SSL CA 2	`2022-03-07` - `2023-03-20`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2022-11-25` - `2023-02-23`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Frame ID: 7901A31A360C765EEA80D2C274607AFD
Requests: 174 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FFF6CABC34BEFBA2B8219FD89AAEE6B9
Requests: 1 HTTP requests in this frame

Frame: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 13D3D08B1C5A096F97056C0D0D0F0BDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F66C9055B0780946F837DFEA5249BA9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1BF4D85B521FE9B0BF225698B060411A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs
Frame ID: 6369D3E26A7128214FCC6FF7963233AD
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs
Frame ID: BD30FE3850E194CB68F420FDC3863E32
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs
Frame ID: 2074C82F1B12BAC7E624CCF6926C6419
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6In1qhabrKYvs_6jDT7X1uG9AIkVTzvP8An7rTdNmxq-1H47zgymSrBvsz6qbTHKzLlIZJpkZrbOYJ9LnKk__YUJ3f-tZKjWXO-KlHq8T0nvK8TXB_kmNxpyS1b1Ly_yJtkTtbTvJfyLPcQetD7-phyj1WbyIM0Z7hlpwJg9yN1SLacRgyyGAIgyhCzoKiEihDnveB4mFHu5uSS1iFkWaHe7RqRQ2woLuiTZn376mRGlZkLzHTNeg1ZefRfwIxElvhu1FKCj3EhPqE34jI47w5ENGddwZ0VdHs9avReFPm9KwYOcFzKWBUNORpyp2vTU&sai=AMfl-YRzc2VU0INqyuFkDBxDtHlweVG9mQ3Bzmw848EpgF0HKNEg0qwuV7ZGmjrjuUR5NrkLx2oKDlaW_XUtrpksy0KBvDXnP1C2tQqFs8ZEFR167Pxzffrd12lBgSvJ6AhA&sig=Cg0ArKJSzD06w02Q_TX6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 167EBA77AAC688EC9B795B6C9710A38C
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs
Frame ID: EC86654523B349987A8ACE15489AE95C
Requests: 16 HTTP requests in this frame

Frame: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2407D4C2A6F4BBA1F17586653F3CE7B
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 772028C5CD38F705EAF816A178047685
Requests: 15 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hr7pftr3y4j8dww89qkaty1r22ax876drdy48j4ngkbw11bhb7e1kaveybyrsk0zwvxnva2ecdqt6xe89kn0b5bm6h528cfnk2zack0cd2hfzq542dvq9qej24jd4kdvg14w992ebtpqcq1wm7ncayk7w1ebe2743cq2wtamgnbxgccp6ezpcxbxxg78tnhdy6nb1t32r2vv90ynvj8pz7daqpdxj5gxd59ysbd55yay6y2pxevdh9at1he6ntzdabq26atzd3fg3hwd8zg5ew22q92qm3d3tjq8m963htag2ssn36g6zk4nqjn4s21xr7s5f8bcshgx2311ph3ey69jpm6yw70x9ahgz81psq8ngqew0qnmyz4ggnnwyaf0q7x2tzy81nr2gw7tg48j6gqfvz15d21ct2tnwcat1m301g7peezxrqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%26client%3Dca-pub-3998824402121602%26adurl%3D
Frame ID: BE206F82AFFBB137506B7B4947A0A54C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 25098031D8FB29BD70E33AAE822A8B81
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BE8F24158C580DD0C01FF41A621A45FB
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.13350088577908337
Frame ID: 48D02DF6CDFABB699AB7843E0A456CA4
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 144DCC40A5CC47EBDB7E3D29DF1760CE
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Frame ID: BF5906BF1F48E2C5FA1DBA432E92388D
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0871752C30AF13F8A04DFE37B0226E7E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wang Jian, Founder of Chinese Conglomerate HNA, Dies in Accident | Observer

Page URL History Show full URLs

http://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/ HTTP 307
https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

286
Requests

92 %
HTTPS

45 %
IPv6

52
Domains

89
Subdomains

73
IPs

8
Countries

4504 kB
Transfer

11308 kB
Size

39
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.observer.com/music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.observer.com/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: http://www.observer.com/
Title: About

Search URL Search Domain Scan URL

URL: https://artobserved.observer.com/home
Title: Events

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/&text=Founder%20of%20HNA,%20China%E2%80%99s%20Largest%20Owner%20of%20US%20Properties,%20Dies%20After%20Tragic%20Fall

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Search URL Search Domain Scan URL

URL: https://www.francebleu.fr/infos/faits-divers-justice/un-touriste-chinois-se-tue-en-tombant-d-une-douzaine-de-metres-en-luberon-1530623046
Title: France Bleu

Search URL Search Domain Scan URL

URL: https://www.reuters.com/article/us-hilton-wrldwide-stake-hna-group/chinas-hna-group-buys-6-5-billion-stake-in-hilton-extends-hotels-push-idUSKCN12O1GM
Title: bought a $6.5 billion stake

Search URL Search Domain Scan URL

URL: http://www.bbc.com/zhongwen/simp/chinese-news-44711834
Title: BBC reported.

Search URL Search Domain Scan URL

URL: https://www.scmp.com/business/companies/article/2153879/chairman-wang-jians-death-may-accelerate-hnas-sale-overseas
Title: South China Morning Post

Search URL Search Domain Scan URL

URL: https://observermedia.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.facebook.com/observer

Search URL Search Domain Scan URL

URL: https://twitter.com/observer

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/observer-media

Search URL Search Domain Scan URL

URL: https://instagram.com/observer

Search URL Search Domain Scan URL

URL: https://www.observermedia.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://observermedia.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/8bf444f2-ddd6-41ff-8e24-b69ac0176e05/19c22396-023a-465c-a9c0-d9f831d1d9cd
Title: Do not sell my data

Search URL Search Domain Scan URL

URL: https://wpvip.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=observer.com
Title: WordPress VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/ HTTP 307
https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://sb.scorecardresearch.com/cs/37161820/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 46

https://sb.scorecardresearch.com/b?c1=2&c2=37161820&cs_it=b2&cv=3.8.0.210223&ns__t=1672902479987&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&c8=Wang%20Jian%2C%20Founder%20of%20Chinese%20Conglomerate%20HNA%2C%20Dies%20in%20Accident%20%7C%20Observer&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=37161820&cs_it=b2&cv=3.8.0.210223&ns__t=1672902479987&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&c8=Wang%20Jian%2C%20Founder%20of%20Chinese%20Conglomerate%20HNA%2C%20Dies%20in%20Accident%20%7C%20Observer&c9=

Request Chain 184

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 185

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 193

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 195

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 205

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHGhUygqQHsGD8sRNgVGkjk&google_cver=1&google_push=AavPq0OZ0m_pIkMCDxnotxP2RjdN2308--TgaMNjJsmagOD1M9I8s6TefEWRMRHlMh_V7C5oHBD5YljmWS11NTWnANiZ1Mxa0r3v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OZ0m_pIkMCDxnotxP2RjdN2308--TgaMNjJsmagOD1M9I8s6TefEWRMRHlMh_V7C5oHBD5YljmWS11NTWnANiZ1Mxa0r3v&google_hm=r_a5UFgpR721BTf_e4r9AmM

Request Chain 206

https://ads.travelaudience.com/google_pixel?google_gid=CAESECIaDm0nO6d8ll9iyHzStUs&google_cver=1&google_push=AavPq0P3NDlNGsJ0ov8msyoWkvV_D0xvyJ0yVdJ1FDqaHkhugW9jpSWE74NfX43bKe34M8AVoxBFFSTHux6pY6n1rsazmbtqNSIO HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GuBMcl7HS1GNGprth1Sgfw2&google_push=AavPq0P3NDlNGsJ0ov8msyoWkvV_D0xvyJ0yVdJ1FDqaHkhugW9jpSWE74NfX43bKe34M8AVoxBFFSTHux6pY6n1rsazmbtqNSIO

Request Chain 207

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDnaURiVu4eO-BiVCyW5p2c&google_cver=1&google_push=AavPq0PTV7fBxpT-ikGktPOrxO6shzqxlmbz6Wni9Qnn9VnaiugXVY5rveyY4MvwWyOzv5AQD2vxtJsEHPjHWTAurWdxuLBggTMr HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDnaURiVu4eO-BiVCyW5p2c&google_cver=1&google_push=AavPq0PTV7fBxpT-ikGktPOrxO6shzqxlmbz6Wni9Qnn9VnaiugXVY5rveyY4MvwWyOzv5AQD2vxtJsEHPjHWTAurWdxuLBggTMr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PTV7fBxpT-ikGktPOrxO6shzqxlmbz6Wni9Qnn9VnaiugXVY5rveyY4MvwWyOzv5AQD2vxtJsEHPjHWTAurWdxuLBggTMr&google_hm=N_nwgVgtTLKsaceFcNREsQ==

Request Chain 208

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJrnzxZZJbP-LyK3nYPzaXE&google_cver=1&google_push=AavPq0OhZX1-B0Iv5EVvrOAnS_EZeHjOprFj4nC8R99XepLm8zMR-eGIPQ2SAml5Aro_DHVPWnjmhL_QHtmR6AXL3aYwVif1xN07 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJUVkxVFAtNy04T0Fa&google_push=AavPq0OhZX1-B0Iv5EVvrOAnS_EZeHjOprFj4nC8R99XepLm8zMR-eGIPQ2SAml5Aro_DHVPWnjmhL_QHtmR6AXL3aYwVif1xN07

Request Chain 209

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELmCVqGrP6tRHVEnT7hTJK0&google_cver=1&google_push=AavPq0MhG6UvYPhEmw-TZKjJxbME-M6CUtUgmhFaEofEINfG_4JB4xgd-AxbTmtS_Yl2IFvgjhSUyD1pfvvscE4bea8bA7c2ZT4 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MhG6UvYPhEmw-TZKjJxbME-M6CUtUgmhFaEofEINfG_4JB4xgd-AxbTmtS_Yl2IFvgjhSUyD1pfvvscE4bea8bA7c2ZT4&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672902483880 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d3de2b2b-1ebf-4bcd-82bf-174e0a4dfa40-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MhG6UvYPhEmw-TZKjJxbME-M6CUtUgmhFaEofEINfG_4JB4xgd-AxbTmtS_Yl2IFvgjhSUyD1pfvvscE4bea8bA7c2ZT4%26google_hm%3DA9PeKysev0vNgr8XTgpN-kA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MhG6UvYPhEmw-TZKjJxbME-M6CUtUgmhFaEofEINfG_4JB4xgd-AxbTmtS_Yl2IFvgjhSUyD1pfvvscE4bea8bA7c2ZT4&google_hm=A9PeKysev0vNgr8XTgpN-kA

Request Chain 210

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMRXHzRxEBba90yNCvz_Cg&google_cver=1&google_push=AavPq0Pf0LT2hNqS3SL7w51r8d7vx5gnwW3d0XykNDN9v3_T0amL_QVvVJYlWv3-1dRUAYQRhAs2Glzd1W6-YSeP3izRSaxIOfES HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMRXHzRxEBba90yNCvz_Cg&google_cver=1&google_push=AavPq0Pf0LT2hNqS3SL7w51r8d7vx5gnwW3d0XykNDN9v3_T0amL_QVvVJYlWv3-1dRUAYQRhAs2Glzd1W6-YSeP3izRSaxIOfES&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SWTJwZkQxRTJ1RnpsWlNNV0l5Rm1rWVVTTk1wRk5Tbn5B&google_push=AavPq0Pf0LT2hNqS3SL7w51r8d7vx5gnwW3d0XykNDN9v3_T0amL_QVvVJYlWv3-1dRUAYQRhAs2Glzd1W6-YSeP3izRSaxIOfES

Request Chain 272

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 275

https://action.metaffiliation.com/trk.php?maff=P4BF3F56C8631B7&argsite=oneidR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/1/48959/img_11_7_24.gif

286 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Redirect Chain

http://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

81 KB
21 KB

344ms
286ms

Document
text/html

192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e4e12111ace2e55890d866247c6d423bd5247e932043eec823b59c1d84c578eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 05 Jan 2023 07:07:59 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://observer.com/wp-json/>; rel="https://api.w.org/" <https://observer.com/wp-json/wp/v2/posts/1124545>; rel="alternate"; type="application/json" <http://bit.ly/2MQ5eet>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
vary: Accept-Encoding
x-cache: miss
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: cdg2 0 4 9980

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Non-Authoritative-Reason: HSTS

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 104ms
36ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d45661c908e5150f424a5e0c2ad0800f5fc8a159a45af1ea5ad1fd7c5449d18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 07:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 07:07:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 07:07:59 GMT

GET
H2 200 jquery.min.js Show response
observer.com/wp-includes/js/jquery/ 88 KB
30 KB 22ms
17ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Dec 2022 20:10:12 GMT
server: nginx
age: 2413328
etag: W/"638e5024-15e54"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31038
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 main.min.css
observer.com/wp-content/themes/newyorkobserver-2014/dist/css/ 70 KB
13 KB 34ms
30ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.8.6

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8929cee3d4d913ffd8c183a9e314b2b87b39001ac16866245c35b8ea18929979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2683422
etag: W/"6388e4ce-1178c"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12959
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 style.css
observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/ 34 KB
5 KB 40ms
36ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/style.css?ver=1.8.6-1670537250

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3307ca48f41b84f37997e0cac0acc59aac8fc793ab11fa2674799ee525e2dcf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 22:07:30 GMT
server: nginx
age: 1378771
etag: W/"63926022-8883"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5237
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 default.min.css
observer.com/wp-content/themes/newyorkobserver-2014/dist/css/ 68 KB
10 KB 49ms
43ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/default.min.css?ver=1.8.6

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc97395fd99c0da4de2c5fb61fcb7a9e20fa6ef8f62c12dee14de8d07beb11a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2683422
etag: W/"6388e4ce-10e5e"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10154
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 print.min.css
observer.com/wp-content/themes/newyorkobserver-2014/dist/css/ 143 B
207 B 52ms
46ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/print.min.css?ver=1.8.6

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c0eb09d747f4cb0d61057afe50609d7419873b0bdbc56f6965f3098a1cf6d975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 16 Nov 2022 06:37:26 GMT
server: nginx
age: 4224505
etag: "63748526-8f"
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 143
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
observer.com/wp-includes/js/mediaelement/ 11 KB
3 KB 49ms
44ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Dec 2022 20:10:12 GMT
server: nginx
age: 2413343
etag: W/"638e5024-2bf8"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2592
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 wp-mediaelement.min.css
observer.com/wp-includes/js/mediaelement/ 4 KB
1 KB 49ms
44ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Dec 2022 20:10:12 GMT
server: nginx
age: 2413332
etag: W/"638e5024-105a"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1156
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 classic-themes.min.css
observer.com/wp-includes/css/ 217 B
293 B 50ms
45ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Dec 2022 20:10:11 GMT
server: nginx
age: 2413343
etag: "638e5023-d9"
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 217
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 media-credit.min.css
observer.com/wp-content/plugins/media-credit/public/css/ 589 B
374 B 50ms
47ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/media-credit/public/css/media-credit.min.css?ver=4.2.1

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a7b23f357530667a4d5d574a7b9141f0858db9f3dc49ad1e676bd850b8093c22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 07 Nov 2022 12:59:15 GMT
server: nginx
age: 4466471
etag: W/"63690123-24d"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 312
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 lasso-live.css
observer.com/wp-content/plugins/lasso/admin/assets/css/ 26 KB
4 KB 51ms
47ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/lasso/admin/assets/css/lasso-live.css?v=1670537250&ver=253

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

36e24dc06e51fdd9b13497039bf3c286b61476669c715a274b9a6703b4000a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 22:07:30 GMT
server: nginx
age: 1378771
etag: W/"63926022-698a"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4005
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 widget.subscribe.css
observer.com/wp-content/plugins/sailthru-widget/css/ 2 KB
844 B 48ms
45ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/sailthru-widget/css/widget.subscribe.css?ver=6.1.1

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2413336
etag: W/"6388e4ce-9a1"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 777
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 jetpack.css
observer.com/wp-content/mu-plugins/jetpack-11.6/css/ 84 KB
16 KB 51ms
47ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/mu-plugins/jetpack-11.6/css/jetpack.css?ver=11.6

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0ce7613bb07f30b4dd77f51b62fcbd70bc15439a24b696ca06a694c2c8544ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 19:15:45 GMT
server: nginx
age: 2374066
etag: W/"639237e1-1519b"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16596
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 widget.subscribe.js Show response
observer.com/wp-content/plugins/sailthru-widget/js/ 2 KB
771 B 18ms
18ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/sailthru-widget/js/widget.subscribe.js?ver=6.1.1

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2413329
etag: W/"6388e4ce-622"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 713
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 htlbid.js Show response
htlbid.com/v3/observer.com/ 2 KB
1 KB 495ms
433ms Script
application/javascript 13.225.78.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-43.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35b8da540f329cf5fd8b6b872ed637bcd4c73eb143d79ca79de4f5943a1cff30

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: br
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 21:41:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"60b443cf5e8dfaf9609842593ba9d660"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: 0731UrcsMAPUmAehMh143m_0l86CdgVXaER59TWM9QJfobjV933zQA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 102ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

444bd1047d1e558437c41e51dfd82e5178d39f5e2a098d91f1e92b428e836955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 07:07:59 GMT

GET
H2 200 screen-shot-2018-07-05-at-4-52-29-pm-e1530824021672.png
observer.com/wp-content/uploads/sites/2/2018/07/ 230 KB
231 KB 26ms
17ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2018/07/screen-shot-2018-07-05-at-4-52-29-pm-e1530824021672.png

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

852fda9cf45df6d127faead151be737caa36cc7349139ae537fb4bd5dd392f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: cdg2 109 32 443
last-modified: Sat, 31 Dec 2022 18:49:18 GMT
server: nginx
etag: "2fae779aa526948a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 235910
expires: Sun, 31 Dec 2023 18:49:18 GMT

GET
H2 200 screen-shot-2018-07-05-at-4-52-29-pm-e1530824021672.png
observer.com/wp-content/uploads/sites/2/2018/07/ 230 KB
231 KB 26ms
17ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2018/07/screen-shot-2018-07-05-at-4-52-29-pm-e1530824021672.png?w=621&quality=80&strip

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

852fda9cf45df6d127faead151be737caa36cc7349139ae537fb4bd5dd392f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: cdg2 109 32 443
last-modified: Mon, 02 Jan 2023 09:02:45 GMT
server: nginx
etag: "996fd09b1553482c"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 235910
expires: Tue, 02 Jan 2024 09:02:45 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 98 KB
33 KB 100ms
25ms Script
application/javascript 13.225.78.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa2835fe4b9d53d05ed0533e8451d416c325561160754e01c2d891691ed6761f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:04:25 GMT
content-encoding: gzip
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
last-modified: Wed, 21 Dec 2022 16:13:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 214
etag: W/"dffffceef059f59254cd48b6d15ca0ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: sEUhYzyTb7zqq92D8mrQi2B7VqE3y5S2cGJJqPcT1PyMJWknMs0cAw==

GET
H2 200 sailthru.js Show response
observer.com/wp-content/plugins/hc-sailthru/assets/js/ 761 B
510 B 27ms
18ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/hc-sailthru/assets/js/sailthru.js?ver=20211026

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b6cf23ed282a5cb25c43c5923908a43cc8c4c9e92b23a1f73eb7b0af46ef6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 07 Nov 2022 12:59:15 GMT
server: nginx
age: 4466471
etag: W/"63690123-2f9"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 428
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 regenerator-runtime.min.js Show response
observer.com/wp-includes/js/dist/vendor/ 6 KB
2 KB 26ms
18ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Fri, 02 Dec 2022 20:12:34 GMT
server: nginx
age: 2683422
etag: W/"638a5c32-194b"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2457
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 hooks.min.js Show response
observer.com/wp-includes/js/dist/ 5 KB
2 KB 42ms
35ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Dec 2022 20:10:12 GMT
server: nginx
age: 2412789
etag: W/"638e5024-132e"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1661
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 loader.js Show response
observer.com/wp-content/mu-plugins/wp-parsely-3.5/build/ 2 KB
1 KB 41ms
33ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/mu-plugins/wp-parsely-3.5/build/loader.js?ver=eba15df5f79bd7d0de45

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 22 Nov 2022 17:53:04 GMT
server: nginx
age: 2683422
etag: W/"637d0c80-9c2"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1024
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/observer.com/ 56 KB
21 KB 105ms
23ms Script
application/javascript 13.225.85.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/observer.com/p.js?ver=3.5.2
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-39.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: c46b033d7688f2f46e87a04634a1389db91ceea1be9cb70d1ae9205819739a7e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Thu, 05 Jan 2023 05:35:01 GMT
content-encoding: gzip
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 17:02:52 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 5764
etag: W/"623ca43c-e05a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: 9LpTtySP4AbI46A4vR5YVtbTWp3vEE-0MEZKWU6oOKwBoDnalywEnw==
expires: Fri, 06 Jan 2023 05:31:55 GMT

