urlscan.io logo urlscan.io
SecurityTrails logo

www.thenewstribune.com Open in urlscan Pro
23.196.230.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.sign-xfinityaccountupdateipxahiz.duckdns.org/
Effective URL: https://www.thenewstribune.com/
Submission: On November 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 17 domains to perform 114 HTTP transactions. The main IP is 23.196.230.25, located in Düsseldorf, Germany and belongs to AKAMAI-AS, US. The main domain is www.thenewstribune.com. The Cisco Umbrella rank of the primary domain is 304938.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 1st 2023. Valid for: a year.
This is the only time www.thenewstribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.240.159.184 46606 (UNIFIEDLA...)
1 1 166.108.36.245 6118 (MCCLATCHY...)
43 23.196.230.25 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.217.102.28 16509 (AMAZON-02)
6 52.13.180.254 16509 (AMAZON-02)
10 44.232.113.203 16509 (AMAZON-02)
8 151.101.130.132 54113 (FASTLY)
1 2600:1901:0:7... 15169 (GOOGLE)
2 16 172.64.146.152 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 35.201.104.135 396982 (GOOGLE-CL...)
1 104.79.28.80 16625 (AKAMAI-AS)
2 3.232.219.155 14618 (AMAZON-AES)
2 2600:1901:0:d... 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
114 16
1    162.240.159.184 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-159-184.unifiedlayer.com
www.sign-xfinityaccountupdateipxahiz.duckdns.org
1    166.108.36.245 (United States)

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com
thenewstribune.com
43    23.196.230.25 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-230-25.deploy.static.akamaitechnologies.com
www.thenewstribune.com
media.thenewstribune.com
www.bellinghamherald.com
www.mcclatchy-wires.com
www.mcclatchy-partners.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.217.102.28 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
mcclatchy-next-apps-prod.s3.amazonaws.com
6    52.13.180.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-180-254.us-west-2.compute.amazonaws.com
api2.amplitude.com
10    44.232.113.203 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-113-203.us-west-2.compute.amazonaws.com
profile-api.amplitude.com
8    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
api.lab.amplitude.com
1    2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
flowerstreatment.com
16    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
cds.connatix.com
img.connatix.com
capi.connatix.com
assets.connatix.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:223f:3600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com
vi.ml314.com
1    104.79.28.80 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-28-80.deploy.static.akamaitechnologies.com
s.ntv.io
2    3.232.219.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-219-155.compute-1.amazonaws.com
jadserve.postrelease.com
2    2600:1901:0:d733::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
scissorsstatement.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
40 thenewstribune.com
thenewstribune.com — Cisco Umbrella Rank: 288984
www.thenewstribune.com — Cisco Umbrella Rank: 304938
media.thenewstribune.com — Cisco Umbrella Rank: 697914
2 MB
24 amplitude.com
api2.amplitude.com — Cisco Umbrella Rank: 1344
profile-api.amplitude.com — Cisco Umbrella Rank: 47035
api.lab.amplitude.com — Cisco Umbrella Rank: 4156
5 KB
16 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3425
cds.connatix.com — Cisco Umbrella Rank: 3536
img.connatix.com — Cisco Umbrella Rank: 4179
capi.connatix.com — Cisco Umbrella Rank: 1113
ins.connatix.com Failed
vid.connatix.com Failed
lit.connatix.com Failed
assets.connatix.com — Cisco Umbrella Rank: 8279
pl.connatix.com Failed
767 KB
3 gstatic.com
fonts.gstatic.com
71 KB
2 scissorsstatement.com
scissorsstatement.com — Cisco Umbrella Rank: 57579
896 B
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
1 KB
2 mcclatchy-wires.com
www.mcclatchy-wires.com — Cisco Umbrella Rank: 93734
66 KB
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
30 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3638
164 KB
1 ml314.com
vi.ml314.com — Cisco Umbrella Rank: 6989
388 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
482 B
1 mcclatchy-partners.com
www.mcclatchy-partners.com — Cisco Umbrella Rank: 141201
437 KB
1 bellinghamherald.com
www.bellinghamherald.com — Cisco Umbrella Rank: 521913
20 KB
1 flowerstreatment.com
flowerstreatment.com — Cisco Umbrella Rank: 58433
24 KB
1 amazonaws.com
mcclatchy-next-apps-prod.s3.amazonaws.com — Cisco Umbrella Rank: 60222
665 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com Failed
1 KB
1 duckdns.org
www.sign-xfinityaccountupdateipxahiz.duckdns.org
471 B
114 17
Domain Requested by
35 www.thenewstribune.com www.thenewstribune.com
10 profile-api.amplitude.com www.thenewstribune.com
8 api.lab.amplitude.com www.thenewstribune.com
6 cds.connatix.com www.thenewstribune.com
cd.connatix.com
cds.connatix.com
6 api2.amplitude.com www.thenewstribune.com
4 capi.connatix.com 1 redirects www.thenewstribune.com
cd.connatix.com
4 media.thenewstribune.com www.thenewstribune.com
3 img.connatix.com www.thenewstribune.com
3 fonts.gstatic.com fonts.googleapis.com
2 assets.connatix.com www.thenewstribune.com
2 scissorsstatement.com flowerstreatment.com
2 jadserve.postrelease.com s.ntv.io
blank
2 www.mcclatchy-wires.com www.thenewstribune.com
1 securepubads.g.doubleclick.net cd.connatix.com
1 s.ntv.io www.thenewstribune.com
1 vi.ml314.com www.thenewstribune.com
1 static.adsafeprotected.com www.thenewstribune.com
1 www.mcclatchy-partners.com www.thenewstribune.com
1 www.bellinghamherald.com www.thenewstribune.com
1 cd.connatix.com 1 redirects
1 flowerstreatment.com www.thenewstribune.com
1 mcclatchy-next-apps-prod.s3.amazonaws.com www.thenewstribune.com
1 fonts.googleapis.com www.thenewstribune.com
1 thenewstribune.com 1 redirects
1 www.sign-xfinityaccountupdateipxahiz.duckdns.org 1 redirects
0 pl.connatix.com Failed cd.connatix.com
0 imasdk.googleapis.com Failed cd.connatix.com
0 lit.connatix.com Failed cd.connatix.com
0 vid.connatix.com Failed cd.connatix.com
0 ins.connatix.com Failed cd.connatix.com
114 30