GET
H2 200 helpers.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 922 B
578 B 42ms
35ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/helpers.js?ver=1.8.6

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c0472ab03b5cc819b6f3a01c3d0519af30215aed943bd77a11d9625f93b4ab55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 16 Nov 2022 06:37:26 GMT
server: nginx
age: 4224506
etag: W/"63748526-39a"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 495
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 jquery.flexslider.min.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/ 21 KB
6 KB 42ms
35ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/jquery.flexslider.min.js?ver=2.2.2

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2683422
etag: W/"6388e4ce-5429"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6343
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 theme.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 7 KB
3 KB 41ms
34ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/theme.js?ver=1.8.6.04282045

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c64a7e6df4c46566dbe0470fe2ad3168fd8e7c1105ce04874ea66e4230de2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2683422
etag: W/"6388e4ce-1c4a"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2911
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 sailthru-widget.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 1 KB
615 B 41ms
34ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/sailthru-widget.js?ver=1.8.6

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

756dd7203be6457d7dd15085b51cb7fcee2efdc6e1e46792c7a5272775a82243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2684385
etag: W/"6388e4ce-431"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 556
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 delay-load.js Show response
observer.com/wp-content/plugins/xcurrent/assets/js/ 3 KB
1 KB 49ms
43ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/xcurrent/assets/js/delay-load.js?ver=8f7693010179fc5007dacef632d329a6

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ef5f8d6a9ea52bd9b20497b837b74bde31586062d5b0e16be75f8bbdffc29840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2683422
etag: W/"6388e4ce-b50"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1237
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 lazy-load.js Show response
observer.com/wp-content/plugins/xcurrent/assets/js/ 8 KB
4 KB 52ms
46ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/xcurrent/assets/js/lazy-load.js?ver=6bd186b35f60946321703040eae7bccf

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6c05e433ca10b433edfc856fd903cb5f2da848a54e4507642a48981deed8bb05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2683422
etag: W/"6388e4ce-214a"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3784
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 script-queue.js Show response
observer.com/wp-content/plugins/xcurrent/assets/js/ 3 KB
2 KB 50ms
44ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a384a78bc8bee6afceab3ff107315b1bdcc0fd2622246826d16b503e742a8cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 01 Dec 2022 17:30:54 GMT
server: nginx
age: 2683422
etag: W/"6388e4ce-dd9"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1492
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 e-202301.js Show response
stats.wp.com/ 9 KB
3 KB 66ms
17ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202301.js
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc: HIT cdg
date: Thu, 05 Jan 2023 07:07:59 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 01 Jan 2024 01:28:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 392ms
38ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 06:27:16 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2444
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 08:27:16 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 85ms
26ms Script
application/javascript 2606:4700:3031::ac43:833a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:833a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D102A0WWQN7RBJQS
age: 3621
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: LY14ercI3L99eyqwB1+py4df1oFU2jNwZWFJixw5aO3VGSCb4vRfdeUwBGpBi1ioeE2Lw8ZDzs8=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRWcKYpx5kR2I%2Bbio742Z0qolAHgO3KV4QDvaDWM%2FfOLHG4zPatedtjRgqKMfyUiMxeJIb1m7kj6ESwVQ7ZgY6pc91WZjAGT6An9A7hJk4acohBwe1sCqJ7s42ZppDfu0cdV1FOhD0A1juuZYQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 784a6152eaf4d68a-CDG

GET
H2 200 load Show response
sandbox.tinypass.com/xbuilder/experience/ 4 KB
1 KB 83ms
31ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

091bb3b927e83249016f29a235845a54f50da2d357749f8fff2e7e038d630384

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
date: Thu, 05 Jan 2023 07:07:59 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Jan 2023 06:35:16 GMT
server: cloudflare
age: 1963
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 784a6152dee8d70a-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 5xqhdidzvb
expires: Thu, 05 Jan 2023 07:37:59 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/37161820/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

23ms
22ms

Script
application/javascript

13.225.78.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Server: 13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-42.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:47:03 GMT
content-encoding: gzip
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1644
x-amz-server-side-encryption: AES256
etag: W/"5b0f9f0704a703b8da651007721fac57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: vd3d5RpnoRuEQYjzsjK5sK25pyZhRTerY8DXimIGBP6-Gw-f9olh3A==

Redirect headers

location: /internal-cs/default/beacon.js
date: Thu, 05 Jan 2023 07:07:59 GMT
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: 1AqVorw3W9OUipPER0o0QN9d1Pkx5SeIOczTKzDcU8O22Rc7oaMD7A==
x-cache: Miss from cloudfront

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 79ms
26ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 07:07:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: AZVZS0rC13HoL5FKCbdtzcbuWAKgarPh88gLTV0PzPpKkQXGgvBIUuiJkVAE1luZ9ItWCaHuUxLg1F2vXxKaFw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 search-ffffff.svg
observer.com/wp-content/themes/newyorkobserver-2014/images/ 2 KB
1 KB 32ms
32ms Image
image/svg+xml 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/images/search-ffffff.svg

Requested by

Host: observer.com
URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.8.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
content-encoding: gzip
x-rq: cdg2 0 4 9980
last-modified: Thu, 08 Dec 2022 22:07:30 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
age: 162
etag: W/"63926022-960"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1039
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 observer-logo-white-2015.png
observer.com/wp-content/themes/newyorkobserver-2014/images/ 3 KB
3 KB 34ms
34ms Image
image/png 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/images/observer-logo-white-2015.png

Requested by

Host: observer.com
URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.8.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 22:07:30 GMT
server: nginx
age: 521041
etag: W/"63926022-b7d"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2949
expires: Fri, 05 Jan 2024 07:07:59 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 89ms
25ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://observer.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 18:58:20 GMT
x-content-type-options: nosniff
age: 562179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 18:58:20 GMT

GET
H2 200 tinypass.min.js Show response
sandbox.tinypass.com/api/ 335 KB
98 KB 34ms
33ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/api/tinypass.min.js

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cca98b281de5d8444eadf7c77b84ea6b5891ecf9e5bcdaa3fcdb77167772c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:07:59 GMT
x-amz-version-id: i6ZIz4PhQy7O8rs3JwaMtsFzcCg7a1SI
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: 60PPN7X43CFQRAB3
age: 8093
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: uY8XzBgJOhcEbg8TX9CAZ1hnxRlg3oKIJaRUx9TRtYMr1stj1AGFecXrkgHPuG+0DmD5VOpmekQ=
last-modified: Tue, 20 Dec 2022 10:29:48 GMT
server: cloudflare
etag: W/"1358ef6fb009e97cdadbff1cbf92700d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 784a61535f72d70a-CDG
expires: Thu, 05 Jan 2023 11:07:59 GMT

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 323ms
101ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://observer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://observer.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Thu, 05 Jan 2023 07:08:00 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 11 KB
3 KB 114ms
113ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 9e943515456ba617fe37ed3120c7ca356c3fda5ec23305e846be86c0073ad597

Request headers

x-lib-version: v1.0.1
accept-language: fr-FR,fr;q=0.9
authorization: Bearer eddd21a32bf5284abd9bc8ac7ddeec34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://observer.com/
x-referring-url: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:00 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
expires: -1

GET
H3 200 618909876214345 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 69ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/618909876214345?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0bc7a4534e97db4232ee20e212b393b42c35889844cb9066d38fc4f982ce87a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 07:07:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85974
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: HI7Sy+BWlWX+gRZ6+HPoG5LmHSVZFF3d4zi8CYEobw+EBKYj/WF33OaRVJeptE6kp7fsHR37WccP0eVy5/rquA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 124ms
29ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1672902479957&plid=80148842&idsite=observer.com&url=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&sref=&sts=1672902479953&slts=0&title=Wang+Jian%2C+Founder+of+Chinese+Conglomerate+HNA%2C+Dies+in+Accident+%7C+Observer&date=Thu+Jan+05+2023+07%3A07%3A59+GMT%2B0000+(GMT)&action=pageview&pvid=15641396&u=pid%3D9d065fb56a23bd571c9462f8e2c8e795
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 07:08:00 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 05-Jan-2023 07:08:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 23ms
17ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=168679389&post=1124545&tz=-5&srv=observer.com&hp=vip&j=1%3A11.6&host=observer.com&ref=&fcp=712&rand=0.7506097614376097
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 07:07:59 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=37161820&cs_it=b2&cv=3.8.0.210223&ns__t=1672902479987&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&c8=...
https://sb.scorecardresearch.com/b2?c1=2&c2=37161820&cs_it=b2&cv=3.8.0.210223&ns__t=1672902479987&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&c8...

0
187 B

23ms
23ms

Image
text/plain

13.225.78.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=37161820&cs_it=b2&cv=3.8.0.210223&ns__t=1672902479987&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&c8=Wang%20Jian%2C%20Founder%20of%20Chinese%20Conglomerate%20HNA%2C%20Dies%20in%20Accident%20%7C%20Observer&c9=
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Server: 13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-42.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:00 GMT
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: AF0HJZRdBsL2G1ev4ZdiW6ny_2Y0131o1hLwm1ILfrrG1OKnOMNGmA==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=37161820&cs_it=b2&cv=3.8.0.210223&ns__t=1672902479987&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&c8=Wang%20Jian%2C%20Founder%20of%20Chinese%20Conglomerate%20HNA%2C%20Dies%20in%20Accident%20%7C%20Observer&c9=
date: Thu, 05 Jan 2023 07:07:59 GMT
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: QJS1e5hTcu92UXuCOOllyO7EzBXc65TPN4bhx-1azN-Q7Ijp2SaYPg==
x-cache: Miss from cloudfront

POST
H2 204 collect
region1.google-analytics.com/g/ 0
336 B 65ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T9PLB60R8S&gtm=2oebu0&_p=1307262304&cid=1312069016.1672902480&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672902480&sct=1&seg=0&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&dt=Wang%20Jian%2C%20Founder%20of%20Chinese%20Conglomerate%20HNA%2C%20Dies%20in%20Accident%20%7C%20Observer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 execute Show response
c2-sandbox.piano.io/xbuilder/experience/ 2 KB
2 KB 356ms
304ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-sandbox.piano.io/xbuilder/experience/execute?aid=CMrLcDjZsu

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

862cd1e412728b8e39649997cff37fe9afe7a3f6a7d559a198ca9d37c4c3cfc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 07:08:00 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: ecr39y4l3v
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://observer.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 784a6154cf63d6a2-CDG

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 80ms
26ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=618909876214345&ev=PageView&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&rl=&if=false&ts=1672902480105&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672902480104.946459948&it=1672902479945&coo=false&rqm=GET

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 07:08:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 110 KB
43 KB 147ms
66ms Script
application/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NXSTMDF&cid=1312069016.1672902480

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d5f5a72c3f2d4ecddad869d62b80eb45d12c97cc6394ffa283e58a1425b17d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44113
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Jan 2023 07:08:00 GMT

GET
H/1.1 200
OK htlbid-gdpr.js Show response
htldotbid.s3.amazonaws.com/build/cc184abf-15da-4479-9c75-e45a8813bcdc/ 531 KB
531 KB 355ms
127ms Script
application/javascript 52.217.70.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htldotbid.s3.amazonaws.com/build/cc184abf-15da-4479-9c75-e45a8813bcdc/htlbid-gdpr.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47e020441e86743fd173ab7627ee2640635b35dea5482e8323629ad9938c4709

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 07:08:01 GMT
Last-Modified: Thu, 08 Dec 2022 21:33:13 GMT
Server: AmazonS3
x-amz-request-id: F6QDN02B66BVWK23
ETag: "4a69316e7ef61839309f32438d04c8e1"
Content-Type: application/javascript
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 543547
x-amz-id-2: 5Z8YTin5edEnrQVc0PvZ/iWpwvTAPQm+MhdUfjwLERMLTr6bM8JQZny1Btk1tPLxhOuYmnAZb/c=

POST
H3 200 / Show response
www.facebook.com/tr/ Frame FFF6 0
18 B 54ms
25ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://observer.com
Referer: https://observer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://observer.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:08:00 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Show response
3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/ 364 KB
104 KB 85ms
37ms Script
application/javascript 2606:4700::6812:1af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Requested by: Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/cc184abf-15da-4479-9c75-e45a8813bcdc/htlbid-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fde7a3a5556ecd9f17ccaa6113192b9d57ca0293b32124fdb2aa5d062b55ec2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d
age: 757
x-guploader-uploadid: ADPycdvXOcMRHh0rtfNjehMzXskso5Hs5CsgmpznC9oD8JFWDdd_i971VQ4rTQkSZMEKCQtpNa8mDBSnNNCX_JIhlK2aUPDWEoGa
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Thu, 22 Dec 2022 17:49:16 GMT
server: cloudflare
etag: W/"d72b24f7b0d844a84d348cfc79435651"
vary: Accept-Encoding
x-goog-generation: 1671731356649358
content-type: application/javascript
x-goog-hash: crc32c=5z6mag==, md5=1ysk97DYRKhNNIz8eUNWUQ==
cache-control: public, max-age=900
x-goog-stored-content-length: 110068
cf-ray: 784a615b7f91f148-CDG
expires: Thu, 05 Jan 2023 07:23:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/cc184abf-15da-4479-9c75-e45a8813bcdc/htlbid-gdpr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173e2f5f1193207f5ec4de5b6d544750a04980e945ad4da724a81032121f5b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27555
x-xss-protection: 0
server: sffe
etag: "1442 / 12 of 1000 / last-modified: 1672873566"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 Jan 2023 07:08:01 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 90ms
25ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/cc184abf-15da-4479-9c75-e45a8813bcdc/htlbid-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:18:22 GMT
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 18:13:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 2980
x-amz-server-side-encryption: AES256
etag: W/"01691be6486b0003601b7299d35deebf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: OnXF8vZn_I6bkD4YPjjlS-7kuJzHkeH2gjj4f0dDcDDbvTPHqQxoJg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 68ms
22ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
date: Thu, 05 Jan 2023 02:17:44 GMT
x-amz-cf-pop: FRA2-C1
age: 20744
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: KBAwcb0x9uduXQiFgmcvlSHjBjDzpMDWeM-kDUgoQDtR5l-n7Hfm4w==

GET
H2 200 pxid Show response
3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/ 46 B
391 B 96ms
23ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/pxid?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 82151877d4e0e2118ce3741bf359f5528a5fe75a09fd1abdb035ecbf1023c5c6

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
812 B 82ms
27ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 07:08:01 GMT
AN-X-Request-Uuid: 3efc7845-4739-4716-9352-16c4984261bc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://observer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.99; 37.59.164.99; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 3b5c18b9-96b7-48e4-a3ef-011eb84a970d-models.bin Show response
cdn.permutive.com/models/v2/ 4 KB
3 KB 142ms
65ms XHR
application/x-binary 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-models.bin
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d40972c32ce351b6a0c52048b23231bf63851915f3d0eac3307d9a59630d6b

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
x-goog-meta-oid: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d
x-guploader-uploadid: ADPycdvr77bYeVWSuZ2ne90K1WQPcNiIisboUjcsL_fiGVlyTB-Kv9K1jqOJ59vqzPZLFjb6YAyNQv0LWPI9CuxITMmv4g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 2578
last-modified: Thu, 05 Jan 2023 06:01:36 GMT
server: cloudflare
etag: "36b2f0cbdd118ba9d37aefacf19ffc06"
vary: Accept-Encoding
x-goog-generation: 1672898496661899
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=R9KgqQ==, md5=NrLwy90Ri6nTeu+s8Z/8Bg==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 2578
accept-ranges: bytes
cf-ray: 784a615cac22d25f-CDG
expires: Thu, 05 Jan 2023 07:08:01 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 184 B
332 B 69ms
24ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: cbe38262701c7f8844746432f9d8a2f04cfbfbfc120e091b5642c7a06ca173d7

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 344 B
292 B 77ms
32ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 29221a1307bcd612972bf22add13eca12e48c518c0b4acf842b882a0b7783c46

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 227

GET
BLOB 200
OK 6e914a1a-3d1b-43a2-9e10-6846da205376
https://observer.com/ 91 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://observer.com/6e914a1a-3d1b-43a2-9e10-6846da205376
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19bf88bf9c1719d60dc5dd3043019ab713b269d4f22eddbdb4956a2b1f672b56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 92927

GET
BLOB 200
OK 80dd4169-3d05-4f9c-8651-83a2117e08ba
https://observer.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://observer.com/80dd4169-3d05-4f9c-8651-83a2117e08ba
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f50150b93f6dfe9cf98ef5f90a291dd1d71ff3dfc1194307388d1bb018058a1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 20393

GET
H3 200 pubads_impl_2022120801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 76ms
25ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132306
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Jan 2024 04:24:56 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 195 B
734 B 416ms
59ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=observer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

369df2444ecc74862f73afbd3fb4a33de433af3c8a21acc056cbc6d913abe88c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
expires: Thu, 05 Jan 2023 07:08:01 GMT

POST
H3 200 segment Show response
api.permutive.com/adv/v2/ 30 B
44 B 70ms
32ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 07:08:01 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
content-type: application/json

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 97ms
51ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 893a2d1026dd5d8092e6f23638001265bf55565e7e2994e375bce0f454bb5ae8

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 / Show response
www.facebook.com/tr/ 0
15 B 25ms
25ms XHR
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/?id=618909876214345&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&rl=&if=false&ts=1672902481439&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672902480104.946459948&it=1672902479945&coo=false&exp=b3&rqm=GET&cd[segment_id]=38871&cd[rex]=%7B%22uid%22%3A%22da15f03s7-c958-405b-8329-0322a7d79470%22%2C%22retry%22%3A0%7D

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 07:08:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=1

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 26ms
26ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=618909876214345&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&rl=&if=false&ts=1672902481441&cd[segment_id]=38883&sw=1600&sh=1200&v=2.9.90&r=stable&ec=3&o=30&fbp=fb.1.1672902480104.946459948&it=1672902479945&coo=false&rqm=GET

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 07:08:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 209ms
209ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=618909876214345&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&rl=&if=false&ts=1672902481442&cd[segment_id]=38884&sw=1600&sh=1200&v=2.9.90&r=stable&ec=4&o=30&fbp=fb.1.1672902480104.946459948&it=1672902479945&coo=false&rqm=GET

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 07:08:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 26ms
26ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=618909876214345&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&rl=&if=false&ts=1672902481443&cd[segment_id]=38885&sw=1600&sh=1200&v=2.9.90&r=stable&ec=5&o=30&fbp=fb.1.1672902480104.946459948&it=1672902479945&coo=false&rqm=GET

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 07:08:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 27ms
26ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=618909876214345&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&rl=&if=false&ts=1672902481444&cd[segment_id]=38886&sw=1600&sh=1200&v=2.9.90&r=stable&ec=6&o=30&fbp=fb.1.1672902480104.946459948&it=1672902479945&coo=false&rqm=GET

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 07:08:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK 1x1-pixel.png
ams-depr-public.s3.amazonaws.com/ 68 B
435 B 363ms
121ms Image
image/png 3.5.21.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-depr-public.s3.amazonaws.com/1x1-pixel.png?fn=Main_layout_&publisher=observer.com
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.21.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 07:08:02 GMT
Last-Modified: Tue, 27 Oct 2020 15:04:29 GMT
Server: AmazonS3
x-amz-request-id: 4Q34M9BTTSGNMJC5
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: Q0dV4e2g1RZXoqnVZUSQ3YSJ1wva4jcAU5CeX2MkQllapNmdezYwgeljSIi0PFgugI5d71qkZceI1eCGlNlvew==

POST
H3 200 audiences Show response
api.permutive.com/audience-matching/v1/id/bf766fee-a207-4d4e-b359-e10ff9511584/ 12 B
25 B 42ms
41ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/bf766fee-a207-4d4e-b359-e10ff9511584/audiences?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 07:08:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 155ms
39ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=observer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 105ms
33ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 725 B
418 B 63ms
63ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3335720200147059&correlator=3297077441520046&eid=31071297%2C31071299%2C31071433%2C31071326%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=22133348250%2CPrimis_VDU&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=487435963&sfv=1-0-40&ists=1&cust_params=permutive%3D28393%252C38871%252C38883%252C38884%252C38885%252C38886&sc=1&cookie_enabled=1&abxe=1&dt=1672902481777&lmt=1672902481&dlt=1672902479455&idt=2034&adxs=0&adys=4372&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&frm=20&vis=1&psz=1600x4302&msz=1600x0&fws=4&ohw=1600&ga_vid=1312069016.1672902480&ga_sid=1672902482&ga_hid=1307262304&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b0503824555e5e9ca7c74db41ddb0dac554c4338c5931a0cb3d88d3b6ce51a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 388
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://observer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 13D3 6 KB
3 KB 119ms
33ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:08:01 GMT
expires: Fri, 05 Jan 2024 07:08:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 138ms
74ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be1382c68ae6d5f819040690d35466757fc97a337de218d1c40de6f1fb5afe81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11243
x-xss-protection: 0

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 601 B
252 B 26ms
25ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 93478b8146a34ffeb720b570ec2db83a189e3479546b9df4d5dd007063b1a206

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 114ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 07:08:02 GMT

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 105 KB
22 KB 84ms
26ms Script
application/javascript 2600:9000:21f3:c800:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79
Requested by: Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/cc184abf-15da-4479-9c75-e45a8813bcdc/htlbid-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c800:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3486aa6c57105efee14a98dc631c61b157c9066ff06d2495bd826a886470d39c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: cU.0R90wERSdC1xOjrqLbINJu9xkbAVW
content-encoding: gzip
via: 1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
date: Wed, 04 Jan 2023 14:23:14 GMT
last-modified: Thu, 22 Dec 2022 20:52:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 60291
etag: W/"46e13d03e42e4f204903a0df41ff33d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=84600
x-amz-cf-id: TV89sh54opQm8K7q-96Ak5EzgZIY_GDLsASnZ5UvLw9cCpcbFu0FSA==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 331ms
114ms Image
image/png 54.231.130.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1e511584efcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 07:08:03 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: XHD4FCXH0FQ4HBMQ
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: yrbWf/N9CF+IBe+czVX63ZNBnm8mrWzEjX0MtTSXSrXb7iYlWja5Iksda4Va4Q0O537yCwxnWEE=

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F66 13 KB
5 KB 77ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 30942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 22:32:20 GMT
expires: Thu, 04 Jan 2024 22:32:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1BF4 783 B
1 KB 95ms
37ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5bf593c0fc58fb811d64938de29d5ea3ef090b08afc0309a0013f8c8cce38a26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5zZCgGkFrduWSpTMix1IxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://observer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-5zZCgGkFrduWSpTMix1IxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:08:02 GMT
expires: Thu, 05 Jan 2023 07:08:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/79/observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/ 2 KB
822 B 534ms
455ms XHR
application/json 2600:9000:20eb:1c00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/79/observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/.js
Requested by: Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/cc184abf-15da-4479-9c75-e45a8813bcdc/htlbid-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1c00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbe288e856f62c39e838c914adfbe30db3d1d23503aa779e30d259c6ab0b6637

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: gzip
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 284
last-modified: Tue, 03 Jan 2023 21:34:55 GMT
server: AmazonS3
etag: "05d0c99e4834fabfb684081f14bfdda5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: iRUaiKHhA_6thPGYUPOyz3RAV32-r-zSHHKjP_XKevrdUwUySvyc3g==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
741 B 26ms
25ms XHR
application/json 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:17:51 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 17410
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://observer.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: rZRgnIQQRqBlKbHiFxKCE-DfsFddT-wZoMUiDNzHSBMZAfwDR8jX8A==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
460 B 148ms
61ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&pid=rkmvNR69aXKPw&cb=0&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_leaderboard_atf%22%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_article_instream_dsk_1%22%7D%2C%7B%22sd%22%3A%22htlad-10-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_right_rail%22%7D%2C%7B%22sd%22%3A%22htlad-16-gpt%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_adhesion%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1010%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: 5BRCYHQMG64YQAJ6ERX8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YTF5UaCRTYnUgySwejIHN77jrV2325q1sWVWHT_Ms8lPCkms73n1Kg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
739 B 24ms
24ms XHR
application/json 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:17:51 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 17410
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://observer.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: rMtCqYiVZsZZ9O86ZZTPAn-94rNoeSNc_jsS5rR06c1kyXMdxPm2YQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
459 B 149ms
69ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: YMWGSBW4V613V40FC3XQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: WKgV9iuRWazksZaNoqueZqVK0SmzmcDEps0Yli8fZGtg3pwTarXDHg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 79ms
26ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: DVSNE1NGRRY623D2
age: 3159
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 784a61626db5d672-CDG
x-amz-id-2: fCaqCDsBNOcZ25eLZj8sScANNnMYeY2SymT+cjX37pvIzKf0WRATQrMzPX0opgeRbBkCRvgtUkI=

GET
H2 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F66 36 KB
16 KB 381ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:41:01 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1BF4 0
0 395ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=3335720200147059&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
399 B 86ms
23ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

b90c1b05dae5871617ca779c34235aae7816c102612da77bc61a1c87309a5eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://observer.com
date: Thu, 05 Jan 2023 07:08:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
226 B 85ms
23ms XHR
application/json 2001:41d0:701:1000::96f
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a66228c52eb9d9ad34e4695434a602fc8ebbfcb5a29a7ba5d2eb352e5c9deb5d

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://observer.com
date: Thu, 5 Jan 2023 07:08:02 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
399 B 86ms
24ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

12c5a381206405092c7e7b3f50965729a00b3f7fe2840cf61c8ebbf2c51b2271

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://observer.com
date: Thu, 05 Jan 2023 07:08:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
226 B 83ms
22ms XHR
application/json 2001:41d0:701:1000::96f
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9cb1df3983ac960eda06a4e5b2db75c7200515c2776a00d4cfb3cb4f36c0f91f

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://observer.com
date: Thu, 5 Jan 2023 07:08:02 GMT
content-length: 54
vary: Origin
content-type: application/json

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 738ms
133ms XHR
text/xml 3.236.169.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D79%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.236.169.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-236-169-101.compute-1.amazonaws.com
Software: /
Resource Hash: b7461c2697142bb258f882e6c7c2c73034716920215b7c71b6380044da41c324

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Thu, 05 Jan 2023 07:08:03 GMT
x-amzn-RequestId: 19e38f09-72d6-5774-b0c1-d3390b44782f
Content-Length: 378
Content-Type: text/xml

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 86ms
34ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=observer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 87ms
34ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 206 KB
29 KB 574ms
572ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3335720200147059&correlator=1601322000521070&eid=31071297%2C31071299%2C31071433%2C31071326%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=22133348250%2Cobserver_leaderboard_atf%2Cobserver_article_instream_dsk_1%2Cobserver_right_rail%2Cobserver_1x1%2Cobserver_adhesion&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x250%7C728x90%7C970x90%2C300x250%7C468x60%2C300x250%2C1x1%2C728x90%7C970x90%7C1x1&ifi=2&adks=4231055590%2C255008701%2C2430074259%2C3605225847%2C1609032035&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Camznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Camznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7C%7Camznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=permutive%3D28393%252C38871%252C38883%252C38884%252C38885%252C38886%252Crts%26is_testing%3Dno%26is_home%3Dno%26pagetype%3Dsingle%26url%3Dhttps%253A%252F%252Fobserver.com%252F2018%252F07%252Fwang-jian-hna-founder-dies-tragic-fall%252F%26tag%3Dwang-jian%26author%3Dsissi-cao%26articleID%3Darticle_1124545%26brandsafe%3Dno%26section%3Dbusiness%252Ceconomy%26servead%3Dno%26htlbidid%3D15033%26prmtvsdk%3Dweb&sc=1&cookie=ID%3D45552cc9f5f9b401%3AT%3D1672902481%3AS%3DALNI_MZ_py0qodYxZ75z9Eaiv18iSoR0tQ&gpic=UID%3D00000b9ddde200ba%3AT%3D1672902481%3ART%3D1672902481%3AS%3DALNI_MaF912Rx4n2gnTTo1k9itGGV_fciA&abxe=1&dt=1672902482396&lmt=1672902482&dlt=1672902479455&idt=2034&adxs=315%2C475%2C978%2C-12245933%2C436&adys=225%2C1699%2C500%2C-12245933%2C1175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2%7C0%7C-1%7C0&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&frm=20&vis=1&psz=970x0%7C300x0%7C300x0%7C0x0%7C728x-1&msz=970x0%7C300x0%7C300x0%7C0x0%7C728x-1&fws=4%2C4%2C4%2C132%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1312069016.1672902480&ga_sid=1672902482&ga_hid=1307262304&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b55b4bd335e45edfd8dd40b944affb2c95f46ced23852042597fe052d789e446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29813
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,5658459797,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138344978924,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://observer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
21 KB 545ms
545ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3335720200147059&correlator=1349818080297355&eid=31071297%2C31071299%2C31071433%2C31071326%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=22133348250%2Cobserver_article&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=300x250%2C300x250&ifi=7&adks=2207546081%2C2303841712&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Camznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=permutive%3D28393%252C38871%252C38883%252C38884%252C38885%252C38886%252Crts%26is_testing%3Dno%26is_home%3Dno%26pagetype%3Dsingle%26url%3Dhttps%253A%252F%252Fobserver.com%252F2018%252F07%252Fwang-jian-hna-founder-dies-tragic-fall%252F%26tag%3Dwang-jian%26author%3Dsissi-cao%26articleID%3Darticle_1124545%26brandsafe%3Dno%26section%3Dbusiness%252Ceconomy%26servead%3Dno%26htlbidid%3D15033%26prmtvsdk%3Dweb&sc=1&cookie=ID%3D45552cc9f5f9b401%3AT%3D1672902481%3AS%3DALNI_MZ_py0qodYxZ75z9Eaiv18iSoR0tQ&gpic=UID%3D00000b9ddde200ba%3AT%3D1672902481%3ART%3D1672902481%3AS%3DALNI_MaF912Rx4n2gnTTo1k9itGGV_fciA&abxe=1&dt=1672902482439&lmt=1672902482&dlt=1672902479455&idt=2034&adxs=978%2C978&adys=1110%2C1380&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C4&ucis=7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&frm=20&vis=1&psz=300x0%7C300x0&msz=300x0%7C300x0&fws=516%2C516&ohw=1600%2C1600&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1312069016.1672902480&ga_sid=1672902482&ga_hid=1307262304&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98d6edeb0c11efc64b80f86f95d53b25214bd65e3f8afe6c85bbcddfe60cefaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21812
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://observer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 517.json Show response
id5-sync.com/g/v2/ 216 B
622 B 85ms
22ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/517.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

630c07ecdd39b0a51b8e34611bd776ea807e3e197dd96e636d5ff8e4022dcd63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://observer.com
date: Thu, 05 Jan 2023 07:08:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 517.json Show response
id5-sync.com/g/v2/ 215 B
621 B 85ms
23ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/517.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

c209eb6ade4a4779a96c09b12dca3df95f2c362aa4658e21ead8a714f0919acb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://observer.com
date: Thu, 05 Jan 2023 07:08:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 57ms
57ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 07:08:02 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2F66 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4twfPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032211111611000/ Frame 6369 221 KB
61 KB 176ms
36ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f55c14576b73b1fa761c9722153509875403c18b3a6916045fd146f3e3a6a00

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:20:05 GMT
age: 110878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61627
x-xss-protection: 0
server: sffe
etag: "0be482f0352f4793"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:20:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 6369 14 KB
5 KB 307ms
168ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:30:43 GMT
age: 110240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5201
x-xss-protection: 0
server: sffe
etag: "0e2d67a193799b94"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:30:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 6369 94 KB
28 KB 320ms
182ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Jan 2023 00:26:38 GMT
age: 283285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28866
x-xss-protection: 0
server: sffe
etag: "61003bcde0ed5887"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jan 2024 00:26:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 6369 5 KB
2 KB 308ms
169ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:20:05 GMT
age: 110878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "d44263764bdab45e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:20:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 6369 40 KB
13 KB 326ms
187ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 01:15:46 GMT
age: 21137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12947
x-xss-protection: 0
server: sffe
etag: "9cd92599851d18a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 01:15:46 GMT

GET
DATA 200
OK truncated
/ Frame 6369 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46154ceb9a719ddd98ab5d494e7183bc556d41c2d77825e5eec028791316f359

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032211111611000/ Frame BD30 221 KB
60 KB 199ms
79ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f55c14576b73b1fa761c9722153509875403c18b3a6916045fd146f3e3a6a00

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:20:05 GMT
age: 110878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61627
x-xss-protection: 0
server: sffe
etag: "0be482f0352f4793"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:20:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame BD30 14 KB
5 KB 197ms
193ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:30:43 GMT
age: 110240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5201
x-xss-protection: 0
server: sffe
etag: "0e2d67a193799b94"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:30:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame BD30 94 KB
28 KB 197ms
194ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Jan 2023 00:26:38 GMT
age: 283285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28866
x-xss-protection: 0
server: sffe
etag: "61003bcde0ed5887"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jan 2024 00:26:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame BD30 5 KB
2 KB 200ms
197ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:20:05 GMT
age: 110878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "d44263764bdab45e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:20:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame BD30 40 KB
13 KB 201ms
198ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 01:15:46 GMT
age: 21137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12947
x-xss-protection: 0
server: sffe
etag: "9cd92599851d18a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 01:15:46 GMT

GET
DATA 200
OK truncated
/ Frame BD30 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff143db86fab915333c29a6676b9440ef1f1db22e979ce5ba571d16bf617d57e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032211111611000/ Frame 2074 221 KB
60 KB 238ms
134ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f55c14576b73b1fa761c9722153509875403c18b3a6916045fd146f3e3a6a00

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:20:05 GMT
age: 110878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61627
x-xss-protection: 0
server: sffe
etag: "0be482f0352f4793"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:20:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 2074 14 KB
5 KB 202ms
199ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:30:43 GMT
age: 110240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5201
x-xss-protection: 0
server: sffe
etag: "0e2d67a193799b94"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:30:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 2074 94 KB
28 KB 203ms
200ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Jan 2023 00:26:38 GMT
age: 283285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28866
x-xss-protection: 0
server: sffe
etag: "61003bcde0ed5887"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jan 2024 00:26:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 2074 5 KB
2 KB 206ms
203ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:20:05 GMT
age: 110878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "d44263764bdab45e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:20:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 2074 40 KB
13 KB 207ms
204ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 01:15:46 GMT
age: 21137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12947
x-xss-protection: 0
server: sffe
etag: "9cd92599851d18a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 01:15:46 GMT

GET
DATA 200
OK truncated
/ Frame 2074 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaffe739d46824bf1bf3d2b6841a12ad02f01ee633adc95d7d71ec11f3b66b79

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 18176039885615728270
tpc.googlesyndication.com/simgad/ Frame 6369 87 KB
87 KB 26ms
25ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18176039885615728270?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlvN-aB1yTCoIs7uZ4O-aJLKXWpew

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e148a9862168d423350fc89e8889bed17b1fb5a0d325546a1bcf436b21e1c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 06:04:40 GMT
x-content-type-options: nosniff
age: 349403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88807
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 07:43:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 06:04:40 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6369 2 KB
2 KB 40ms
37ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 77290
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Jan 2023 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6369 295 B
319 B 39ms
36ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:35:33 GMT
x-content-type-options: nosniff
server: cafe
age: 37950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Jan 2023 20:35:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6369 0
0 93ms
38ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpLinfR7UAIlyXK0TeGLPMO83Tu6RsaxbB9w8YIKJRV6FYrTO3G7IdQ5-qpc5UnSfXpPpTIgddC3AU_7MHiKXua3UYjw
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6369 0
0 77ms
73ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoRyvUne2Y8H5G9fhgAfO1LuIB-bBhN9r6dXdw_APqtyPmaUjEAEg3LbYfmD7AaABrZaa2QPIAQLgAgCoAwHIAwiqBMUCT9A1bjebW_FEehHAj4b7wiJvo_hBm92Ht6z3Htl2H_Q-Yp96L4TYi7S0Xm0u339HgOrQPbi7w6qTcId2F36UBjN6TQSEQdsybC0wL92n9sC2uw3Z_cQ4SaH0G3QvxRiQ3qKO3sZG8SA8z723cRYLKJTJuOpyh2k4v4muiYVvocAnEWYxBlNVarRCUTbdXbsUeE97pdt1WkHvk4NlpMttHWBlIPJHx0bx7u7xt0Xl_QbxX4x0Fgvs72i03m1IoKaEBAe8elQa9rjUbYWKIh8FTo_IXUl9D5jDIFsIziTaBTMrm_YTjhDsUDwMgVqfkdtXf7sAmVoOztTTHSQ4pQZA3_L8Q_8uDI_lxNP1FUG6a7lYnwq5RlpnxPNJ2kjlkirZOfvv99MQSpUJzFt9DfWpvVEocuCL7U8lXw17s8pivsB-jFgxb8AEn6fs-_cD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB7vp5SaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDlswnSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zOTk4ODI0NDAyMTIxNjAyGM7-dg&sigh=tRfsRn5Nr1A&uach_m=[UACH]&cid=CAQSOwDq26N9D_W5ER4fTFzs2hZpaoXfFICLlE_s3z6_nEW59-k3Twh1n5WC2diJhlBeLHG-WEl0gWFFAG8NGAEgEw
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 11404205529691198387
tpc.googlesyndication.com/simgad/ Frame BD30 18 KB
18 KB 44ms
41ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11404205529691198387?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlLqn_z_jWp3KvHTalcyyUnbCsQpw

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24d008e3735bbddd99689edeb61c7cd8b1966825892a73f419a0720433deaee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 10:34:47 GMT
x-content-type-options: nosniff
age: 333196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18874
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 07:42:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 10:34:47 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD30 2 KB
2 KB 40ms
37ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 77290
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Jan 2023 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD30 295 B
319 B 41ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:35:33 GMT
x-content-type-options: nosniff
server: cafe
age: 37950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Jan 2023 20:35:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BD30 0
0 89ms
35ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROqfnE2ZJFE4Ep4sEdU0xy2V4livM6gstVsNQsiSji_UZgbyf4EBqoboXTCiFcLDfG5eKou9zCDYAeX-VoSWw_BHbQog
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BD30 0
0 73ms
70ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQgT2Une2Y8L5G9fhgAfO1LuIB-bBhN9r5cG80uIPqtyPmaUjEAEg3LbYfmD7AaABrZaa2QPIAQLgAgCoAwHIAwiqBMsCT9A3rvz4iEbbn7HYOC9pQ1I2hNqr2E-uMZveZJmj0vjPnpbf1FIZsF-btrbcGGuPVCataWBdJU3rN_GIykZrlJ7uhw3oZkKVwmIcrUVevDZ-5ItC6LCf_tnBR64kAk97gkki2klIREUsvyAQuU5zJh1x_6GjcGE4ny_upyvvGceCz8EiI1p41h9UBjg-7ocNd3mdi0AOKxF4lrLJ-APZCuGBqMaCXAv0heMRkGturfTEX4F1LvzzNG-7LFltqtlvtfyF6eM-hjzCrMYEYos_P0fnsq8k7oLr20BlXS_K5OXcOtOE4DhY7R0Sb7MPrE4_fIWYfxoCweN0TkfUEY4Zv4EQKKb7o9u2zhRDz9oSpYSnNrRdyweN3Gkw-2wcqotzpmzmJqhARH-qmiV3Q_ERYER5Q2WQLHdg0VmR34ZR72jSwyqmV2yFYZnukMAEn6fs-_cD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB7vp5SaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD9rAbSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zOTk4ODI0NDAyMTIxNjAyGM7-dg&sigh=o0_t5XyEkH4&uach_m=[UACH]&cid=CAQSOwDq26N9D_W5ER4fTFzs2hZpaoXfFICLlE_s3z6_nEW59-k3Twh1n5WC2diJhlBeLHG-WEl0gWFFAG8NGAEgEw
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 17841437936251448888
tpc.googlesyndication.com/simgad/ Frame 2074 43 KB
43 KB 52ms
49ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17841437936251448888?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlzjtSP-2eBOgq42lpTHafa5df4FQ