This site contains no links.

Subject Issuer Validity Valid
www.mcclatchydc.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh
*.lab.amplitude.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-25 -
2024-03-28		 a year crt.sh
flowerstreatment.com
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
connatix.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
vi.ml314.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-14 -
2024-03-12		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
scissorsstatement.com
R3		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.thenewstribune.com/
Frame ID: 4D599DCF3325FA1A8BAABDD57A705040
Requests: 86 HTTP requests in this frame

Frame: https://cds.connatix.com/p/377483/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Frame ID: 4BC9C20E4B48F91F932697EB94818BF8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.sign-xfinityaccountupdateipxahiz.duckdns.org/ HTTP 307
    https://thenewstribune.com/ HTTP 301
    https://www.thenewstribune.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

114
Requests

82 %
HTTPS

35 %
IPv6

17
Domains

30
Subdomains

16
IPs

3
Countries

3197 kB
Transfer

6045 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.sign-xfinityaccountupdateipxahiz.duckdns.org/ HTTP 307
    https://thenewstribune.com/ HTTP 301
    https://www.thenewstribune.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a HTTP 302
  • https://cds.connatix.com/p/377483/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Request Chain 85
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thenewstribune.com/
Redirect Chain
  • https://www.sign-xfinityaccountupdateipxahiz.duckdns.org/
  • https://thenewstribune.com/
  • https://www.thenewstribune.com/
190 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
da79f7378503680ce10ad97633a64bf4af331527c1a04fe3542ebebe018741f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
21811
content-type
text/html;charset=utf-8
date
Tue, 14 Nov 2023 21:28:51 GMT
etag
W/"2f81b-T9zy41tuL7G36nqk486dmHHj9dg"
expires
Tue, 14 Nov 2023 21:28:51 GMT
last-modified
Tue, 14 Nov 2023 21:28:32 GMT
mi-api
WPS
mi-cache
HIT
mi-cache-age
19
pragma
no-cache
server
MI
server-timing
ak_p; desc="1699997331743_34831240_51352027_13735_10838_9_28_255";dur=1
surrogate-control
varnish=ESI/2.1
vary
Accept-Encoding
x-akamai-transformed
9 21616 0 pmb=mTOE,4
x-mi-in-market
0
x-proxy-forwarding-type
BlackList
x-varnish
815763161, 949223733 947782285