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e53f0cff32c14b4316b461ef64ca8cb4d44adfe5d759bad16c69de0547064c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 07:49:22 GMT
x-content-type-options: nosniff
age: 256721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44137
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 07:42:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jan 2024 07:49:22 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2074 2 KB
2 KB 41ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 77290
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Jan 2023 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2074 295 B
319 B 42ms
40ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:35:33 GMT
x-content-type-options: nosniff
server: cafe
age: 37950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Jan 2023 20:35:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2074 0
0 90ms
37ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZWCsbQpgqWZOiqiHySSDxd-85WCC_G5Ixmhrmk1rdzh5935Clyavc8G9BoeRE0kCZvEYzo4c27PMPiF5JNKyTXLZ9qw
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2074 0
0 70ms
68ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4Nt-Une2Y8P5G9fhgAfO1LuIB-bBhN9rptebsYAQqtyPmaUjEAEg3LbYfmD7AaABrZaa2QPIAQLgAgCoAwHIAwiqBMsCT9DtGfMUqOHKvyV0kHIsdVKQ5oWWcCHvIhoyPnTtZQWMOz-PSHueHi9epGNU0oRoNL8Vz-A4kH8aIZ0g0dYwtPVPURQuiEHuw1o6s61nueljHeheCje0VifUgCQb6XDH8SQnoFpvXjI3HgJ-q0J90_p0vwKh2p6oWC5DJ7Fubu7KaTtMieTtGD0M92FVAGk-97YYsHIP9BW3M1XVBBi4aXkTyhll-EUbLhrhtyUl3tZHxUAgPb2P1hkumGqSHproYjGKtEYu3PVXtNnf3UtmWlKNdLsQtp1GxoJXtFN_eGr7j0MikXEwksFL1eqFseaYh_6GhtfERqY--5iOj4PBZLA9eFDdcX6X3nT1tcaDGhVaJsXnqcAbL703jSEpo_EiTl_2Nv559EzMvNoTgipQdNIVtv30qkp2_KlpoEXuflVjTsq4VKNQJ-dwNMAEn6fs-_cD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB7vp5SaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDPkwTSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zOTk4ODI0NDAyMTIxNjAyGM7-dg&sigh=33jd1Nq3z_s&uach_m=[UACH]&cid=CAQSOwDq26N9D_W5ER4fTFzs2hZpaoXfFICLlE_s3z6_nEW59-k3Twh1n5WC2diJhlBeLHG-WEl0gWFFAG8NGAEgEw
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 167E 0
0 65ms
64ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6In1qhabrKYvs_6jDT7X1uG9AIkVTzvP8An7rTdNmxq-1H47zgymSrBvsz6qbTHKzLlIZJpkZrbOYJ9LnKk__YUJ3f-tZKjWXO-KlHq8T0nvK8TXB_kmNxpyS1b1Ly_yJtkTtbTvJfyLPcQetD7-phyj1WbyIM0Z7hlpwJg9yN1SLacRgyyGAIgyhCzoKiEihDnveB4mFHu5uSS1iFkWaHe7RqRQ2woLuiTZn376mRGlZkLzHTNeg1ZefRfwIxElvhu1FKCj3EhPqE34jI47w5ENGddwZ0VdHs9avReFPm9KwYOcFzKWBUNORpyp2vTU&sai=AMfl-YRzc2VU0INqyuFkDBxDtHlweVG9mQ3Bzmw848EpgF0HKNEg0qwuV7ZGmjrjuUR5NrkLx2oKDlaW_XUtrpksy0KBvDXnP1C2tQqFs8ZEFR167Pxzffrd12lBgSvJ6AhA&sig=Cg0ArKJSzD06w02Q_TX6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 iframebuster.js Show response
assets.bounceexchange.com/assets/bounce/ Frame 167E 2 KB
2 KB 126ms
19ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:36:31 GMT
content-encoding: gzip
age: 1182692
x-guploader-uploadid: ADPycdsK8QOmdFHq_Rql15Z5ykIDovBum_dSN0SoN7PuuCIbleE3wwREkappcVfS0yhnH92zIkqFgw3SZi1pBUxJ0Jg-0pKodLgl
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 970
last-modified: Wed, 14 Dec 2022 17:19:36 GMT
server: UploadServer
etag: "492436babcf53df320d9f3908f98c44e"
vary: Accept-Encoding
x-goog-generation: 1671038376215048
x-goog-hash: crc32c=p0ef8A==, md5=SSQ2urz1PfMg2fOQj5jETg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 970
accept-ranges: bytes
content-type: text/javascript; charset=UTF-8
expires: Fri, 22 Dec 2023 14:36:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 167E 154 KB
48 KB 59ms
45ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 07:08:03 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032211111611000/ Frame EC86 221 KB
60 KB 211ms
146ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f55c14576b73b1fa761c9722153509875403c18b3a6916045fd146f3e3a6a00

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:20:05 GMT
age: 110878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61627
x-xss-protection: 0
server: sffe
etag: "0be482f0352f4793"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:20:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame EC86 14 KB
5 KB 208ms
205ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:30:43 GMT
age: 110240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5201
x-xss-protection: 0
server: sffe
etag: "0e2d67a193799b94"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:30:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame EC86 94 KB
28 KB 209ms
206ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Jan 2023 00:26:38 GMT
age: 283285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28866
x-xss-protection: 0
server: sffe
etag: "61003bcde0ed5887"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Jan 2024 00:26:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame EC86 5 KB
2 KB 211ms
208ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 00:20:05 GMT
age: 110878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "d44263764bdab45e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 00:20:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032211111611000/v0/ Frame EC86 40 KB
13 KB 212ms
209ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032211111611000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 01:15:46 GMT
age: 21137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12947
x-xss-protection: 0
server: sffe
etag: "9cd92599851d18a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 01:15:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EC86 4 KB
621 B 90ms
36ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:55:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 07:08:03 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC86 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 77290
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Jan 2023 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC86 295 B
319 B 39ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:35:33 GMT
x-content-type-options: nosniff
server: cafe
age: 37950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Jan 2023 20:35:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EC86 0
0 53ms
36ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStvpMpCJimCOaf3bQKNQ3QdWAyngtkUo-T0EdsgWTtz5U7pIylMwtqb1gqhPLKp7LsBzVpL2OJ3grhcxu3Eteojouirw
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC86 0
0 70ms
70ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl8BhUne2Y8T5G9fhgAfO1LuIB5yTja9ptr7epu8P8srO-_MvEAEg3LbYfmD7AaABrZaa2QPIAQngAgCoAwHIAwqqBMoCT9AroIBtkied1HuxOzcNoT-BKWqQ97vA7ajiY9jXD6nwuwqxqcYYmOdY5-QABAsdr1SjqmaUy_Gd7nGa3o7KzyeVFrE1F17Y2O3lVQRWZy-mmcz_TvOhG-10qv1V15hmH8k7fKu056uji4bWbtdmD7YD71ig9fHiLoDmD3-lAYk9CBhwtvNSpLW5oQP7IUr7CzKtU4mCLSQpLnpvomnVfRJ0Ksy0yHzORj5eLPsZCpEhu7tOea-Ju4LU5C4DsY9E4k5anOTMCOu0si7wlc1U_pX90LWPCCvfW9bdRhDDY9rzENmtrDDrH88DPeqKyYtAGYI9XSvSPqrHO5NITtGc0PibHt7wYEA7r1uXhXX1K-ig7cqMjhjHuSCGMLvsThZLwPk4eZCRb5p2V1Dcz5FBkKF0cZRlB2FbR2vE7lVF5OdrX5CEerRWGJEXwATV0pCS7gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHu-nlJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEPAu0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwG4E-QD2BMNiBQC0BUBmBYBgBcBshceChwIABIUcHViLTM5OTg4MjQ0MDIxMjE2MDIYzv52&sigh=DGa9x4hbvFw&uach_m=[UACH]&cid=CAQSOwDq26N9D_W5ER4fTFzs2hZpaoXfFICLlE_s3z6_nEW59-k3Twh1n5WC2diJhlBeLHG-WEl0gWFFAG8NGAEgEw&template_id=484
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da722abdac2fd04748b3293549c2bbdb526fcb1f192dc2fd7ac8db0a42166629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/9030997657022758982/ Frame EC86 24 KB
24 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9030997657022758982/6592766407814317453

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70ac2a69eea8048af70de9c8778f794db5c7d02f606b969243cd8438bd68836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 09:41:30 GMT
x-content-type-options: nosniff
age: 336393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24866
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 03:34:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 09:41:30 GMT

GET
H3 200 13888165382829236247
tpc.googlesyndication.com/simgad/ Frame EC86 2 KB
2 KB 34ms
34ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13888165382829236247?w=100&h=100

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184400e86583160bf90609a1b1b7a24d8de73d90dd7002a6f494445db89b85a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:46:39 GMT
x-content-type-options: nosniff
age: 76884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2461
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 06:58:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jan 2024 09:46:39 GMT

GET
DATA 200
OK truncated
/ Frame EC86 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a2686142ea2b6318b298cb3570359d0d7ecaa37d792881ac2d2691ea809674

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E240 6 KB
3 KB 78ms
25ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:08:01 GMT
expires: Fri, 05 Jan 2024 07:08:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 7720 221 KB
60 KB 178ms
168ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 34318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7720 14 KB
5 KB 197ms
187ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 34318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7720 94 KB
28 KB 198ms
188ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 15:36:51 GMT
age: 55872
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 15:36:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7720 5 KB
2 KB 201ms
191ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 34318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7720 40 KB
13 KB 202ms
192ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 34318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7720 2 KB
2 KB 31ms
24ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 77290
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Jan 2023 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7720 295 B
319 B 33ms
26ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:35:33 GMT
x-content-type-options: nosniff
server: cafe
age: 37950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Jan 2023 20:35:33 GMT

GET
DATA 200
OK truncated
/ Frame 7720 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e59c1840342687b9c1ad9197f34b5cd9a0acfaabaf4ffac8b295e23d1a2fa66

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14639448589242826962
tpc.googlesyndication.com/simgad/ Frame 7720 20 KB
20 KB 31ms
27ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14639448589242826962?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmcXi1Owguvn7F0dHCCVkYY2ocDaQ

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d2ef2eebc186ae00f2af8692690d8c9dd71ccb8bef917bcf1957d4a1860bd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 22:45:45 GMT
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20413
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 12:44:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Dec 2023 22:45:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7720 0
0 39ms
35ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeYsEovW6pi_m9z5LAZKF9TBlEWTERGd4ByEuMXHOg6ATPlzSyHf8uhTYv0pcqvC8Pa9K_X0o0HwR5exfnafruY7q28Q
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7720 0
0 72ms
68ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaNTIUne2Y9aDHtrugAfR3YioCO3c3J9uofTvsJgR6Y6QjvsIEAEg3LbYfmD7AaABq9Hs3AHIAQLgAgCoAwHIAwiqBNICT9CrWxpmwY6vNWgFUa8Z76PAIzpbdTP4vXbpEMp9GLgEOTKihs1vD4OH2C8p5CDEmjn3AuAFdI4U_oQoG-mrgqXsJBJwY2Zu2xgrS3_4W6hO4nxw0MGYHSgvyI36A4Jucw-TDUNVkFJRry63UHHMauMnjZs8yaqIN7IYEN63goeO5igeaUFZnT-HadIqlwKY9-LnszOp-cWiKtV7DcLpNKIC3IruuMda31VnPbScxw4LEAigLQkoizGpznZq35LU3XTh7A6amc62ojkB6fg4DRWj9-Adnaaqd3mSRktJPd4shGJv-3ktPm8v6lFEB7APBywVOziwTUSEzdXJ7M2N4hiNMo1TKq-kxLab4fXjA0fiS7qtUYWSMyJItckEyUN6dPa625PxnF9J8_BqtzajLQzOfSeBeRegWz_OD74_6k4ztZlFxwH6KNWJPCsACcblPmjABPW9iNKGBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAe9rpOjAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEPAu0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzk5ODgyNDQwMjEyMTYwMhjO_nY&sigh=-q6xYwsY9pg&uach_m=[UACH]&cid=CAQSOwDq26N9XP0f5MPoTa4XE9iF2wIrQHHrG-0OT5TqYPdHYuCSOOs8zmvlglhwfKpsZL_iPqhjVQczuvAIGAEgEw
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC86 15 KB
16 KB 328ms
25ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://observer.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 224591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC86 15 KB
15 KB 331ms
30ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://observer.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 559548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 19:42:15 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 536 KB
149 KB 142ms
37ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js?ver=1.0.0
Requested by: Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 07:08:03 GMT
Content-Encoding: gzip
x-amz-request-id: 024KYDC99A6114MY
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 7tE+2CMLDD5BNDBqi1qfF94IVqOEVgapt9i7xklf+fhUWOnQyKQ4BAQZIhCTAtoLRKRXvzg49nM=
Last-Modified: Fri, 16 Dec 2022 21:32:35 GMT
Server: AmazonS3
ETag: "4f9f244a6d1c98dafe98c9b8b18b1fbb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 215 KB
74 KB 94ms
35ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 474e04bb140d1d4a1833b2abb414a0290a9bb72f91b85b8c5ba77fe929573056

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: gzip
last-modified: Wed, 04 Jan 2023 14:33:34 GMT
etag: "14-3zG/78lP9F2ZHhJXbR+vhLgeQcw"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: d28b7494fd54703a196788000adb6cf5
timing-allow-origin: *, *
content-length: 75479

GET
H2 200 i.js Show response
tag.bounceexchange.com/4256/ 3 KB
2 KB 172ms
19ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/4256/i.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: d46f9c20708adc43c0209e0c320a376ff99ee0e4875f346bb31c19210af1f9d3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:47:46 GMT
content-encoding: gzip
via: 1.1 google
age: 1217
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1719
server: istio-envoy
etag: 294f0863f513b6
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 167E 0
0 364ms
63ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4qrziqEopJWMilDnUNWL0tkUGvcHGT1iSTia9ZTINpHlfV8-ZGwKTnRzdWr9WkwAB-5a1V2pCySEM2eQMYKV6Y-VgJ_CZ9qMLEFH_TBJwx_aHKGfXyvt9eyA1tZuyZ0tyhZR4-MsOifr371dzVTfFU_hWqZuiUWs_QCplpma9RpP3nFglE-Zeo3k-rGvXBIknRc4RJYZYd22A8iLEAAb0kS4MwF8J8-OsuWgeK0ouKUVNKqoaCHwXPpeCEDQfxBFEgYZlPrva-PZdFcjwHWNnqHWyogoPIQMYAFjG_iH1TQG2Vck4vX4lfI2Fz5TEE7g5cQ&sai=AMfl-YSqW3ouic2MSTxotYnkA-qAmBUf_uMam-t92CqjNrzZnGUla-rJ3kg5MPtSyGT7Tx6b90v15E6Elvd5dNyv5wF8s12abT4hYutBhSgNgvy8bYdqS8voDNmeeYZsyv-K&sig=Cg0ArKJSzM4HqizoESATEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 07:08:03 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E240 0
0 75ms
74ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9QM4Une2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLkCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvAX7mGuzG5Nx4VCuz_m4OVE6v2AVNQ1yKo6EmGb3flM73oOqpcNPeAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzk5ODgyNDQwMjEyMTYwMhjO_nY&sigh=_FqugUANo1Q&uach_m=[UACH]&cid=CAQSOwDq26N9XP0f5MPoTa4XE9iF2wIrQHHrG-0OT5TqYPdHYuCSOOs8zmvlglhwfKpsZL_iPqhjVQczuvAIGAEgEw
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E240 0
0 81ms
26ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jkmq2gp97ssxgpg5ax3v1z3tvhjm2fta7m4nvs57bgj34kvwvmmwgw4nvtrwnxsbeyr3ba70hqbravvv4r0k5pp2rgvpdmkrj0hcsy11edazwc2ja89rz301nt6fsnrs26tq0v75b74a7bz0y2pbhs9w4hyynj9dxbp9e35pfycf67q2cj9xjwr4bygfkytxchh8wtvs5d0k9zx0ech3deyq10nrmcjxd45a3137nyx4mx8hd5xywx4650m67agf4fm3p8gq80jzy1dyt9nswr7by63t7f6x0r8kqh39w693mbwg2ksk4p2k1mdf47m4texx034c9b7gbawpbyrp9d7tnrkjf0q5rw16xt97pn90t3vyk5r5p0gf26r8d7egw28v76pym&b=Y7Z3UgAHgdQK4DdaAAIu0Sa6lr6SPqwClbEAhw
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 07:08:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame BE20 2 KB
3 KB 98ms
44ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hr7pftr3y4j8dww89qkaty1r22ax876drdy48j4ngkbw11bhb7e1kaveybyrsk0zwvxnva2ecdqt6xe89kn0b5bm6h528cfnk2zack0cd2hfzq542dvq9qej24jd4kdvg14w992ebtpqcq1wm7ncayk7w1ebe2743cq2wtamgnbxgccp6ezpcxbxxg78tnhdy6nb1t32r2vv90ynvj8pz7daqpdxj5gxd59ysbd55yay6y2pxevdh9at1he6ntzdabq26atzd3fg3hwd8zg5ew22q92qm3d3tjq8m963htag2ssn36g6zk4nqjn4s21xr7s5f8bcshgx2311ph3ey69jpm6yw70x9ahgz81psq8ngqew0qnmyz4ggnnwyaf0q7x2tzy81nr2gw7tg48j6gqfvz15d21ct2tnwcat1m301g7peezxrqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%26client%3Dca-pub-3998824402121602%26adurl%3D

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55a874e8d3e1bd952e2f597c65ef265be4a7fda78e0b6929b5e67b16b93a3910

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784a6168dcd5f128-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:08:03 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame E240 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:46:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2509 1 KB
742 B 328ms
26ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 57853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 15:03:50 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 15:03:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame E240 18 KB
7 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:46:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E240 0
0 34ms
32ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThwzewDHbxUuV3Ah__Y3YrORt1NDlS4LWj9dGAm_K4E-P_IJXW90H45mOedfpOxH7kUbRWTnaTf2xoKld5ndly5PbDNg
Requested by: Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E240 24 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 08:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 600467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Dec 2023 08:20:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E240 154 KB
47 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 07:08:03 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6369
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

94ms
37ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 Jan 2023 07:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BD30
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

96ms
46ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 Jan 2023 07:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E240 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0a1e36b4f097ab210241b4775783305d64d047cf20230d7152b0ffdb38401cc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 362ms
61ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=3335720200147059&bg=!ZGelZyPNAAYDMoyoIzI7ACkAdvg8WrJ6f8zN8R9FjrxaX0KfwsqIB1bXGB9mC_40JbGByLgROXHhQQIAAAB_UgAAAARoAQeZAqARePgX3hOhzrTgI0gQ95Flbafz0_SaVYKzahRJg1_DNO-L3850G3AAmHaal7RPDzl0LD4UQOfTlqZ019W2-TyPijmtlBZY0ew8RrVIPaEwwrxBCFmi4quSkkCMV-cZ4ethqgKK30qY-MnShaTxWcEqH3uh5-Z3wypPVCB_FcwiBZehu5Or6QOGA-Gz8aLobzCcVZhkxs1KyI93xT8RNgyuBBiLeldIQHjJjrbEd2Bdwn97zSZo3RFAbEQ_6G1rgiieWdyCwYFiGcRpNpr80plW8ssH3Z2d1x14r8MQCqgb7tF5BIUBxNV1Bf7QpibO8nzb9gsdoLmz8ZKW7yTtJS-gra6pyzDqyfg_ek1QphNn_dVIDldAvmMb-UhHXhwNi65IfpT5WnVP9WSAwgCWLPSgtTl12EN4NpPf_Ccf7L887TWWATQLDJKgFIUDRMkrTp42PN7UbqladoywfNfeo5H4XcvKoQOSfW8-oNJZsX6ZXiI3aXsMCxP51vi1kSs4axYL0BQNAXYgT6G0sHAO3La7VyRaFKbMOSiJXh7uLnfqtGPFjrDVeRhiLkIbK9xBR399IqCHkruSMaEUQq4aXRfWQaceeReSWYH41WYMS3gz-JCgDJqrWnVMEQbLK8is6r7M0YuTSho-wglFQWPhkPqbqIWMsIO--rXVdUs1vjhHtKijlkBwiuHBf7uLBomJ_90BsiUrkX96clHa95feBcVu5h7iUyKMhfmozqx-Ay2axc7wexvWmvbGKS-sDmVkbGerAiX8BIna3EFM71VbVPF7b1E_jxBXg78S0uZEBgqvE3bNLiDv7ucn7F1CG4TwE-o8E9SmiMDblDyfxGgIDwiYbAa0TG8O7ioeXtqOrzjSZJv_8B3d6H1jt_wsOPVydnQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK b2JzZXJ2ZXIuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
460 B 192ms
34ms XHR
application/json 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/b2JzZXJ2ZXIuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 07:08:03 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=765
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 3f2c061a891278885dcdf291bc192f40
Content-Length: 15
Expires: Thu, 05 Jan 2023 07:20:48 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 128ms
127ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 04 Feb 2023 07:08:03 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame BE20 89 KB
12 KB 47ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hr7pftr3y4j8dww89qkaty1r22ax876drdy48j4ngkbw11bhb7e1kaveybyrsk0zwvxnva2ecdqt6xe89kn0b5bm6h528cfnk2zack0cd2hfzq542dvq9qej24jd4kdvg14w992ebtpqcq1wm7ncayk7w1ebe2743cq2wtamgnbxgccp6ezpcxbxxg78tnhdy6nb1t32r2vv90ynvj8pz7daqpdxj5gxd59ysbd55yay6y2pxevdh9at1he6ntzdabq26atzd3fg3hwd8zg5ew22q92qm3d3tjq8m963htag2ssn36g6zk4nqjn4s21xr7s5f8bcshgx2311ph3ey69jpm6yw70x9ahgz81psq8ngqew0qnmyz4ggnnwyaf0q7x2tzy81nr2gw7tg48j6gqfvz15d21ct2tnwcat1m301g7peezxrqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%26client%3Dca-pub-3998824402121602%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hr7pftr3y4j8dww89qkaty1r22ax876drdy48j4ngkbw11bhb7e1kaveybyrsk0zwvxnva2ecdqt6xe89kn0b5bm6h528cfnk2zack0cd2hfzq542dvq9qej24jd4kdvg14w992ebtpqcq1wm7ncayk7w1ebe2743cq2wtamgnbxgccp6ezpcxbxxg78tnhdy6nb1t32r2vv90ynvj8pz7daqpdxj5gxd59ysbd55yay6y2pxevdh9at1he6ntzdabq26atzd3fg3hwd8zg5ew22q92qm3d3tjq8m963htag2ssn36g6zk4nqjn4s21xr7s5f8bcshgx2311ph3ey69jpm6yw70x9ahgz81psq8ngqew0qnmyz4ggnnwyaf0q7x2tzy81nr2gw7tg48j6gqfvz15d21ct2tnwcat1m301g7peezxrqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%26client%3Dca-pub-3998824402121602%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 757247
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIk7mp4xByQ%2BzcQbVpQBbcMhNGyN2e0O%2F0lstnfHKu60Zr2H0YhzvBwZBlAKpiE%2BLWcio7W%2FfOqoV0wh%2BJlQumf%2FJDTv0TZ7Yyw0Ji3TvXZoo%2BYeDG5pS5pI5qBveUdoZuk0vuSXMpk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784a6169ef39f0db-CDG
expires: Thu, 05 Jan 2023 08:08:03 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame BE20 35 KB
12 KB 41ms
28ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hr7pftr3y4j8dww89qkaty1r22ax876drdy48j4ngkbw11bhb7e1kaveybyrsk0zwvxnva2ecdqt6xe89kn0b5bm6h528cfnk2zack0cd2hfzq542dvq9qej24jd4kdvg14w992ebtpqcq1wm7ncayk7w1ebe2743cq2wtamgnbxgccp6ezpcxbxxg78tnhdy6nb1t32r2vv90ynvj8pz7daqpdxj5gxd59ysbd55yay6y2pxevdh9at1he6ntzdabq26atzd3fg3hwd8zg5ew22q92qm3d3tjq8m963htag2ssn36g6zk4nqjn4s21xr7s5f8bcshgx2311ph3ey69jpm6yw70x9ahgz81psq8ngqew0qnmyz4ggnnwyaf0q7x2tzy81nr2gw7tg48j6gqfvz15d21ct2tnwcat1m301g7peezxrqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%26client%3Dca-pub-3998824402121602%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 175781
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INiV0iIeqsArVd7tacOa8V9IOxklCtwydXj%2ByJvtJdFNY2HHA9%2Bd7rgJ8K%2B4yqZtH0K1UFFxcKyk47vLXJx6cDlhrkqJHAC5%2FKlD%2FEKmEpaOxumlwBLjya%2BQ3eX3VYSo0xjcqIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 784a6169ddd9f128-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 06:18:12 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 237 KB
75 KB 94ms
43ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73f13559aa4d1dca01c01f351e15bbc25f1a596078e69b7a9d1508cc6c6f72d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76714
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Jan 2023 07:08:03 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2074
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

92ms
37ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H3
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 Jan 2023 07:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
1 KB 486ms
147ms Script
text/javascript 54.156.218.215

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.218.215 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: afc1482b1afbe5447756bbe09167c10d43dc07218abb53efa5bac45bd2465d26

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
server: nginx/1.12.1
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 784
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7720
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

72ms
47ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H3
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 Jan 2023 07:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 main_e2d6c32b895aee0a3860d165f6afbb7b.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 379 KB
73 KB 74ms
19ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/4256/i.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ae4ebf47a893af26c9f146af0f337b50b181a99d0aaf217caa42b287e75d42b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 17:20:04 GMT
content-encoding: br
age: 1864079
x-guploader-uploadid: ADPycdvr0pr-7ngNW4eWqYf1w-0vZxQzje-kfqwcbeY0GN0fUVBTfItVikki4dCIZtsQSmoO8A9SbR7PrRjSO0IPP5XqYA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75123
last-modified: Wed, 14 Dec 2022 17:19:50 GMT
server: UploadServer
etag: "ae0c630651f2edbbfaf49175a5cc0715"
x-goog-generation: 1671038390377872
x-goog-hash: crc32c=tKYxog==, md5=rgxjBlHy7bv69JF1pcwHFQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 75123
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 14 Dec 2023 17:20:04 GMT

GET
H3 200 14639448589242826962
tpc.googlesyndication.com/simgad/ Frame 7720 20 KB
20 KB 30ms
30ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14639448589242826962?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmcXi1Owguvn7F0dHCCVkYY2ocDaQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d2ef2eebc186ae00f2af8692690d8c9dd71ccb8bef917bcf1957d4a1860bd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 22:45:45 GMT
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20413
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 12:44:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Dec 2023 22:45:45 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7720 2 KB
2 KB 32ms
32ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 77290
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Jan 2023 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7720 295 B
319 B 35ms
35ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:35:33 GMT
x-content-type-options: nosniff
server: cafe
age: 37950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Jan 2023 20:35:33 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 29 KB
11 KB 423ms
330ms Script
text/javascript 146.75.122.132

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fobserver.com%2F2022%2F12%2Ftwitter-suspends-elonjet-the-account-tracking-musks-private-flights%2F&idx=0&rand=15688&key=NANOWDGT01&widgetJSId=SB_1&va=true&et=true&format=html&adblck=false&abwl=false&px=970&py=655&vpd=0&cw=315&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=201033&sig=82738376&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&pmtseg=28393%2C38871%2C38883%2C38884%2C38885%2C38886&chs=1&ogn=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2901621d0cec44e2a77021e71c914f32206f412bebf2813b96febb8c8102ff9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, CHI, HHN, Europe2
x-timer: S1672902484.844347,VS0,VE309
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-chi-kigq8000133-CHI, cache-hhn-etou8220028-HHN
x-traceid: 7e3ab895802466a1ad85b7167cc70df4
accept-ranges: bytes
content-length: 10442
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 130ms
23ms XHR
application/json 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1672902483753&sessionId=03eba5a5-4a09-d95c-1aa5-5494cf2759ef&url=observer.com&cheqSource=1&cheqEvent=3&responseTime=288
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 07:08:03 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: d4889dec0265ec2acd4c4a3fb03c12ab
Content-Length: 4
Expires: 0

GET
H2 200 app.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 5 KB
2 KB 20ms
19ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/app.js?ver=1.8.6

Requested by

Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7b56af893358318f9825834c44e15ba72af5dd08fda34a56c0bd7b6ef1d9f355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
x-rq: cdg2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 22:07:30 GMT
server: nginx
age: 92786
etag: W/"63926022-15f6"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1698
expires: Fri, 05 Jan 2024 07:08:03 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame BE20 3 KB
4 KB 81ms
27ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1291
x-guploader-uploadid: ADPycdvuf-G1KID1gkOkM-g2aJQOCL2viarMyjcOegz_B5dhIE0orE4Bm68NYO2LrAFlD-l4buI6hLfkiI43xVG_fC7Lmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=va%2FB6YcVV%2FT52WsdJE9YKxko9c9hZHFotkL%2Ba10TtgG4z2XIiFwFXuvl0exRnDzcEAbgRtYHBYJsyA1rOMMwIusciBiyb%2F2wAnLgkq35yazJL54TX0wNlZ0WI%2FJ06VOTB1DR1wXz%2FUiUMMg%2Bz15UWrBv"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 784a616c0bd72a6b-CDG
expires: Thu, 05 Jan 2023 07:40:09 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2509 35 B
463 B 93ms
26ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEQB-I4cfcNZw2ULjsoT7mc&google_cver=1&google_push=AavPq0NFEnLlraQ1d8dyC1MNfuNFyPmzRFjD33-ydTH5pJGeaDKQkBzq5jx7lGTwNo12HRwrKGwXJySzX_907WuU0gnTfOFuZJxm

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2509
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHGhUygqQHsGD8sRNgVGkjk&google_cver=1&google_push=AavPq0OZ0m_pIkMCDxnotxP2RjdN2308--TgaMNjJsmagOD1M9I8s6TefEWRMRHlMh_V7C5oHBD5YljmWS1...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OZ0m_pIkMCDxnotxP2RjdN2308--TgaMNjJsmagOD1M9I8s6TefEWRMRHlMh_V7C5oHBD5YljmWS11NTWnANiZ1Mxa0r3v&google_hm=r_a5UFgpR721BTf_e4r9AmM

170 B
188 B

85ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OZ0m_pIkMCDxnotxP2RjdN2308--TgaMNjJsmagOD1M9I8s6TefEWRMRHlMh_V7C5oHBD5YljmWS11NTWnANiZ1Mxa0r3v&google_hm=r_a5UFgpR721BTf_e4r9AmM

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:02 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OZ0m_pIkMCDxnotxP2RjdN2308--TgaMNjJsmagOD1M9I8s6TefEWRMRHlMh_V7C5oHBD5YljmWS11NTWnANiZ1Mxa0r3v&google_hm=r_a5UFgpR721BTf_e4r9AmM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2509
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECIaDm0nO6d8ll9iyHzStUs&google_cver=1&google_push=AavPq0P3NDlNGsJ0ov8msyoWkvV_D0xvyJ0yVdJ1FDqaHkhugW9jpSWE74NfX43bKe34M8AVoxBFFSTHux6pY6n1...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GuBMcl7HS1GNGprth1Sgfw2&google_push=AavPq0P3NDlNGsJ0ov8msyoWkvV_D0xvyJ0yVdJ1FDqaHkhugW9jpSWE74NfX43bKe34M8AVoxBFFSTHux6pY6n1rsazmbtqNSIO

170 B
188 B

88ms
36ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GuBMcl7HS1GNGprth1Sgfw2&google_push=AavPq0P3NDlNGsJ0ov8msyoWkvV_D0xvyJ0yVdJ1FDqaHkhugW9jpSWE74NfX43bKe34M8AVoxBFFSTHux6pY6n1rsazmbtqNSIO

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 07:08:03 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GuBMcl7HS1GNGprth1Sgfw2&google_push=AavPq0P3NDlNGsJ0ov8msyoWkvV_D0xvyJ0yVdJ1FDqaHkhugW9jpSWE74NfX43bKe34M8AVoxBFFSTHux6pY6n1rsazmbtqNSIO
x-host: tde-deliveryengine-production-769c9db745-qj8jq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2509
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDnaURiVu4eO-BiVCyW5p2c&google_cver=1&google_push=AavPq0PTV7fBxpT-ikGktPOrxO6shzqxlmbz6Wni9Qnn9VnaiugXVY5rveyY4MvwWyOzv5AQD2vxtJsEHPjHWTAurWdx...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDnaURiVu4eO-BiVCyW5p2c&google_cver=1&google_push=AavPq0PTV7fBxpT-ikGktPOrxO6shzqxlmbz6Wni9Qnn9VnaiugXVY5rveyY4MvwWyOzv5AQD2vxtJsEHPjHWT...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PTV7fBxpT-ikGktPOrxO6shzqxlmbz6Wni9Qnn9VnaiugXVY5rveyY4MvwWyOzv5AQD2vxtJsEHPjHWTAurWdxuLBggTMr&google_hm=N_nwgVgtTLKsaceFcNREsQ==

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PTV7fBxpT-ikGktPOrxO6shzqxlmbz6Wni9Qnn9VnaiugXVY5rveyY4MvwWyOzv5AQD2vxtJsEHPjHWTAurWdxuLBggTMr&google_hm=N_nwgVgtTLKsaceFcNREsQ==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PTV7fBxpT-ikGktPOrxO6shzqxlmbz6Wni9Qnn9VnaiugXVY5rveyY4MvwWyOzv5AQD2vxtJsEHPjHWTAurWdxuLBggTMr&google_hm=N_nwgVgtTLKsaceFcNREsQ==
date: Thu, 05 Jan 2023 07:08:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2509
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJrnzxZZJbP-LyK3nYPzaXE&google_cver=1&google_push=AavPq0OhZX1-B0Iv5EVvrOAnS_EZeHjOprFj4nC8R99XepLm8zMR-eGIPQ2SAml5Aro_DHVPWnj...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJUVkxVFAtNy04T0Fa&google_push=AavPq0OhZX1-B0Iv5EVvrOAnS_EZeHjOprFj4nC8R99XepLm8zMR-eGIPQ2SAml5Aro_DHVPWnjmhL_QHtmR6AXL3aYwVif1xN07

170 B
188 B

84ms
36ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJUVkxVFAtNy04T0Fa&google_push=AavPq0OhZX1-B0Iv5EVvrOAnS_EZeHjOprFj4nC8R99XepLm8zMR-eGIPQ2SAml5Aro_DHVPWnjmhL_QHtmR6AXL3aYwVif1xN07

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJUVkxVFAtNy04T0Fa&google_push=AavPq0OhZX1-B0Iv5EVvrOAnS_EZeHjOprFj4nC8R99XepLm8zMR-eGIPQ2SAml5Aro_DHVPWnjmhL_QHtmR6AXL3aYwVif1xN07
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2509
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MhG6UvYPhEmw-TZKjJxbME-M6CUtUgmhFaEofEINfG_4JB4xgd-AxbTmtS_Yl2IFvgjhSUyD1pfvvscE4bea8bA7c2ZT4&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-d3de2b2b-1ebf-4bcd-82bf-174e0a4dfa40-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MhG6UvYPhEmw-TZKjJx...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MhG6UvYPhEmw-TZKjJxbME-M6CUtUgmhFaEofEINfG_4JB4xgd-AxbTmtS_Yl2IFvgjhSUyD1pfvvscE4bea8bA7c2ZT4&google_hm=A9PeKysev0vNgr8XTgpN-kA

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MhG6UvYPhEmw-TZKjJxbME-M6CUtUgmhFaEofEINfG_4JB4xgd-AxbTmtS_Yl2IFvgjhSUyD1pfvvscE4bea8bA7c2ZT4&google_hm=A9PeKysev0vNgr8XTgpN-kA

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MhG6UvYPhEmw-TZKjJxbME-M6CUtUgmhFaEofEINfG_4JB4xgd-AxbTmtS_Yl2IFvgjhSUyD1pfvvscE4bea8bA7c2ZT4&google_hm=A9PeKysev0vNgr8XTgpN-kA
date: Thu, 05 Jan 2023 07:08:04 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXd3de2b2b1ebf4bcd82bf174e0a4dfa40003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2509
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMRXHzRxEBba90yNCvz_Cg&google_cver=1&google_push=AavPq0Pf0LT2hNqS3SL7w51r8d7vx5gnwW3d0XykNDN9v3_T0amL_QVvVJYlWv3-1dRUAYQRhA...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMRXHzRxEBba90yNCvz_Cg&google_cver=1&google_push=AavPq0Pf0LT2hNqS3SL7w51r8d7vx5gnwW3d0XykNDN9v3_T0amL_QVvVJYlWv3-1dRUAYQRhA...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SWTJwZkQxRTJ1RnpsWlNNV0l5Rm1rWVVTTk1wRk5Tbn5B&google_push=AavPq0Pf0LT2hNqS3SL7w51r8d7vx5gnwW3d0XykNDN9v3_T0amL_QVvV...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SWTJwZkQxRTJ1RnpsWlNNV0l5Rm1rWVVTTk1wRk5Tbn5B&google_push=AavPq0Pf0LT2hNqS3SL7w51r8d7vx5gnwW3d0XykNDN9v3_T0amL_QVvVJYlWv3-1dRUAYQRhAs2Glzd1W6-YSeP3izRSaxIOfES

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SWTJwZkQxRTJ1RnpsWlNNV0l5Rm1rWVVTTk1wRk5Tbn5B&google_push=AavPq0Pf0LT2hNqS3SL7w51r8d7vx5gnwW3d0XykNDN9v3_T0amL_QVvVJYlWv3-1dRUAYQRhAs2Glzd1W6-YSeP3izRSaxIOfES
date: Thu, 05 Jan 2023 07:08:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2509 0
232 B 104ms
32ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQVes-z9azt0HF45vfOkkboqBTdRHOsPSsHiz3qJ5MjD4vg_Bm4v8lF1tamcmPlJ79asZqYQ

Requested by

Host: 585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
URL: https://585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 frame.html Show response
ad4m.at/ Frame BE8F 2 KB
1 KB 26ms
26ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1817520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 784a616c19e2f0db-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 07:08:03 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSoGbZcdgWCoN6dQSHOevx84aUsswBLv3K0Os6fi0ly%2Ft5J83093eSF6Pvs19MpaICe5sUtxzqp0nUMVG2AgX86NahCW9BPf8lpMBiDQpbBwPQ8gqUEHY5TcKlR%2BoAazgNoNwtM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 48ms
28ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 12 Jan 2023 07:08:03 GMT

GET
H2 200 85704X1538064.skimlinks.js Show response
s.skimresources.com/js/ 57 KB
21 KB 69ms
20ms Script
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 504a8ff0f91e885287cdefd108c22f4d5713a3877b39df516d811f87281799e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
content-encoding: gzip
x-sp-metadata: HS256.COOK2p0GEocBCiRhMWE3MmU2Ny0wNGMxLTQxYTUtOTZmYi00MWZlNThkYTIyNmQQsNrb5pK18AIaBgjT7tmdBiIMMzcuNTkuMTY0Ljk5KJqEAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOTRhNDNhMzUtNTAzZi00ZWM3LTk5MGMtOTZmMjM2OWJmMDEyGLOmASIYCAISFGNkczA0Ny5wYTEuaHdjZG4ubmV0.GZ1BJkefraUztrWeLxGB/7sq27AuHyDOim9V3OfVeAU=
last-modified: Mon, 12 Dec 2022 13:41:27 GMT
server: AmazonS3
x-amz-request-id: T5SS8GZHN6KTJ2N1
etag: "3857032ea109471d41d5a23ac04dccdc"
x-hw: 1672902483.cds203.pa1.hn,1672902483.cds047.pa1.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 21299
x-amz-id-2: XbAZzV4e4K19knQG6tXCWLaOlWNx+i49UijML3U8bl1hbmcG+Ulxm6MpVhQP8Q1a1wfApSy0RG4=

GET
H3 200 832096553515722 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 26ms
25ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/832096553515722?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84128228243898ae548dda8391f89a3fbc87d77ca056fd9ec3aeb4a4e8b6f954

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 07:08:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85938
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gVwDPg5cOeofaNb8CpyRQ3viF+Xij2PGxpFXcQXtX9JB5hrmG6JmBdaphv1ukkptMH2BYoHyqsZfZ4c0AFBPEw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 24ms
24ms Script
application/javascript 13.225.78.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-42.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:42:45 GMT
content-encoding: gzip
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 41200
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: c7Cvl8nQk9EtQOgMz4LYEfiXznq5hOHoDdziYlIGaR1q9j0HQsgC1g==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 38ms
38ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Jan 2023 07:18:34 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 06:27:16 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2447
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 08:27:16 GMT

GET
H3 200 onsite_d77202ee63f46daf80998ccf300f48a4.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 161 KB
34 KB 24ms
24ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_d77202ee63f46daf80998ccf300f48a4.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 97cee0b4094231f93a768249e8a3b8b084bf9ada186680f9f5d9dd7fdc1cbc52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 19:36:17 GMT
content-encoding: br
age: 2028706
x-guploader-uploadid: ADPycdvrxqcvPF05KfLP-zRCcmxqNQ_ejODBw4Bx-l-q6SyFbvL3vmFtaR95H7xSoghGlShstH3EpepxFxP4ZjKpDwQlw2lcayE9
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34874
last-modified: Mon, 12 Dec 2022 19:36:01 GMT
server: UploadServer
etag: "a9ed059d293c786c02fb0f9ca25c4f12"
x-goog-generation: 1670873761420375
x-goog-hash: crc32c=OPCM4A==, md5=qe0FnSk8eGwC+w+colxPEg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 34874
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 12 Dec 2023 19:36:17 GMT

GET
H3 200 ads_12036d8507211f5a6513c50cdcd2188e.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 370 KB
69 KB 19ms
19ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads_12036d8507211f5a6513c50cdcd2188e.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7f1b16eaedbed2350b3f7f27dff10f5fbbce59bcd490b57f553dc638e0999143