Redirect headers

Connection
Keep-Alive
Content-Length
239
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 14 Nov 2023 21:28:51 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.thenewstribune.com/
Server
Apache
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e7de2ef3ff2b3fd17fb01947fbeb17684ad45563cdeeebf8d78fac23d3100cc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 21:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 21:28:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 21:28:51 GMT
mi-styles.a947d33a8bcded9edba0.css
www.thenewstribune.com/wps/build/webpack/css/ 		221 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.a947d33a8bcded9edba0.css
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
f45f2ccb32edf33fed7207e1ba9d10f03ad0df58ee6e8d4d2f604d6875d9f266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
993
server-timing
ak_p; desc="1699997332042_34831240_51352324_2447_7617_9_0_255";dur=1
content-length
47438
last-modified
Fri, 03 Nov 2023 13:02:57 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
W/"37585-18b95478fe8"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
33989675, 406719604 407078075
content-type
text/css;charset=UTF-8
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=378779
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
thenewstribunecore.js
www.thenewstribune.com/-oiyszlbno/ 		322 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
563f451e52ec673ea0c66a892ebf753775985470847aee48be950196b011bb1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
72
server-timing
ak_p; desc="1699997332042_34831240_51352325_3368_7428_9_0_219";dur=1
content-length
90235
last-modified
Tue, 14 Nov 2023 17:27:31 GMT
server
MI
etag
W/"5060b-60a2019f546c0"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
314476121 317490692
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=192
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
vendor.bundle-e8bf89b42a8198ff411c.js
www.thenewstribune.com/wps/build/webpack/ 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-e8bf89b42a8198ff411c.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
26267
server-timing
ak_p; desc="1699997332053_34831240_51352326_4132_7404_9_0_219";dur=1
content-length
34371
last-modified
Fri, 03 Nov 2023 13:02:49 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
W/"18ca4-18b954770a8"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
669150995, 372408774 251822207
content-type
application/javascript;charset=UTF-8
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=45584
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
style.css
mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/ 		272 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/style.css
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.102.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 21:28:53 GMT
Last-Modified
Wed, 10 May 2023 23:40:01 GMT
Server
AmazonS3
x-amz-request-id
4QNQ82NKX0WZJHDC
ETag
"2d39810a5e64f8448f15544f86081077"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
272
x-amz-id-2
YB6120AYdi5GBB2k+iKbzjI6N3nGa8xUG9yvhN8vQmq/Kt+jAQeK2U9/s3ui7Y756dbWTRIiifE=
173813bb
www.thenewstribune.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/akam/13/173813bb
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7cfa7e7c7353752864021902655093fccb3430e570ecc1b8cc774aa81624cf7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
server-timing
ak_p; desc="1699997332287_34831240_51352571_797_5090_15_0_146";dur=1
content-length
8752
pragma
no-cache
last-modified
Wed, 09 Feb 2022 15:05:55 GMT
etag
"99294ac4a1c6fda8ec6c7c79823abb42432191741a104ffea347182799c35156"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Tue, 14 Nov 2023 21:28:52 GMT
logo.svg
www.thenewstribune.com/wps/build/images/thenewstribune/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/wps/build/images/thenewstribune/logo.svg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
b9f65b633a49a499a034c954707d726a90d5571ec8fc571eb7c5e4e59e9b3108