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 17:20:12 GMT
content-encoding: br
age: 1864071
x-guploader-uploadid: ADPycdtttRVdoohw0xxfVipOdjb-c5dzKflJNsuQs-Lt1DgKjU9kfpsUO0-TkJU5N2-Wg5_LCCOkaL1yRwb32NYSVDfqWZNk8Ji8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70338
last-modified: Wed, 14 Dec 2022 17:19:41 GMT
server: UploadServer
etag: "619c57a9563094b124e4bd07c0f57b65"
x-goog-generation: 1671038381010085
x-goog-hash: crc32c=TosGwQ==, md5=YZxXqVYwlLEk5L0HwPV7ZQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 70338
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 14 Dec 2023 17:20:12 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
282 B 23ms
23ms Image
text/plain 13.225.78.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=13507040&cs_it=b3&cv=3.8.0.210223&ns__t=1672902483965&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&c8=Wang%20Jian%2C%20Founder%20of%20Chinese%20Conglomerate%20HNA%2C%20Dies%20in%20Accident%20%7C%20Observer&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-42.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:03 GMT
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: uszfJ9dzgZk_4lhzT3rbpjES6tqTBygKqzfeSXeluJAV23pcCqvIlg==
x-cache: Miss from cloudfront

GET
H2 200 rules-p-UtaLhd9K6h6Mf.js Show response
rules.quantcount.com/ 160 B
643 B 87ms
26ms Script
application/javascript 2600:9000:211e:c600:6:44e3:f8c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UtaLhd9K6h6Mf.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c600:6:44e3:f8c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3afad7944608ccb8f39bb022444e73be0d7d2bc03ade1aebd436d17c3c2eefc4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:14:19 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3226
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:57:38 GMT
server: AmazonS3
etag: "5e639fe6c85b0bcfca5ebb1b7d3b3dec"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 9pBNIkCGielMdnBMlVeUCiobVERpb-ZYIabqC1rb9GZFWpCKidX4lQ==

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
58ms Ping
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 67ms
23ms XHR
text/plain 2a00:1450:400c:c00::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1212249-1&cid=1312069016.1672902480&jid=1213850290&uid=1312069016.1672902480&gjid=1306967528&_gid=856522732.1672902480&_u=aCDAgUAjQAAAAEAEK~&z=1427294625

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 07:08:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 58ms
58ms Ping
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 25ms
25ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=832096553515722&ev=PageView&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&rl=&if=false&ts=1672902483987&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672902480104.946459948&it=1672902479945&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 07:08:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 48D0 0
134 B 72ms
24ms Image
text/plain 35.201.67.47

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.13350088577908337
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 -, , ASN (),
Reverse DNS
Software: Python/3.10 aiohttp/3.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
via: 1.1 google
server: Python/3.10 aiohttp/3.8.3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 447ms
24ms Image
image/gif 35.190.91.160

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=1.875904516847518
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 -, , ASN (),
Reverse DNS
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 05 Jan 2023 07:08:04 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 447ms
25ms Image
image/gif 35.190.91.160

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=1.875904516847518
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 -, , ASN (),
Reverse DNS
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 05 Jan 2023 07:08:04 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
59ms Ping
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 204 B
391 B 69ms
25ms XHR
application/json 35.190.59.101

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 -, , ASN (),

Reverse DNS

Software

openresty/1.19.9.1 /

Resource Hash

068dd13bdcabf49a419a4e25758e45e08b18d861fed8370ca4c59bd014a84b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 81ms
30ms Script
application/javascript 2606:4700::6810:9440

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QpLkTroHlqrE0LequA2uwg==
age: 17876
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Wed, 04 Jan 2023 21:21:46 GMT
server: cloudflare
etag: 0x8DAEE99AF43D116
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9e12c7f5-201e-014e-589a-205b56000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 784a616daed02a38-CDG

GET
H2 200 3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Show response
cdn.permutive.com/ 364 KB
104 KB 75ms
37ms Script
application/javascript 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Requested by: Host: observer.com
URL: https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fde7a3a5556ecd9f17ccaa6113192b9d57ca0293b32124fdb2aa5d062b55ec2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d
age: 1743
x-guploader-uploadid: ADPycduuWvRU_vFx-rAK4NBsSHNCiMf4rwigxx9SIYCh1PovnL999uzZ1qOh5x1FEAIeoTzqsmF633ZYTkZQMTRk4S3Hbw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Thu, 22 Dec 2022 17:49:16 GMT
server: cloudflare
etag: W/"d72b24f7b0d844a84d348cfc79435651"
vary: Accept-Encoding
x-goog-generation: 1671731356649358
content-type: application/javascript
x-goog-hash: crc32c=5z6mag==, md5=1ysk97DYRKhNNIz8eUNWUQ==
cache-control: public, max-age=900
x-goog-stored-content-length: 110068
cf-ray: 784a616d9e4ad70e-CDG
expires: Thu, 05 Jan 2023 07:23:04 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 37ms
36ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1212249-1&cid=1312069016.1672902480&jid=1213850290&_u=aCDAgUAjQAAAAEAEK~&z=615509880

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
501 B 94ms
36ms Image
image/gif 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1212249-1&cid=1312069016.1672902480&jid=1213850290&_u=aCDAgUAjQAAAAEAEK~&z=615509880

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 144D 2 KB
1 KB 20ms
20ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://observer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 2028714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 1073
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 19:36:10 GMT
etag: "c239a293dfea14703fb99e60bd432212"
expires: Tue, 12 Dec 2023 19:36:10 GMT
last-modified: Mon, 12 Dec 2022 19:35:33 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1670873733378183
x-goog-hash: crc32c=P+3Itg== md5=wjmik9/qFHA/uZ5gvUMiEg==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1073
x-guploader-uploadid: ADPycduvFonm2y34nMGtU41k9gPZeQwBS3-rRkhCo6uKqJODLuD3OhFcRFF7XPGerYDxJ9OAB0Ej_tSSwLPUfjHNNx5xQkxM13FE

POST
H3 200 rs Show response
ad4m.at/ Frame BE20 2 KB
2 KB 38ms
37ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 750d1d2daaa3d8dbfd63a48981545c62704e1e46514a9f3e10561b9f25f27950

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iW4XwUM1qAmxt2WvxaFgZCPL%2BD6eV%2FT6bTKCzdu6U4Kh%2Fko%2Fbf9tqjT%2BRhwbrwenCsF16AgJoF%2FrAjIPVGR3djUrQIsISU2Tgdn0vyL4ut0lYAZ6rJPxEYqfXNHPYY0C%2FVKp4zM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 784a616dea56d626-CDG
x-backend-server: aa-reachservice-group-europe-west1-3b3l
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 57ms
36ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 784a616daa1dd626-CDG
content-length: 24
content-type: text/plain
date: Thu, 05 Jan 2023 07:08:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFxQA6ulpJ5DzY6Twnxvz6XwVTPoxQypVphRMTlaQVmTOKZasDE26huCC258%2Bj1BVXOkxBIyPus6QKSle3VjyeKirQ413myS7ke2dYz8AbnvRKkS0Ff1vkk%2FlP0J3%2B0ag7JWCro%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tbx2

GET
H2 200 pixel;r=1055496423;source=gtm;rf=0;a=p-UtaLhd9K6h6Mf;url=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F;uht=2;fpan=1;fpa=P0-1905651822-1672902483968;pbc=;ns=0;ce...
pixel.quantserve.com/ 35 B
210 B 36ms
26ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1055496423;source=gtm;rf=0;a=p-UtaLhd9K6h6Mf;url=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F;uht=2;fpan=1;fpa=P0-1905651822-1672902483968;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=observer.com;dst=0;et=1672902484088;tzo=0;ogl=type.article%2Ctitle.Founder%20of%20HNA%252C%20China%E2%80%99s%20Largest%20Owner%20of%20US%20Properties%252C%20Dies%20After%20Tragic%20Fall%2Curl.https%3A%2F%2Fobserver%252Ecom%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F%2Cdescription.The%20surprising%20news%20inspired%20some%20conspiracists%20to%20draw%20connections%20between%20Wang%2Csite_name.Observer%2Cimage.https%3A%2F%2Fobserver%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F2%2F2018%2F07%2Fscreen-shot-2018-07-05-a%2Cimage%3Awidth.621%2Cimage%3Aheight.468%2Cimage%3Aalt.HNA%20owns%20a%20significant%20share%20in%20Hilton%252E%2Clocale.en_US;ses=ec21604a-0d71-4b91-adde-35d7327c804c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 102ms
102ms Image
image/gif 54.156.218.215

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=582118&ntv_pl=1092089
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.218.215 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 103ms
103ms Image
image/gif 54.156.218.215

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=91676ce8-d149-469b-bd67-645fb5ed6b40&ntv_fl=ReJsDvqugQ6wwaOTjEXVDMgprKGfebqecTvavPd7h3B3qQQbftgFS-tcsah6i1FyOT2T70vMv90o9KspPVri1i0OnEp-ZQP3JVOXVJZAkrmhIhnyye2Ig_jnzVEzYfGKcGtNq8BTd7gkITqXy4JcthcKsZJS7XjV6MiMuTkWYrW6UA4Ng3XruQ2mMK-UkLAYfLP_fB6vip1Dth7hMe77rqndSUkRHvSX9C6UteYbDPCAecx3dO925O0m6UWMXjGF&ntv_ht=VHe2YwA&ntv_at=303,302&ntv_a=AAAAAAAAAA-akQA&ord=1672902484092&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.218.215 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 102ms
102ms Image
image/gif 54.156.218.215

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092089&ntv_gdpr_consent=&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.218.215 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
342 B 364ms
43ms Script
text/html 34.111.8.32

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=420&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2AJgE4AGUgFgA4b98BmTYALxCkswHcBTAEY5UwfgH1UAEyg1SAVkKYATvxwgANnDQYChSpQAe+UgZX8Y-ZauVRsAQw0bUCAObi4yjVAAWwYAAOOACkzACCwaQAYpFRIMJWAG5WAHRIIAC2sab4dLGUxLG89m4AtGCoJaU+CPalMCCIUlalUqhqpcDK9q6oSPWOGrGYiagiwOLpIADW7VDBxABCkaQaASuhEaSkfoEhCuGR8tFH0fE4SanpWQrROXm3UQWnUcVlFVU1dQ1NLW0dXR6fQGTheG1IAGEVsoNodthtiAARbAgGZzBbLJEotESUAgcQaezKVz8WCOC6YQQBbiYfiBKAAbQAupgAsA8CiMgFnCUkBIYITXHZEj57FAgA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 14
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

POST
H3 200 link Show response
t.skimresources.com/api/v2/ 22 B
44 B 46ms
26ms XHR
application/javascript 35.201.67.47

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.201.67.47 -, , ASN (),

Reverse DNS

Software

Python/3.10 aiohttp/3.8.3 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.3
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://observer.com
warning: 299 - "Deprecated API"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 api Show response
ls.skimresources.com/ 2 B
22 B 47ms
27ms XHR
application/json 34.120.117.212

General

Check archive.org

Show headers Download Go to

Full URL

https://ls.skimresources.com/api

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.117.212 -, , ASN (),

Reverse DNS

Software

Python/3.8 aiohttp/3.7.4.post0 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.8 aiohttp/3.7.4.post0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 / Show response
r.skimresources.com/api/ 176 B
165 B 45ms
24ms XHR
application/json 35.190.59.101

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.59.101 -, , ASN (),

Reverse DNS

Software

openresty/1.19.9.1 /

Resource Hash

606c9152b845782b1dd6a36c7196ec38ba48171b2bc60671e9d49ab636945718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json Show response
cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/ 3 KB
2 KB 63ms
27ms XHR
application/x-javascript 2606:4700::6810:9440

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc8f8f131774a8405d79658e64366f7044e6f439cfccaf977aecf0deb4c052e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0CCuNb2oi4MBXRI3Igqd4w==
age: 85002
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1135
x-ms-lease-status: unlocked
last-modified: Thu, 12 Nov 2020 16:47:25 GMT
server: cloudflare
etag: 0x8D8872AA28370D2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4110e03d-901e-017e-4d15-b6017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 784a616e2feef8cd-CDG
expires: Fri, 06 Jan 2023 07:08:04 GMT

OPTIONS
H2 206 api
ls.skimresources.com/ Frame 0
0 327ms
25ms Preflight
text/plain 34.120.117.212

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.skimresources.com/api
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.117.212 -, , ASN (),
Reverse DNS
Software: Python/3.8 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://observer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://observer.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 05 Jan 2023 07:08:04 GMT
server: Python/3.8 aiohttp/3.7.4.post0
via: 1.1 google

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 30ms
30ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 893a2d1026dd5d8092e6f23638001265bf55565e7e2994e375bce0f454bb5ae8

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

POST
H3 200 watson Show response
api.permutive.com/v2.0/ 344 B
245 B 32ms
32ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 29221a1307bcd612972bf22add13eca12e48c518c0b4acf842b882a0b7783c46

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 227

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 162ms
158ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
last-modified: Wed, 04 Jan 2023 07:24:28 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1672826784.851215"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Sat, 04 Feb 2023 07:08:04 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 160ms
157ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
last-modified: Wed, 04 Jan 2023 07:24:28 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1672826763.85842"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
expires: Sat, 04 Feb 2023 07:08:04 GMT

GET l
mcdp-chidc2.outbrain.com/ 0
0

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 86ms
25ms Script
text/javascript 2600:9000:21f3:dc00:1a:ba5c:3900:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:dc00:1a:ba5c:3900:93a1 -, , ASN (),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:10:44 GMT
content-encoding: gzip
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA2-C2
age: 21440
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: jXTBlD_flyvLZbJN7xK0F9aDBiy-ZjWj-5MykY-0s88PVYPEyjIXcA==
expires: Thu, 05 Jan 2023 13:10:44 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 13 KB
4 KB 177ms
176ms Script
text/javascript 146.75.122.132

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fobserver.com%2F2022%2F12%2Ftwitter-suspends-elonjet-the-account-tracking-musks-private-flights%2F&idx=1&rand=7764&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&t=NDFhNmVmNDJiMzI3Y2NmMmYyOWJlYTdhNzkzNjg0OWM=&adblck=false&abwl=false&clid=03eba5a5-4a09-d95c-1aa5-5494cf2759ef&fdu=observer.com&px=315&py=4247&vpd=3047&cw=970&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=201033&sig=82738376&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&pmtseg=28393%2C38871%2C38883%2C38884%2C38885%2C38886&chs=1&ogn=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48ccf4848daab48169b24df54845014bb9f7182aafd4c4ed38a525005cd3e1b7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, CHI, HHN, Europe2
x-timer: S1672902484.477420,VS0,VE155
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-chi-kigq8000179-CHI, cache-hhn-etou8220028-HHN
x-traceid: a4f85bc40581ffb87e7fc42ae1ef97ef
accept-ranges: bytes
content-length: 4148
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6ImEzMzBkNmI4MjJhYTZkMDkwMGI4NDZhYmM0ZmIyODA4MTFmMTM1OWRhZjQ0YjllMTQ0ODZmODFlODhkYmQ4NmUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 10 KB
10 KB 196ms
51ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImEzMzBkNmI4MjJhYTZkMDkwMGI4NDZhYmM0ZmIyODA4MTFmMTM1OWRhZjQ0YjllMTQ0ODZmODFlODhkYmQ4NmUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0926ec66fd43f36c02da0b10d44805feed7b54dd4d41005dcfb60b4ac45fdc6b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
last-modified: Sat, 03 Dec 2022 17:49:35 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1768500
access-control-allow-credentials: false
x-traceid: 059a95fb00da4463b0a42218c2d3d06f
timing-allow-origin: *, *
content-length: 10152

GET
H2 200 eyJpdSI6ImNiNDBlM2U4YjNjNDBjMDE2NmFiMjgxZDRiNzQ1MTg0NTgyMzY2MmE0OGVkZTc1MTg4MGIyMmY1MmUzMjJiZDIiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 7 KB
7 KB 257ms
112ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNiNDBlM2U4YjNjNDBjMDE2NmFiMjgxZDRiNzQ1MTg0NTgyMzY2MmE0OGVkZTc1MTg4MGIyMmY1MmUzMjJiZDIiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8ddf5e1b668d93e4b98d18cd27d44cb042f7bf258f8c8886f077f5fad920c7d1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
last-modified: Wed, 28 Dec 2022 05:30:47 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2401880
access-control-allow-credentials: false
x-traceid: 82da77fd528a08c62016078d18d8a7f2
timing-allow-origin: *, *
content-length: 6984

GET
H2 200 eyJpdSI6IjEyMDk3ZWVhMzJhNThjYzU2YjkxMWFhM2M3NDFmMjhhYTIzY2RkYzlmY2Q4OGY3MmM5MjMxODgwNTA4MDg3NDUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 7 KB
7 KB 217ms
72ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjEyMDk3ZWVhMzJhNThjYzU2YjkxMWFhM2M3NDFmMjhhYTIzY2RkYzlmY2Q4OGY3MmM5MjMxODgwNTA4MDg3NDUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 43ad2e7998814ca5a453ec2c58399889611cf75dec37922cdeeea364fbc28718

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
last-modified: Wed, 28 Dec 2022 15:43:20 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2390784
access-control-allow-credentials: false
x-traceid: 32f25a0b4c47dd7576f34dc7c3f1c393
timing-allow-origin: *, *
content-length: 6824

GET
H2 200 eyJpdSI6IjdkNjY3NmI3YzBiNTI4M2ZkZDI2NzQ2ZTY2Mjc0NThkMjhmMTgxMjY4YmI4NWVmYzFkMTNjODk1NDkwNzc3NDMiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 194ms
50ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjdkNjY3NmI3YzBiNTI4M2ZkZDI2NzQ2ZTY2Mjc0NThkMjhmMTgxMjY4YmI4NWVmYzFkMTNjODk1NDkwNzc3NDMiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 84553f02ad2ebec99a74b64ab280be9da6b6e21f8dea49106432c96cd32f692e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
last-modified: Mon, 19 Dec 2022 09:40:28 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1867275
access-control-allow-credentials: false
x-traceid: 5001fb4d40f649d9f93ba2ac652b2b52
timing-allow-origin: *, *
content-length: 7908

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BF59 9 KB
4 KB 46ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748d2a1a72ffee3318b6cc87f5e3c709e8bdfeb35988953a77c7addb2d85edd5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hr7pftr3y4j8dww89qkaty1r22ax876drdy48j4ngkbw11bhb7e1kaveybyrsk0zwvxnva2ecdqt6xe89kn0b5bm6h528cfnk2zack0cd2hfzq542dvq9qej24jd4kdvg14w992ebtpqcq1wm7ncayk7w1ebe2743cq2wtamgnbxgccp6ezpcxbxxg78tnhdy6nb1t32r2vv90ynvj8pz7daqpdxj5gxd59ysbd55yay6y2pxevdh9at1he6ntzdabq26atzd3fg3hwd8zg5ew22q92qm3d3tjq8m963htag2ssn36g6zk4nqjn4s21xr7s5f8bcshgx2311ph3ey69jpm6yw70x9ahgz81psq8ngqew0qnmyz4ggnnwyaf0q7x2tzy81nr2gw7tg48j6gqfvz15d21ct2tnwcat1m301g7peezxrqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%26client%3Dca-pub-3998824402121602%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784a61700e61f0db-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:08:04 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
BLOB 200
OK c956b0c4-19b6-44c1-b9ca-dd316962f59e
https://observer.com/ 91 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://observer.com/c956b0c4-19b6-44c1-b9ca-dd316962f59e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19bf88bf9c1719d60dc5dd3043019ab713b269d4f22eddbdb4956a2b1f672b56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 92927

GET
BLOB 200
OK 16ae9032-f5ce-47aa-b4df-4ad0680c6d21
https://observer.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://observer.com/16ae9032-f5ce-47aa-b4df-4ad0680c6d21
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f50150b93f6dfe9cf98ef5f90a291dd1d71ff3dfc1194307388d1bb018058a1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 20393

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 23ms
23ms Fetch
application/json 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=41a6ef42b327ccf2f29bea7a7936849c&pvId=41a6ef42b327ccf2f29bea7a7936849c&sid=6647468&pid=231&idx=0&wId=102&pad=4&org=0&tm=1033&eT=3&cnsnt=no_consent&wRV=201033&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 07:08:04 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3a9b7a7a0fc6c4e29d5a605ae3a74f8c
Content-Length: 4
Expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0871 0
15 B 26ms
25ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://observer.com
Referer: https://observer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://observer.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 07:08:04 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 91ms
42ms XHR
application/json 2606:4700::6812:1b55

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 784a61709e39cd7b-CDG
access-control-allow-headers: Content-Type

POST
H3 200 page Show response
t.skimresources.com/api/v2/ 22 B
43 B 33ms
32ms XHR
application/javascript 35.201.67.47

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.201.67.47 -, , ASN (),

Reverse DNS

Software

Python/3.10 aiohttp/3.8.3 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.3
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://observer.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame BF59 89 KB
11 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 757248
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXMPGeBQdebZ2W%2Fva6oougUHpBGWki05RHFXwMefo6e27pZWzy7ZdX8HwmzMplkkukzDzUf6R%2BVI499u7LbpsDl7AvtHEN8RNmImihFbGA0zNUe9kLUPPd%2Fe9xfXNA3PEP5DHGqCvpI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784a61706eccf0db-CDG
expires: Thu, 05 Jan 2023 08:08:04 GMT

GET
H2 200 682EF27803907DEF4A7D6F4B531C5FB01122583E58BF8BC265EC15F3A4ABBF24444BE11A20E609FBED3CC727EBDE003141FFE1A18109C61B0E937F051C690805
assets.ad4m.at/product_image/ Frame BF59 32 KB
33 KB 45ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/682EF27803907DEF4A7D6F4B531C5FB01122583E58BF8BC265EC15F3A4ABBF24444BE11A20E609FBED3CC727EBDE003141FFE1A18109C61B0E937F051C690805
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0a67600a8b8939e9b77975ed81760e162bbb2a8b31d1e2ccd43390c64567ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1243270
cf-polished: qual=85, origFmt=jpeg, origSize=70786
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33146
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 08:21:55 GMT
server: cloudflare
etag: "d12e82ddee56e919d3da44d0bff8d019"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYHxovZqvrbYdDYBTMbOcF1QeWAyathLxFhdi5oj%2BaRM51s3p1U%2BCha4l7Wq6pQ6ExUveX%2Fi7yTg0FsM50SLguH3fiUstswYvOwKpiKjeRYbo4hxCx1290Y3FNCJwITQ9PHKEo3w69OVXSxC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a61707c7ef128-CDG
expires: Fri, 06 Jan 2023 07:08:04 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame BF59 43 B
2 KB 112ms
38ms Image
image/gif 95.131.136.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.metaffiliation.com/trk.php?taff=P511C7956C863199&argsite=oneidE1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.136.1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 07:08:04 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.01100492477417
Connection: close
X-TRK-PROC: 72825
Pragma: no-cache
X-TRK-SRV: 3
Server: nginx
Last-Modified: Thu, 05 Jan 2023 07:08:04 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame BF59 14 KB
15 KB 45ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1603396
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fz1TFxP8qFlhLXg5DpF9g1E1C89JSxdx9rMsOMusnuilLZKOFcB%2BEmRqQACcKZns5HqCogP8Ry%2BzOA6d%2FrihtQXXEmhpZsi6nyl7qTf42xX90kYMA51j2OurIWxAtG88nJs4HFfgypkbQ3Cu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a61708c8cf128-CDG
expires: Fri, 06 Jan 2023 07:08:04 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame BF59 274 KB
275 KB 29ms
28ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2596373
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMMt7tk1R73nOXeB1cq9ELK0hPXmxo6lyZPA4uqGpHKHNCHIu29FH2vw334l6QDcSkyhKF7BK2GzZrAu7yEeg7djBbqOoor%2Bhz8%2F63ASgjJGNglofC6A7e4vcK0h%2BxgkYkhuBj2en6KlSIUc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a61708c8df128-CDG
expires: Fri, 06 Jan 2023 07:08:04 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame BF59
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

126ms
34ms

Image
image/gif

192.229.220.129

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 -, , ASN (),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 1094
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135736

Redirect headers

Date: Thu, 05 Jan 2023 07:08:04 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.016829967498779
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 6
Server: nginx
Last-Modified: Thu, 05 Jan 2023 07:08:04 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 F84EA2ECD0EDF7912C63A39BFF656E79225A5A767C41841B4581F55D7AD5CC01B9A2D4A64CF89E66634000AD848B977726E9B3065AED9DA60660528B03380FFC
assets.ad4m.at/logo/ Frame BF59 3 KB
4 KB 28ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F84EA2ECD0EDF7912C63A39BFF656E79225A5A767C41841B4581F55D7AD5CC01B9A2D4A64CF89E66634000AD848B977726E9B3065AED9DA60660528B03380FFC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748364f1f50cac3f0ec54988c550350e3e7459ce1989bb86de58475b748f9040

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1897027
cf-polished: qual=85, origFmt=jpeg, origSize=4898
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Dec 2021 15:58:56 GMT
server: cloudflare
etag: "d8ca3dd15c3da4aadfb68f4e93166a35"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BnKYe7R0FMjdfQF8R1GNARWq8tkGq9l0lNmeICmTOn0jCwjw39HYipyobUDdv7xEnXPB6UGp%2FplwfZLMR%2BOARjRKMnYvRA1CtFBm2iRbtoxoD98VXCK5onHIkq6zN%2F6PacpW%2BU93Ro4W%2B9f"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a61708c8ef128-CDG
expires: Fri, 06 Jan 2023 07:08:04 GMT

GET
H2 200 12C5144EC313322E1D2EBC8318BECFCB95FF3BF90A61F48FEF3239B2642CFA8E3579CAFB53CE4A3316D67DAF216332653A88840C75671C913E1D6108AEF20EE6
assets.ad4m.at/product_image/ Frame BF59 74 KB
75 KB 45ms
44ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/12C5144EC313322E1D2EBC8318BECFCB95FF3BF90A61F48FEF3239B2642CFA8E3579CAFB53CE4A3316D67DAF216332653A88840C75671C913E1D6108AEF20EE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b21b86b642c10803f18145aa48372dff97f81abb8645163243d46b7428ea60

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1897011
cf-polished: degrade=85, origSize=169531, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75920
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Dec 2021 16:04:19 GMT
server: cloudflare
etag: "7c9f4b508408665550d5e76e2d31406d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3XU8WM0y65%2BzRJgZu3vBtxPeO0o%2BcGAKVj5NEbWtv6Eq01HsxYHQov3QA%2BJkulgVk%2BBOE%2F2ExovV7EzzioVxgXUg85yXAkiM6uiGfWC1vB8lCC%2F4L%2Blii2GdUD3SrkE9qucbCMisNGS2iPN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a61708c8ff128-CDG
expires: Fri, 06 Jan 2023 07:08:04 GMT

GET
H2

200

img_11_7_24.gif
img.metaffiliation.com/1/48959/ Frame BF59
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4BF3F56C8631B7&argsite=oneidR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/1/48959/img_11_7_24.gif

33 KB
32 KB

138ms
19ms

Image
image/gif

192.229.220.129

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/1/48959/img_11_7_24.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=300&d=250&e=&g=5741ba9a036cba7e6cf8a95ec37056b6%2F8060108672921543907&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672902484160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwmjx42h9d1cmerxnpa7jfhpaw5ect3329s7c7a1xewsdzdvjvjw9tvjdwa4pd78p9ce51fecn6c3gzh74gyrsn2gm1sr3q10eq7a3tgds59yzct5vdqs9xdv2mjykees15pg1wb1yc4jr2gzs2dftk509xp44htxfqgbbz04rr0xq1w653mf8tk57n3nwt20dbhw40xfax1yz2eywqtn4gxj11zgn9cq611kw9na03x5f2er81rbdh16jbznqsjayxha85pg7n4vby2j9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC92vUUne2Y9SDHtrugAfR3YioCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCBmGgCJTKsT7gAgCoAwGqBLwCT9CM90_r4E2TUk2KAkN-1BQxr35J8JyQAXRJyVmygl6yAoTDv9MiykCqbDL7AYvIGmrGiZhTLvQngyRYgUgYdfbxD-5gPzBv8JAr8UobwXb1_KCmDlmUAdlIM8tdZWIcC2llVyC_mtGOop2BSdmW0GmCS9cOC8u0SMK3SJIAsBfiPl8OQkUSYAgDF1MsW4O7DkR2KGk6Qbioyd9UHxplNSLnhq6tJviprZ2QBNMAbx-jPLf0XNXPmFwKgHsS2FkB9NreGp--O4Ps5S7uh60yLmBWwKJdrK7hUOPCKmfozTZ2jMpO7K9JRhBhBjfl-Vt_apxFbeCu04n55HaT8pKBlW9WYUfGDTt6pwkdxcgkFT2-DvBV7EA8G5fKh03Fp_dHgCbNruaK-d4b0CPkqwFYXhBdw2LbdghN9R0TWuAEAYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1d83RvICe0jm3jkfIj4wMu5AnArw%2526client%253Dca-pub-3998824402121602%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 -, , ASN (),
Reverse DNS
Software: ECAcc (paa/6F1D) /
Resource Hash: 46389b3abd1c6df598fe1c191687b87f355facf00dde6cd1238ac76d40f12ec2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
last-modified: Fri, 23 Dec 2016 14:54:01 GMT
server: ECAcc (paa/6F1D)
age: 2375
etag: "585d3a89-8546"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32287

Redirect headers

Date: Thu, 05 Jan 2023 07:08:04 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.010092973709106
Connection: close
X-TRK-PROC: 48959
Pragma: no-cache
X-TRK-SRV: 5
Server: nginx
Last-Modified: Thu, 05 Jan 2023 07:08:04 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/1/48959/img_11_7_24.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 segment Show response
api.permutive.com/adv/v2/ 30 B
44 B 34ms
34ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=false&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 07:08:04 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
content-type: application/json

GET
H2 200 show_pla Show response
flint.defybrick.com/ 2 KB
2 KB 352ms
118ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=13521952622126592751922191161290140661361672719429902111722223062122&nc=0&tsf=0&tsfmi=&pv=0&cb=1672902484669&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1718242951&at=&bid=e30%3D&di=W1siZWYiLDg4NDhdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6OSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNTE2%0D%0AOTQwODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjEwLGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJI%0D%0ASkw4NkwyM0FDR1VoQkl3SVNTRUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9y%0D%0AODcwdXhxRngiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwic2FpbHRocnUudGl0bGVc%0D%0AIixcInNhaWx0aHJ1LmRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25c%0D%0AIixcInR3aXR0ZXI6dGV4dDp0aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQs%0D%0AIntcIm9cIjowLjA3Mjk5MjcwMDcyOTkyN30iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQi%0D%0AXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAw%0D%0ALDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0i%0D%0AXSxbLTIwLCIxMzEyMDY5MDE2LjE2NzI5MDI0ODAiXSxbLTIxLCI4MjczODM3NiJdLFstMjIsIltc%0D%0AIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpo%0D%0Ac1wiOjE5MzAwMDAwLFwidWpoc1wiOjE1MjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0y%0D%0ANywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIntcInZcIjpb%0D%0AMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBd%0D%0AIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY3%0D%0AMjkwMjQ4NDY0OCwwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0x%0D%0AODAtIl0sWy0zOCwiYywtMSwtMSwwLDAsMSwwLDE0LDQ0LDU0Miw2NSwxLDcxMi4zLDcxMi4zLDU1%0D%0ANDcsNTU0OCJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwi%0D%0ATW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzXSJdLFstNDAsIjMzIl0sWy00%0D%0AMSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEw%0D%0AMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3du%0D%0ALGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDY0XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A970%2C%22y%22%3A655%2C%22w%22%3A315%2C%22h%22%3A441%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=UMqw4dFTQF&sdd=%7B%7D&pto=5570
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4a258b70f34ccbcb4c682fa10790083803b66b36d692c8c0ada317cd450bc9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 05 Jan 2023 07:08:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1535
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.9.0/ 341 KB
74 KB 31ms
31ms Script
application/javascript 2606:4700::6810:9440

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
age: 10298
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75725
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
server: cloudflare
etag: 0x8D88D721D404CB2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7aa00b60-f01e-00e2-4342-ca3c94000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 784a61714ec72a38-CDG

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 24ms
23ms Fetch
application/json 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=dd13c54138967c33b75462e34272f3d4&pvId=41a6ef42b327ccf2f29bea7a7936849c&sid=6647468&pid=231&idx=1&wId=100&pad=0&org=0&tm=1250&eT=0&cnsnt=no_consent&widgetWidth=970&widgetHeight=31&widgetX=315&widgetY=4157&wRV=201033&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=243&oo=true&lo=4248&odbreq=5369&odbres=5611&cet=4g&to=1672902479102&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 07:08:04 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 45cfa3e56d1dcb01e274da5b4a72e50a
Content-Length: 4
Expires: 0

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/201033/module/ 36 KB
13 KB 165ms
165ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/201033/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 211bb5033aee4ae77edcac40340c97160c38e674343df66353950c1c6e3402e5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
last-modified: Wed, 04 Jan 2023 14:31:47 GMT
server: AkamaiNetStorage
etag: "f0f8dd2c2b226e27e7c11973ae93fe36:1672846553.168623"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13368
expires: Thu, 12 Jan 2023 07:08:04 GMT

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
8 KB 129ms
129ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:08:04 GMT
last-modified: Wed, 04 Jan 2023 07:24:28 GMT
server: AkamaiNetStorage
etag: "b79638966e0374c455e78107aee59bf4:1672826781.333016"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7647
expires: Sat, 04 Feb 2023 07:08:04 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/ 73 KB
13 KB 26ms
26ms Fetch
application/x-javascript 2606:4700::6810:9440

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5c724c4cb202cda5ac3fc5dd433b3403995f9c2ddd9b45f52713de38a62deedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: EBsOpg7Elu1REC0UgglQbw==
age: 77062
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12888
x-ms-lease-status: unlocked
last-modified: Thu, 12 Nov 2020 16:47:33 GMT
server: cloudflare
etag: 0x8D8872AA6D573E5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 73d74412-901e-0113-6b6e-c9ab52000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 784a6171ab79f8cd-CDG
expires: Fri, 06 Jan 2023 07:08:04 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 13 KB
3 KB 31ms
30ms Fetch
application/json 2606:4700::6810:9440

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nLr4hEi4fuLY/p0DQsLcMA==
age: 34745
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3343
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D721792550E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 517349df-601e-006f-5242-ca7032000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 784a6171ebcbf8cd-CDG

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 62 KB
15 KB 28ms
27ms Fetch
application/json 2606:4700::6810:9440

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Jan 2023 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ue/MTNcIjSCNWtleQfbrzg==
age: 67662
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14986
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D7217E98574
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 99aa43af-b01e-0022-6942-cab6d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 784a6171ebccf8cd-CDG

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6369 42 B
176 B 369ms
68ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZrOiVblwhoEt9BCsd4EIWFn9IqSzG_jheX-HbjlG57dp-pLMS6k4kh2WLuWKEfSkvPt1ToWNZazWmAm3u9HCMz4GjiLhzp9KEaT2fne9iRaYv7ZMiIWyNKNxCv6Is-AvpY5YgfQ&sai=AMfl-YQ5K-7wyqZvzEd8Kp6EAe-q5yDiUWPzjOwDPMAn5dEsIvD97MCH51cvKpp3z0bkbbILEFua1iwl3heGYtEvOCOuBA-Min7Jc9mIY16DS8IaTb4ROnZ1NLm369iUHA&sig=Cg0ArKJSzCg5MEylDeCyEAE&cid=CAQSOwDq26N9D_W5ER4fTFzs2hZpaoXfFICLlE_s3z6_nEW59-k3Twh1n5WC2diJhlBeLHG-WEl0gWFFAG8NGAEgEw&id=ampim&o=315,131&d=970,188&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=785&tls=1785&g=100&h=100&tt=1785&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 07:08:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 2074 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame EC86 0
0

GET get
mv.outbrain.com/Multivac/api/ 0
0

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
102 B 100ms
100ms Image
image/gif 2600:1f18:e8a:cd06:e361:a2ce:b047:17c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136decce35e84382999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d20330f578afe6d6eb471bbc4c8bbd39e821da61c45085052aae2d05f91e46042ccf5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1008f77f6aab951d7aefdaff64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0bcfb89bce14b7ff52ab7bbae7f073dbc8532c3e640e642470783580b8581d0ce81b2c527df21d6deedc85ec54d5814aa5f0ddbc5ca1b76d0ee75a857b3c117c621af7c441b0f966cbb588693f87bb88369c64aa7c19ccc7780191c2df05e05546e5d79d7e062b94a999cd577ffd337a8dd39d98eecb17584b3eb106c728ba65a49ccbb0f5d12bbeae933e727dea80db8b97daf2af16dc94cc608c5fc69d51026f8bcd0336e7c3f5d38015f0bb8a3d07ed869b45953422bffa84cdd9e040ffdb1c3a7ba6cc3f1f9fa86fcb3ec484938e75a85b059729e456519ba7f4f227efc69d9140bdef993718061cb37cefa3ec7bc118b385a6366573e60c385ba9f652502881201d7968ca7a289131794b0f0&cb=1672902485037&cri=UMqw4dFTQF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 05 Jan 2023 07:08:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 301 B
183 B 28ms
28ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8e6e739c39d1d23858d05c9875e49d5581aa82d74e28ebfde5a2ab24eca4f7de

Request headers

Referer: https://observer.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Jan 2023 07:08:05 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165

GET trk.gif
jadserve.postrelease.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mcdp-chidc2.outbrain.com
URL: https://mcdp-chidc2.outbrain.com/l?token=41a6ef42b327ccf2f29bea7a7936849c_231_1672902484092&tm=994&eT=0&widgetWidth=315&widgetHeight=442&widgetX=970&widgetY=565&wRV=201033&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=710&oo=true&lo=4248&odbreq=4643&odbres=5353&cet=4g&to=1672902479102&chs=1&ab=0&wl=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgd3hmOj5WfEV6zD92QZLHsEMR7LxaComF-ulT4qHsPoYVrwi4ZAIKkkOXOiDiPZ4uWZ5B7CO1p3QzaU8Tbm1Pmt6eoSQgCnP6WN3uSO1lHuez1NaPNQ2PnSVN154ZWeDfnwYC8Q&sai=AMfl-YSQwWNjUU1QUgc_detA-rHmwcoDe0eXbq6Ih5rBwAEzUu4s6RgEXL1UGsss073LwsO4KiMEO02gNoiNxQ4fqs4HiVKQCEieV0gqEyKQx0MUaJxJMrICTYig_M7UUw&sig=Cg0ArKJSzH6a3u9YXoJrEAE&cid=CAQSOwDq26N9D_W5ER4fTFzs2hZpaoXfFICLlE_s3z6_nEW59-k3Twh1n5WC2diJhlBeLHG-WEl0gWFFAG8NGAEgEw&id=ampim&o=980,385&d=295,250&ss=1600,1200&bs=1600,1200&mcvt=1029&mtos=0,0,1029,1029,1029&tos=0,0,1029,0,0&tfs=794&tls=1823&g=100&h=100&tt=1823&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqGOElePfc5joHtGrGnWB-I95_BTnyo2tHTGDbWVNJvO0Cxk1rZQ-KgYh5VGC7CWfSlbQa5rF9qe3-K_bVOr9m_ebML2F8KPVOgRN057tErymVaWm0q-u9EUzzawwuBYRFgl75pA&sai=AMfl-YTvIOPCes32zXAs-XeysXfUxg0t84s30HHudN6G_eQBSkbSxq9TC3ZlYQ2_mQFUh1pEQovITmKVbWG_4ipxuI0M2YpdUmbdw8pYF2TXlrKkWgzbolUYKHY9HgHFVA&sig=Cg0ArKJSzPI8t1U1L3OJEAE&cid=CAQSOwDq26N9D_W5ER4fTFzs2hZpaoXfFICLlE_s3z6_nEW59-k3Twh1n5WC2diJhlBeLHG-WEl0gWFFAG8NGAEgEw&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1033&mtos=0,0,1033,1033,1033&tos=0,0,1033,0,0&tfs=759&tls=1792&g=100&h=100&tt=1792&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Domain: mv.outbrain.com
URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fobserver.com%2F2022%2F12%2Ftwitter-suspends-elonjet-the-account-tracking-musks-private-flights%2F&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=201033&apv=true&sig=82738376&format=html&rand=64835&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NDFhNmVmNDJiMzI3Y2NmMmYyOWJlYTdhNzkzNjg0OWM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=1&lastCardIdx=0&fAB=11741-82207&layeredTestInfo=11741-82207-&clss=SERVERNR51cjBRVvLCF0%252FrvfwgIjzqKeEE7m%252FFtkkMZ6CUJQujCqujj1wmH8NlN%252FM2VR0f9ugWPEqQO5&dpr=1&cw=970&pmtseg=28393%2C38871%2C38883%2C38884%2C38885%2C38886&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fobserver.com%2F2018%2F07%2Fwang-jian-hna-founder-dies-tragic-fall%2F&chs=1

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=91676ce8-d149-469b-bd67-645fb5ed6b40&ntv_a=AAAAAAAAAA-akQA&ntv_ht=VHe2YwA&ntv_fl=ReJsDvqugQ6wwaOTjEXVDMgprKGfebqecTvavPd7h3B3qQQbftgFS-tcsah6i1FyOT2T70vMv90o9KspPVri1i0OnEp-ZQP3JVOXVJZAkrmhIhnyye2Ig_jnzVEzYfGKcGtNq8BTd7gkITqXy4JcthcKsZJS7XjV6MiMuTkWYrW6UA4Ng3XruQ2mMK-UkLAYfLP_fB6vip1Dth7hMe77rqndSUkRHvSX9C6UteYbDPCAecx3dO925O0m6UWMXjGF&ord=-1927738803&ntv_ift=0&ntv_it