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
77465
server-timing
ak_p; desc="1699997332042_34831240_51352329_2462_7472_9_0_182";dur=1
content-length
4088
last-modified
Fri, 03 Nov 2023 13:02:49 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
W/"2810-18b954770a8"
mi-cache
HIT
vary
Accept-Encoding
x-varnish
673384864, 441255665 140673887
content-type
image/svg+xml;charset=ISO-8859-1
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=79382
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
favicon-96.png
www.thenewstribune.com/wps/build/images/thenewstribune/ 		712 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/wps/build/images/thenewstribune/favicon-96.png
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
949e2886f2710abf4b3f39bc231ce4462d477f62bc6e958ce17804d82e293466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
287560
server-timing
ak_p; desc="1699997332287_34831240_51352572_50_7892_15_0_146";dur=1
content-length
712
last-modified
Fri, 03 Nov 2023 13:02:49 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
W/"2c8-18b954770a8"
mi-cache
HIT
access-control-max-age
86400
x-varnish
986215751, 356066295 900663594
content-type
image/png;charset=ISO-8859-1
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=256665
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
tacoma-puyallup-logo-color-2021-08.svg
media.thenewstribune.com/static/images/logos/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thenewstribune.com/static/images/logos/tacoma-puyallup-logo-color-2021-08.svg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
855b336540e9460f01d5d358d35d24748cbd20db695e0d41f6945cdbef07b7e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:53 GMT
last-modified
Thu, 02 Sep 2021 18:53:17 GMT
server
Apache
etag
"2ba5-5cb07b2251042"
vary
Origin
content-type
image/svg+xml
x-n
S
accept-ranges
bytes
content-length
11173
tacoma-puyallup-favicon-96px-2021-08.svg
media.thenewstribune.com/static/images/logos/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thenewstribune.com/static/images/logos/tacoma-puyallup-favicon-96px-2021-08.svg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
568c451356216bcad0be9a07f979d3a732ddfdad3d31496dfe3385bf321fe4e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:53 GMT
last-modified
Thu, 02 Sep 2021 18:53:17 GMT
server
Apache
etag
"2314-5cb07b2250769"
vary
Origin
content-type
image/svg+xml
x-n
S
accept-ranges
bytes
content-length
8980
tacoma-gateway-logo-color-horizontal-2021-08.svg
media.thenewstribune.com/static/images/logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thenewstribune.com/static/images/logos/tacoma-gateway-logo-color-horizontal-2021-08.svg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4561da777935fa07b41fbb1e3ade995d20c92560e803303f6f7e0d8fec27ff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:54 GMT
last-modified
Thu, 02 Sep 2021 18:53:17 GMT
server
Apache
etag
"1f97-5cb07b224fe46"
vary
Origin
content-type
image/svg+xml
x-n
S
accept-ranges
bytes
content-length
8087
tacoma-gateway-favicon-96px-2021-08.svg
media.thenewstribune.com/static/images/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thenewstribune.com/static/images/logos/tacoma-gateway-favicon-96px-2021-08.svg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ceaccd3394b874684aeb2eb2642b9d244638121c9279cf45ca61b16b0d879b9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:53 GMT
last-modified
Thu, 02 Sep 2021 18:53:17 GMT
server
Apache
etag
"e57-5cb07b224f4a5"
vary
Origin
content-type
image/svg+xml
accept-ranges
bytes
content-length
3671
mastheadPage.bundle-ddbe287a9b8dace82605.js
www.thenewstribune.com/wps/build/webpack/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/wps/build/webpack/mastheadPage.bundle-ddbe287a9b8dace82605.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
69f6a33358785d82a97231190ca795d75759553a1d6a6bad86db8293afc59709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
465
server-timing
ak_p; desc="1699997332287_34831240_51352570_39_7900_15_0_219";dur=1
content-length
32813
last-modified
Fri, 03 Nov 2023 13:02:52 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
W/"16e85-18b95477c60"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
779227010, 157819882 181767636
content-type
application/javascript;charset=UTF-8
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=354773
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
premium-topper.js
www.thenewstribune.com/static/hi/prodx/premium-topper/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
020929acae00877f71f5fa637d16fa92de00c7758b160cf03a8b1f51f5aa52f1

Request headers

Referer
https://www.thenewstribune.com/
Origin
https://www.thenewstribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
191
server-timing
ak_p; desc="1699997332042_34831240_51352327_40819_7538_9_0_219";dur=1
content-length
3053
last-modified
Wed, 01 Mar 2023 20:23:59 GMT
server
MI
etag
W/"2428-5f5dc7dfe95c0"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
952861293, 388007188 391251857
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=292
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
featured-carousel.js
www.thenewstribune.com/static/hi/cards/v1/featured-carousel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/static/hi/cards/v1/featured-carousel/featured-carousel.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
fca5bc67a49af1a6099f7b2f4bf4c07a44679d69b60f3c4c298e24c6b4d8ddb2

Request headers

Referer
https://www.thenewstribune.com/
Origin
https://www.thenewstribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
147
server-timing
ak_p; desc="1699997332042_34831240_51352328_38099_7525_9_0_219";dur=1
content-length
1414
last-modified
Wed, 25 Oct 2023 22:38:26 GMT
server
MI
etag
W/"e92-608921d0e7c80"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
249369070, 1010663474 990676133
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=273
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
videoLoader.bundle-a05db41458cf8626467b.js
www.thenewstribune.com/wps/build/webpack/ 		270 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/wps/build/webpack/videoLoader.bundle-a05db41458cf8626467b.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
5bf23e236fb911d6f963832a7c0f39942e7a79cde90482261d3b6d1bd33e0ead

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
117
server-timing
ak_p; desc="1699997332298_34831240_51352590_87_8630_10_0_146";dur=1
content-length
84379
last-modified
Fri, 03 Nov 2023 09:18:11 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
W/"4374a-18b9479c838"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
885048124, 705758563 689672439
content-type
application/javascript;charset=UTF-8
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=157053
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
0f1a71ab-cb3a-444b-bcf7-b88e3e258e94
https://www.thenewstribune.com/ 		268 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.thenewstribune.com/0f1a71ab-cb3a-444b-bcf7-b88e3e258e94
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b435c23887c894694efce0918537098f98f6c98883e3cbed9235908f94687183