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
observer.com/	1970-01-20 18:17:42	Name: hcpermutive_uuid Value: f41c24b8-4eff-4991-82f0-70f604c82dd5
observer.com/	1970-01-20 08:41:44	Name: sailthru_pageviews Value: 1
.observer.com/	1970-01-20 08:41:44	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://observer.com/2018/07/wang-jian-hna-founder-dies-tragic-fall/%22%2C%22sref%22:%22%22%2C%22sts%22:1672902479953%2C%22slts%22:0}
.observer.com/	1970-01-20 18:11:06	Name: _parsely_visitor Value: {%22id%22:%22pid=9d065fb56a23bd571c9462f8e2c8e795%22%2C%22session_count%22:1%2C%22last_session_ts%22:1672902479953}
.scorecardresearch.com/	1970-01-20 18:03:18	Name: UID Value: 159a3c1e55dc292e12c88991672902479
.observer.com/	1970-01-20 18:10:30	Name: _pcid Value: %7B%22browserId%22%3A%22lciqxyuupc6unoxt%22%7D
.observer.com/	1970-01-20 10:51:18	Name: _fbp Value: fb.1.1672902480104.946459948
observer.com/	1970-01-20 08:41:42	Name: __adblocker Value: false
.observer.com/	1970-01-20 18:17:42	Name: _ga Value: GA1.2.1312069016.1672902480
.observer.com/	1970-01-20 08:43:08	Name: _gid Value: GA1.2.856522732.1672902480
observer.com/	1970-01-20 17:27:18	Name: sailthru_content Value: db7f4e6f154017a77a0aaba9a53de6d2
observer.com/	1970-01-20 17:27:18	Name: sailthru_visitor Value: 0f7a44e9-28e8-484b-8323-64a41736aa91
.piano.io/	1970-01-20 08:41:44	Name: __cf_bm Value: w3vtpGsplsXhnzHFJARlONBh6tfuNOZaegoDGfyQNBc-1672902480-0-ARW3+9fuYcPb9Vcl32OcBEDbtdB7NngG3hGcYgooI/R9eINRR3GbK8wjdN+lFqL9mSq0zCRHnSv7R6jL9Ey7F48=
.observer.com/	1970-01-20 18:17:42	Name: __tbc Value: %7Bkpex%7DiI_Vzuk9z3z9emYjEDiaL-MTc8b-AZ3NJykGoy72do_JE-fFcz7AfUD9ZUIEXA8E
.observer.com/	1970-01-20 09:24:54	Name: __pat Value: -18000000
.observer.com/	1970-01-20 08:43:08	Name: __pvi Value: eyJpZCI6InYtMjAyMy0wMS0wNS0wNy0wOC0wMC0wNjQtanBMbWVNMmxnanA0aTIwVi1kOGMxYzA4ZWU2MmI5ODkyMWQ4OGFlNmM0M2Y5NjdhZSIsImRvbWFpbiI6Ii5vYnNlcnZlci5jb20iLCJ0aW1lIjoxNjcyOTAyNDgwNDM5fQ%3D%3D
.observer.com/	1970-01-20 18:10:30	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.observer.com/	1970-01-20 18:17:42	Name: xbc Value: %7Bkpex%7D1PPawSWc88b2xup8X-SSew5oCxzHXjKc9YsWsw_ppkE
.observer.com/	1970-01-20 13:02:20	Name: permutive-id Value: bf766fee-a207-4d4e-b359-e10ff9511584
.3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/	1970-01-20 10:51:18	Name: pxid Value: 71510c5d-132f-465b-97e7-5e8b1e6a2134
.observer.com/	1970-01-20 18:03:18	Name: __gads Value: ID=45552cc9f5f9b401:T=1672902481:S=ALNI_MZ_py0qodYxZ75z9Eaiv18iSoR0tQ
.observer.com/	1970-01-20 18:03:18	Name: __gpi Value: UID=00000b9ddde200ba:T=1672902481:RT=1672902481:S=ALNI_MaF912Rx4n2gnTTo1k9itGGV_fciA
.doubleclick.net/	1970-01-20 18:03:18	Name: IDE Value: AHWqTUm3qBrqpz_-0bvwn19JIgIHINdqDuylOqLfs4t5onoK4ee9FyxBmAGep0e2Sz0
.doubleclick.net/	1970-01-20 08:41:46	Name: DSID Value: NO_DATA
observer.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}
.observer.com/	1970-01-20 18:17:42	Name: _ga_T9PLB60R8S Value: GS1.1.1672902480.1.1.1672902483.0.0.0
.travelaudience.com/	1970-01-20 18:11:56	Name: _tracker Value: %7B%22UUID%22%3A%221AE04C72-5EC7-4B51-8D1A-9AED8754A07F%22%7D
.ctnsnet.com/	1970-01-20 17:27:18	Name: gid_CAESEHGhUygqQHsGD8sRNgVGkjk Value: 1
.ctnsnet.com/	1970-01-20 17:27:18	Name: cid_aff6b950582947bdb50537ff7b8afd02 Value: 1
.quantserve.com/	1970-01-20 10:51:18	Name: d Value: EEIBCQH9J4EA
.quantserve.com/	1970-01-20 18:11:56	Name: mc Value: 63b67753-d8262-b851e-3e221
.yahoo.com/	1970-01-20 17:27:40	Name: A3 Value: d=AQABBFN3tmMCEB1RXFkZw-dAR6VqE0ZFFQ4FEgEBAQHIt2PAYwAAAAAA_eMAAA&S=AQAAAqzKWflDIz8f7zEzTcddUps
.1rx.io/	1970-01-20 17:27:18	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-d3de2b2b-1ebf-4bcd-82bf-174e0a4dfa40-003%22%7D
.bidswitch.net/	1970-01-20 17:27:18	Name: tuuid Value: 37f9f081-582d-4cb2-ac69-c78570d444b1
.bidswitch.net/	1970-01-20 17:27:18	Name: c Value: 1672902483
.bidswitch.net/	1970-01-20 17:27:18	Name: tuuid_lu Value: 1672902483
.analytics.yahoo.com/	1970-01-20 17:27:18	Name: IDSYNC Value: 18yx~298v
.observer.com/	1970-01-20 08:41:42	Name: _dc_gtm_UA-1212249-1 Value: 1
.bidswitch.net/	1970-01-20 08:41:42	Name: google_push Value: AavPq0PTV7fBxpT-ikGktPOrxO6shzqxlmbz6Wni9Qnn9VnaiugXVY5rveyY4MvwWyOzv5AQD2vxtJsEHPjHWTAurWdxuLBggTMr

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co
585e2b3bcae7017c529ab96f0edac682.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
action.metaffiliation.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.fr
ak.sail-horizon.com
ams-depr-public.s3.amazonaws.com
ams-pageview-public.s3.amazonaws.com
api.bounceexchange.com
api.permutive.com
api.sail-personalize.com
as.ad4m.at
assets.ad4m.at
assets.bounceexchange.com
c.amazon-adsystem.com
c2-sandbox.piano.io
cdn.ampproject.org
cdn.cookielaw.org
cdn.id5-sync.com
cdn.parsely.com
cdn.permutive.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geolocation.onetrust.com
googleads.g.doubleclick.net
htlbid.com
htldotbid.s3.amazonaws.com
ib.adnxs.com
id5-sync.com
images.outbrainimg.com
img.metaffiliation.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
log.outbrainimg.com
ls.skimresources.com
mcdp-chidc2.outbrain.com
mv.outbrain.com
observer.com
odb.outbrain.com
p.skimresources.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
prod-rtb.ad4mat.net
r.skimresources.com
region1.google-analytics.com
rock.defybrick.com
rules.quantcount.com
s.ntv.io
s.skimresources.com
sandbox.tinypass.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
static-de.ad4mat.net
stats.g.doubleclick.net
stats.wp.com
sync.1rx.io
sync.targeting.unrulymedia.com
t.skimresources.com
tag.bounceexchange.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
jadserve.postrelease.com
mcdp-chidc2.outbrain.com
mv.outbrain.com
pagead2.googlesyndication.com
104.19.149.54
13.224.195.78
13.225.78.113
13.225.78.42
13.225.78.43
13.225.85.39
141.95.98.65
142.250.186.66
146.75.122.132
151.139.128.10
162.19.138.117
185.89.210.90
192.0.66.160
192.0.76.3
192.229.220.129
2.18.234.163
2.18.234.190
20.13.96.71
2001:41d0:701:1000::96f
2001:4860:4802:34::36
213.19.147.45
23.203.125.156
2600:1901:0:76b9::
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:20eb:1c00:5:82fd:2500:21
2600:9000:211e:c600:6:44e3:f8c0:93a1
2600:9000:21f3:c800:11:b309:9100:21
2600:9000:21f3:dc00:1a:ba5c:3900:93a1
2606:4700:10::ac43:266a
2606:4700:20::681a:61b
2606:4700:20::ac43:4a81
2606:4700:3031::ac43:833a
2606:4700::6810:9440
2606:4700::6810:f015
2606:4700::6811:bab1
2606:4700::6812:1af
2606:4700::6812:1b55
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::2001
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a00:1450:400d:805::2001
2a00:1450:400d:80a::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.56.137
3.236.169.101
3.5.21.159
34.107.254.252
34.111.8.32
34.120.117.212
34.120.253.250
34.98.72.95
35.186.193.173
35.190.0.66
35.190.59.101
35.190.91.160
35.201.67.47
35.241.9.51
52.17.99.225
52.217.70.44
52.29.44.102
54.156.218.215
54.231.130.25
69.173.144.138
75.2.40.13
95.131.136.1
99.86.3.236
068dd13bdcabf49a419a4e25758e45e08b18d861fed8370ca4c59bd014a84b3a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
091bb3b927e83249016f29a235845a54f50da2d357749f8fff2e7e038d630384
0926ec66fd43f36c02da0b10d44805feed7b54dd4d41005dcfb60b4ac45fdc6b
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0c64a7e6df4c46566dbe0470fe2ad3168fd8e7c1105ce04874ea66e4230de2f5
0ce7613bb07f30b4dd77f51b62fcbd70bc15439a24b696ca06a694c2c8544ce6
12c5a381206405092c7e7b3f50965729a00b3f7fe2840cf61c8ebbf2c51b2271
14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5
173e2f5f1193207f5ec4de5b6d544750a04980e945ad4da724a81032121f5b09
184400e86583160bf90609a1b1b7a24d8de73d90dd7002a6f494445db89b85a0
18d40972c32ce351b6a0c52048b23231bf63851915f3d0eac3307d9a59630d6b
19bf88bf9c1719d60dc5dd3043019ab713b269d4f22eddbdb4956a2b1f672b56
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
211bb5033aee4ae77edcac40340c97160c38e674343df66353950c1c6e3402e5
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
29221a1307bcd612972bf22add13eca12e48c518c0b4acf842b882a0b7783c46
2b0503824555e5e9ca7c74db41ddb0dac554c4338c5931a0cb3d88d3b6ce51a4
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9
3307ca48f41b84f37997e0cac0acc59aac8fc793ab11fa2674799ee525e2dcf4
3486aa6c57105efee14a98dc631c61b157c9066ff06d2495bd826a886470d39c
35b8da540f329cf5fd8b6b872ed637bcd4c73eb143d79ca79de4f5943a1cff30
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
369df2444ecc74862f73afbd3fb4a33de433af3c8a21acc056cbc6d913abe88c
36e24dc06e51fdd9b13497039bf3c286b61476669c715a274b9a6703b4000a2b
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3afad7944608ccb8f39bb022444e73be0d7d2bc03ade1aebd436d17c3c2eefc4
3e59c1840342687b9c1ad9197f34b5cd9a0acfaabaf4ffac8b295e23d1a2fa66
3f55c14576b73b1fa761c9722153509875403c18b3a6916045fd146f3e3a6a00
3fde7a3a5556ecd9f17ccaa6113192b9d57ca0293b32124fdb2aa5d062b55ec2
43ad2e7998814ca5a453ec2c58399889611cf75dec37922cdeeea364fbc28718
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444bd1047d1e558437c41e51dfd82e5178d39f5e2a098d91f1e92b428e836955
4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e
46154ceb9a719ddd98ab5d494e7183bc556d41c2d77825e5eec028791316f359
46389b3abd1c6df598fe1c191687b87f355facf00dde6cd1238ac76d40f12ec2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474e04bb140d1d4a1833b2abb414a0290a9bb72f91b85b8c5ba77fe929573056
47e020441e86743fd173ab7627ee2640635b35dea5482e8323629ad9938c4709
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48ccf4848daab48169b24df54845014bb9f7182aafd4c4ed38a525005cd3e1b7
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f
4d5f5a72c3f2d4ecddad869d62b80eb45d12c97cc6394ffa283e58a1425b17d7
504a8ff0f91e885287cdefd108c22f4d5713a3877b39df516d811f87281799e4
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a874e8d3e1bd952e2f597c65ef265be4a7fda78e0b6929b5e67b16b93a3910
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
56e53f0cff32c14b4316b461ef64ca8cb4d44adfe5d759bad16c69de0547064c
58b21b86b642c10803f18145aa48372dff97f81abb8645163243d46b7428ea60
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5bf593c0fc58fb811d64938de29d5ea3ef090b08afc0309a0013f8c8cce38a26
5c724c4cb202cda5ac3fc5dd433b3403995f9c2ddd9b45f52713de38a62deedd
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e148a9862168d423350fc89e8889bed17b1fb5a0d325546a1bcf436b21e1c48
606c9152b845782b1dd6a36c7196ec38ba48171b2bc60671e9d49ab636945718
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
630c07ecdd39b0a51b8e34611bd776ea807e3e197dd96e636d5ff8e4022dcd63
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
6c05e433ca10b433edfc856fd903cb5f2da848a54e4507642a48981deed8bb05
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
73f13559aa4d1dca01c01f351e15bbc25f1a596078e69b7a9d1508cc6c6f72d8
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
748364f1f50cac3f0ec54988c550350e3e7459ce1989bb86de58475b748f9040
748d2a1a72ffee3318b6cc87f5e3c709e8bdfeb35988953a77c7addb2d85edd5
74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0
750d1d2daaa3d8dbfd63a48981545c62704e1e46514a9f3e10561b9f25f27950
756dd7203be6457d7dd15085b51cb7fcee2efdc6e1e46792c7a5272775a82243
7b56af893358318f9825834c44e15ba72af5dd08fda34a56c0bd7b6ef1d9f355
7cc8f8f131774a8405d79658e64366f7044e6f439cfccaf977aecf0deb4c052e
7f1b16eaedbed2350b3f7f27dff10f5fbbce59bcd490b57f553dc638e0999143
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82151877d4e0e2118ce3741bf359f5528a5fe75a09fd1abdb035ecbf1023c5c6
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84128228243898ae548dda8391f89a3fbc87d77ca056fd9ec3aeb4a4e8b6f954
84553f02ad2ebec99a74b64ab280be9da6b6e21f8dea49106432c96cd32f692e
84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146
852fda9cf45df6d127faead151be737caa36cc7349139ae537fb4bd5dd392f5f
862cd1e412728b8e39649997cff37fe9afe7a3f6a7d559a198ca9d37c4c3cfc4
8929cee3d4d913ffd8c183a9e314b2b87b39001ac16866245c35b8ea18929979
893a2d1026dd5d8092e6f23638001265bf55565e7e2994e375bce0f454bb5ae8
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d2ef2eebc186ae00f2af8692690d8c9dd71ccb8bef917bcf1957d4a1860bd0d
8ddf5e1b668d93e4b98d18cd27d44cb042f7bf258f8c8886f077f5fad920c7d1
8e6e739c39d1d23858d05c9875e49d5581aa82d74e28ebfde5a2ab24eca4f7de
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93478b8146a34ffeb720b570ec2db83a189e3479546b9df4d5dd007063b1a206
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
97cee0b4094231f93a768249e8a3b8b084bf9ada186680f9f5d9dd7fdc1cbc52
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d6edeb0c11efc64b80f86f95d53b25214bd65e3f8afe6c85bbcddfe60cefaa
99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9cb1df3983ac960eda06a4e5b2db75c7200515c2776a00d4cfb3cb4f36c0f91f
9e943515456ba617fe37ed3120c7ca356c3fda5ec23305e846be86c0073ad597
9f0a67600a8b8939e9b77975ed81760e162bbb2a8b31d1e2ccd43390c64567ce
9f50150b93f6dfe9cf98ef5f90a291dd1d71ff3dfc1194307388d1bb018058a1
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a1e36b4f097ab210241b4775783305d64d047cf20230d7152b0ffdb38401cc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a384a78bc8bee6afceab3ff107315b1bdcc0fd2622246826d16b503e742a8cdf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a2686142ea2b6318b298cb3570359d0d7ecaa37d792881ac2d2691ea809674
a66228c52eb9d9ad34e4695434a602fc8ebbfcb5a29a7ba5d2eb352e5c9deb5d
a7b23f357530667a4d5d574a7b9141f0858db9f3dc49ad1e676bd850b8093c22
ae4ebf47a893af26c9f146af0f337b50b181a99d0aaf217caa42b287e75d42b1
afc1482b1afbe5447756bbe09167c10d43dc07218abb53efa5bac45bd2465d26
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b2901621d0cec44e2a77021e71c914f32206f412bebf2813b96febb8c8102ff9
b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b55b4bd335e45edfd8dd40b944affb2c95f46ced23852042597fe052d789e446
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6cf23ed282a5cb25c43c5923908a43cc8c4c9e92b23a1f73eb7b0af46ef6534
b70ac2a69eea8048af70de9c8778f794db5c7d02f606b969243cd8438bd68836
b7461c2697142bb258f882e6c7c2c73034716920215b7c71b6380044da41c324
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f
b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8
b90c1b05dae5871617ca779c34235aae7816c102612da77bc61a1c87309a5eb0
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bbe288e856f62c39e838c914adfbe30db3d1d23503aa779e30d259c6ab0b6637
be1382c68ae6d5f819040690d35466757fc97a337de218d1c40de6f1fb5afe81
c0472ab03b5cc819b6f3a01c3d0519af30215aed943bd77a11d9625f93b4ab55
c0eb09d747f4cb0d61057afe50609d7419873b0bdbc56f6965f3098a1cf6d975
c209eb6ade4a4779a96c09b12dca3df95f2c362aa4658e21ead8a714f0919acb
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c46b033d7688f2f46e87a04634a1389db91ceea1be9cb70d1ae9205819739a7e
c4a258b70f34ccbcb4c682fa10790083803b66b36d692c8c0ada317cd450bc9f
cbe38262701c7f8844746432f9d8a2f04cfbfbfc120e091b5642c7a06ca173d7
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cca98b281de5d8444eadf7c77b84ea6b5891ecf9e5bcdaa3fcdb77167772c0c5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87
d24d008e3735bbddd99689edeb61c7cd8b1966825892a73f419a0720433deaee
d45661c908e5150f424a5e0c2ad0800f5fc8a159a45af1ea5ad1fd7c5449d18b
d46f9c20708adc43c0209e0c320a376ff99ee0e4875f346bb31c19210af1f9d3
d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
da722abdac2fd04748b3293549c2bbdb526fcb1f192dc2fd7ac8db0a42166629
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc97395fd99c0da4de2c5fb61fcb7a9e20fa6ef8f62c12dee14de8d07beb11a8
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0bc7a4534e97db4232ee20e212b393b42c35889844cb9066d38fc4f982ce87a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e12111ace2e55890d866247c6d423bd5247e932043eec823b59c1d84c578eb
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
eaffe739d46824bf1bf3d2b6841a12ad02f01ee633adc95d7d71ec11f3b66b79
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5f8d6a9ea52bd9b20497b837b74bde31586062d5b0e16be75f8bbdffc29840
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9
fa2835fe4b9d53d05ed0533e8451d416c325561160754e01c2d891691ed6761f
fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
ff143db86fab915333c29a6676b9440ef1f1db22e979ce5ba571d16bf617d57e

observer.com Open in urlscan Pro 192.0.66.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

286 Requests

92 %HTTPS

45 %IPv6

52 Domains

89 Subdomains

73 IPs

8 Countries

4504 kBTransfer

11308 kBSize

39 Cookies

20 Outgoing links

Page URL History

Redirected requests

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

observer.com Open in urlscan Pro
192.0.66.160 Public Scan

Screenshot
Live screenshot

Full Image

286
Requests

92 %
HTTPS

45 %
IPv6

52
Domains

89
Subdomains

73
IPs

8
Countries

4504 kB
Transfer

11308 kB
Size

39
Cookies

286 HTTP transactions
8 data transactions