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
268
Content-Type
text/javascript
vendorBundle.5fc8d7266c2a068d7ed3.js
www.thenewstribune.com/-oiyszlbno/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/-oiyszlbno/vendorBundle.5fc8d7266c2a068d7ed3.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ae783103640b0fef281d4e2e24dfe4425f6e8a4f479fe54fd8188a061e8a7416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
343
server-timing
ak_p; desc="1699997332175_34831240_51352465_2018_7481_9_0_219";dur=1
content-length
31171
last-modified
Tue, 14 Nov 2023 17:27:27 GMT
server
MI
etag
W/"15bf5-60a2019b83dc0"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
330303103, 645759327 617910384
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=591057
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
d4557df6-d9c9-4231-83a7-1b8550763948
https://www.thenewstribune.com/ 		268 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.thenewstribune.com/d4557df6-d9c9-4231-83a7-1b8550763948
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af966ad2f6c3d666c3e588c34f0b81be088a7ba2208cd7fc3106cd11e3294e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
268
Content-Type
text/javascript
331bef44-7649-4cba-9267-262ba1aaf43d
https://www.thenewstribune.com/ 		270 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.thenewstribune.com/331bef44-7649-4cba-9267-262ba1aaf43d
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80bff926bd0bf17e96da62fb0d59dbf1fda4d537e24329f4c284440b8fac9d10

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
270
Content-Type
text/javascript
danelei.c005e9e8d121819c10a2.js
www.thenewstribune.com/-oiyszlbno/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/-oiyszlbno/danelei.c005e9e8d121819c10a2.js
Requested by
Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/0f1a71ab-cb3a-444b-bcf7-b88e3e258e94
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ca76cf8aed858f3483b51a715f66ef1c177a551898cb235422ca93217ae5e281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
3
server-timing
ak_p; desc="1699997332300_34831240_51352591_1216_5958_9_0_146";dur=1
content-length
2963
last-modified
Tue, 14 Nov 2023 17:27:27 GMT
server
MI
etag
W/"292b-60a2019b83dc0"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
320635824 330956837
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=590830
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
netdale.2df823ad3330dd7f1722.js
www.thenewstribune.com/-oiyszlbno/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/-oiyszlbno/netdale.2df823ad3330dd7f1722.js
Requested by
Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/d4557df6-d9c9-4231-83a7-1b8550763948
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
abe7ef2d3cde940c95fbeac2647a2a2b418f5d084ce6ed1c35b586f75915ed77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
0
server-timing
ak_p; desc="1699997332299_34831240_51352592_1098_7860_9_0_146";dur=1
content-length
29203
last-modified
Tue, 14 Nov 2023 17:27:27 GMT
server
MI
etag
W/"18bd5-60a2019b83dc0"
vary
Accept-Encoding
mi-cache
MISS
x-varnish
871333961, 332103733
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=590840
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
nextCustom.69f1f27a18f8447df517.js
www.thenewstribune.com/-oiyszlbno/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/-oiyszlbno/nextCustom.69f1f27a18f8447df517.js
Requested by
Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/331bef44-7649-4cba-9267-262ba1aaf43d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
f000bfa61832b7beab13f80abc3b0aa946b3478018c161dc7f93483a492cbe4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
0
server-timing
ak_p; desc="1699997332298_34831240_51352593_1490_8548_9_0_146";dur=1
content-length
4520
last-modified
Tue, 14 Nov 2023 17:27:27 GMT
server
MI
etag
W/"2dde-60a2019b83dc0"
vary
Accept-Encoding
mi-cache
MISS
x-varnish
317262164, 862193937
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=590834
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
httpapi
api2.amplitude.com/2/ 		94 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.180.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-180-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a88b890f285964941009eb7d74c460f059d2c1acf52613f8197a716bb9a12ffc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://www.thenewstribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
trace-id
Root=1-6553e694-4f624b576911d73950cf7ea7
content-length
94
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.180.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-180-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 14 Nov 2023 21:28:52 GMT
strict-transport-security
max-age=15768000
userprofile
profile-api.amplitude.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&comp_id=apflrqef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.thenewstribune.com
access-control-max-age
1800
date
Tue, 14 Nov 2023 21:28:52 GMT
server
Jetty(9.4.40.v20210413)
vary
Origin
x-amzn-trace-id
Root=1-6553e694-5b22fd565f0b6f9f1c108c08
x-content-type-options
nosniff
vardata
api.lab.amplitude.com/sdk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.thenewstribune.com
access-control-max-age
1800
age
2810
cache-control
no-store
content-length
0
date
Tue, 14 Nov 2023 21:28:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id
Root=1-6553db9a-7521e5e85babcfc925d22a4e
x-cache
HIT
x-cache-hits
378
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1699997332.241261,VS0,VE0
userprofile
profile-api.amplitude.com/v1/ 		331 B
600 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&comp_id=apflrqef
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
8e235a199a1f8a90513cf1c356a57e5351a7820fe3bc16cbcebb3e9cea1bdbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thenewstribune.com/
accept-language
de-DE,de;q=0.9
Authorization
Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-content-type-options
nosniff
server
Jetty(9.4.40.v20210413)
x-amzn-trace-id
Root=1-6553e694-3d31405a0ff0f93860aa54d1
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
access-control-allow-credentials
true
content-length
331
vardata
api.lab.amplitude.com/sdk/ 		374 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa6bdf39c00b48ac3aa30765773e116d6f9a3997cf6de45978db04f4611348e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys
WyJzb3BoaS10ZXN0LWdyb3VwLXRpZXItMiJd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Authorization
Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjQiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTkiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IiIsImRldmljZV9pZCI6Ijk4NzNjYjYwLTZkZTQtNDM0OS1hY2MzLWExYTYxYWE1NmY5OSIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xMjMgU2FmYXJpLzUzNy4zNiIsImZsYWdfa2V5Ijoic29waGktdGVzdC1ncm91cC10aWVyLTIiLCJkYXRlIjoiMjAyMy0xMS0xNCJ9fQ

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
x-cache
MISS
content-length
263
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1699997332.248895,VS0,VE294
x-amzn-trace-id
Root=1-6553e694-1a97e1ac253cf8dc320a7246
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
modal-v3.0.2.js
www.thenewstribune.com/-oiyszlbno/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/-oiyszlbno/js/modal-v3.0.2.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
337
server-timing
ak_p; desc="1699997332222_34831240_51352514_61_7720_10_0_219";dur=1
content-length
2103
last-modified
Thu, 09 Nov 2023 12:41:20 GMT
server
MI
etag
W/"1b3d-609b78547bc00"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
901088766 909444384
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=419192
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz
flowerstreatment.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e2b2fe758e81c7e170c066469227ba7ca7f19187ece8237fb0691131e3141601
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Tue, 14 Nov 2023 21:28:52 GMT
x-datacenter
gce-europe-west1
etag
"737443e42cc37b14490a85682e18d583b89117c0c94472072b1956c92790ade4"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-z5cq
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1052555292
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
connatix.player.dc.js
cds.connatix.com/p/377483/ Frame 4BC9
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
  • https://cds.connatix.com/p/377483/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
1 MB
296 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/377483/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a079d92879715bc2b7600b4a24f4b249d79350545cdbd1a778c980fd1610d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-amz-version-id
JPsBCYYCzwK9iRSF1pyuy5af1TwQtWHS
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Nov 2023 15:57:38 GMT
server
cloudflare
etag
W/"0970b051daa58976393b14290ef94a78"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
826258bfdeb72c35-FRA
access-control-allow-headers
range
expires
Wed, 13 Nov 2024 21:28:52 GMT

Redirect headers

date
Tue, 14 Nov 2023 21:28:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/377483/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
826258bf1df22c35-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v32/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v32/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thenewstribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:45:39 GMT
x-content-type-options
nosniff
age
110593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14100
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 20:55:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 14:45:39 GMT
ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thenewstribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 04:53:16 GMT
x-content-type-options
nosniff
age
59736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43212
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 00:59:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 04:53:16 GMT
wxicons-blk-1.svg
www.thenewstribune.com/wps/source/images/widgets/weather/wxicons-blk/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/wps/source/images/widgets/weather/wxicons-blk/wxicons-blk-1.svg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
aa3345ec043f528c91a23a7dd57d53162321028618998eacc882214fada763d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
61496
server-timing
ak_p; desc="1699997332357_34831240_51352653_1419_8790_9_0_219";dur=1
content-length
368
last-modified
Fri, 03 Nov 2023 12:48:30 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
W/"411-18b953a5530"
mi-cache
HIT
vary
Accept-Encoding
x-varnish
43459442, 144474411 88416318
content-type
image/svg+xml;charset=ISO-8859-1
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=507209
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v32/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v32/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thenewstribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 21:11:22 GMT
x-content-type-options
nosniff
age
433050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14256
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 20:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 21:11:22 GMT
02DanteRobinsonColdCase.jpg
www.thenewstribune.com/latest-news/d486e6/picture281809608/alternates/LANDSCAPE_768/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/d486e6/picture281809608/alternates/LANDSCAPE_768/02DanteRobinsonColdCase.jpg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
67c5e297a60166e8f4a8fbcfb519388fc828bd002c47c6d75cef72710bbf0484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
56
server-timing
ak_p; desc="1699997332422_34831240_51352723_87_9036_9_0_146";dur=1
content-length
52615
last-modified
Mon, 13 Nov 2023 21:26:56 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"084707cfa8c7513f6deb3a0692da7873"
mi-cache
HIT
access-control-max-age
86400
x-varnish
589891849, 246165259 273783609
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=574397
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
1_th.jpg
img.connatix.com/6b1c2b91-2b2d-42a5-9998-3b8ae61e12dd/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/6b1c2b91-2b2d-42a5-9998-3b8ae61e12dd/1_th.jpg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3324c64b9a96453cec4e83e2b4b717deb4295e92725283153102ebb34898bbe5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
79276
cf-resized
internal=ok/h q=0 n=37+0 c=11+252 v=2023.9.8 l=79276
last-modified
Mon, 13 Nov 2023 21:12:36 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfao6QRZAtPa7zKJ06ZV8Z22tysZ7-Tzt04sSdBa-5DQ:27f33f1c56b164a158fc365965f970bb"
vary
Accept, Accept-Encoding
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
826258bfbe952c35-FRA
access-control-allow-headers
range
peckathleticconcept.png
www.thenewstribune.com/latest-news/ixvud/picture281804523/alternates/LANDSCAPE_768/ 		583 KB
584 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/ixvud/picture281804523/alternates/LANDSCAPE_768/peckathleticconcept.png
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
c4b2f8a341bacba18ea9efdbc2c3d2c3a957572c9bc8ff96ab1445db62584b59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
388
server-timing
ak_p; desc="1699997332422_34831240_51352724_109_8936_9_0_146";dur=1
content-length
597108
last-modified
Mon, 13 Nov 2023 19:49:57 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"97f93626cba163d2ceffcfc7a4dc3f1a"
mi-cache
HIT
access-control-max-age
86400
x-varnish
34932286, 658703395 643631326
content-type
image/png
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=515050
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
02Flex.jpg
www.thenewstribune.com/latest-news/k8ugex/picture281356013/alternates/LANDSCAPE_768/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/k8ugex/picture281356013/alternates/LANDSCAPE_768/02Flex.jpg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
7e6cb9b7efa7e57f942fc17e60c43cbf7c2c7f03a3fc94eb929e3e1faa08d3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
387
server-timing
ak_p; desc="1699997332422_34831240_51352725_97_8943_9_0_146";dur=1
content-length
54412
last-modified
Thu, 02 Nov 2023 18:54:19 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"90441e66f4f2c805c000d6454007c99e"
mi-cache
HIT
access-control-max-age
86400
x-varnish
1043661802 1024504830
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=491044
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
BH%20Stock%20Left%20Turn%20Getty.jpg
www.bellinghamherald.com/latest-news/uhcsuz/picture252197803/alternates/LANDSCAPE_768/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellinghamherald.com/latest-news/uhcsuz/picture252197803/alternates/LANDSCAPE_768/BH%20Stock%20Left%20Turn%20Getty.jpg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
d5bf09202a93cf3845c80348bcb577496ce8fff47394a44e7bb5aa7e6b486d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
750
server-timing
cdn-cache; desc=HIT, edge; dur=17, ak_p; desc="1699997332422_34831240_51352734_1825_8703_9_0_146";dur=1
content-length
19572
last-modified
Fri, 18 Jun 2021 01:41:41 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"920bb89b100338445cb51e422a48f682"
mi-cache
HIT
access-control-max-age
86400
x-varnish
960563095, 785776989 734075761
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=174992
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
06DevonForehandXavierAhrensJeremeScottJrGregoryKeownRobbyLavatai.jpg
www.thenewstribune.com/latest-news/7yjpo0/picture281727158/alternates/LANDSCAPE_768/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/7yjpo0/picture281727158/alternates/LANDSCAPE_768/06DevonForehandXavierAhrensJeremeScottJrGregoryKeownRobbyLavatai.jpg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
449273ffdef7cb7215c20bc3660c4826dc982985cba34efb38cfd5b77bae7ee1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
1746
server-timing
ak_p; desc="1699997332426_34831240_51352726_651_9558_9_0_146";dur=1
content-length
57723
last-modified
Sat, 11 Nov 2023 08:12:21 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"9b34d1636c608aab932e134f205f3ed6"
mi-cache
HIT
access-control-max-age
86400
x-varnish
382918650 416683666
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=489603
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
1_th.jpg
img.connatix.com/393d43f3-b95d-4e21-b224-5816718aea0f/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/393d43f3-b95d-4e21-b224-5816718aea0f/1_th.jpg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b83e0ce15e07a2eaa30fe25661bfb19b0ab4ab3d1704c083c11fd9d46801f552
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
144214
cf-resized
internal=ok/h q=0 n=23+0 c=15+350 v=2023.9.8 l=144214
last-modified
Mon, 13 Nov 2023 02:05:05 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cfnUgqvhap82a5zbVDDsq_RZIFsZ7-Tzt04sSdBa-5DQ:49662c4562061076384756f8bc77f92e"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 66682B smaller"
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
826258bfbe972c35-FRA
access-control-allow-headers
range
priority
u=1;i=?0,cf-chb=(194;u=4;i=?0 46175;u=5;i 119812;u=6;i=?0)
ea03e1ee-d4d6-4026-94c9-5ac616b5f29f
www.mcclatchy-wires.com/incoming/mhw14b/picture281495493/alternates/LANDSCAPE_768/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mcclatchy-wires.com/incoming/mhw14b/picture281495493/alternates/LANDSCAPE_768/ea03e1ee-d4d6-4026-94c9-5ac616b5f29f
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
7f0b2b6fda01e3865c53e3e228df2a75eb94da7417ee8d0ad256cefbbbdfba87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
31
server-timing
ak_p; desc="1699997332508_34831240_51352825_35281_8871_9_0_146";dur=1
content-length
36583
last-modified
Tue, 14 Nov 2023 21:27:00 GMT
x-proxy-forwarding-type
WhiteList
server
MI
etag
"7eaee187ec0f84555d501f29836bd01b"
mi-cache
HIT
access-control-max-age
86400
x-varnish
413533371, 924194588 944147148
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=604800
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
277a6e94-5322-411f-a675-d37d80011ba8
www.mcclatchy-wires.com/incoming/6j6zl4/picture281857843/alternates/LANDSCAPE_768/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mcclatchy-wires.com/incoming/6j6zl4/picture281857843/alternates/LANDSCAPE_768/277a6e94-5322-411f-a675-d37d80011ba8
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
7404ed0d50e79dd60f5663a6c909bf7defb97ab0b43f0632f601e93fd6967f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
158
server-timing
ak_p; desc="1699997332508_34831240_51352826_2135_8863_10_0_146";dur=1
content-length
30327
last-modified
Tue, 14 Nov 2023 20:47:06 GMT
x-proxy-forwarding-type
WhiteList
server
MI
etag
"42031e2a9dfcac5195e5f7b6b3d83f8d"
mi-cache
HIT
access-control-max-age
86400
x-varnish
671748884 683970037
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=602616
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
black-friday-photography-bundle1%20(1)_fitted.png
www.mcclatchy-partners.com/incoming/s6w25z/picture281847148/alternates/LANDSCAPE_768/ 		437 KB
437 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mcclatchy-partners.com/incoming/s6w25z/picture281847148/alternates/LANDSCAPE_768/black-friday-photography-bundle1%20(1)_fitted.png
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
138bc83ae236acea75cb990e66e458b5e8814d0f2e8bcec5133255421e84f9ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
207
server-timing
ak_p; desc="1699997332922_34831240_51353257_3095_8294_9_0_146";dur=1
content-length
447173
last-modified
Tue, 14 Nov 2023 17:43:22 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"b6bde9a4cbdb8ab89059ea2a11509645"
mi-cache
HIT
access-control-max-age
86400
x-varnish
332074564, 652575382 646679174
content-type
image/png
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=592912
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
Hi_j0049_4.JPG
www.thenewstribune.com/latest-news/y1gyux/picture226939819/alternates/LANDSCAPE_768/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/y1gyux/picture226939819/alternates/LANDSCAPE_768/Hi_j0049_4.JPG
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
384b40e7ee06437e7e287e5abed90881d74eb28b569a2fb2f22dbf5dd0ed9546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
30
server-timing
ak_p; desc="1699997332422_34831240_51352727_105_8869_9_0_146";dur=1
content-length
32546
last-modified
Thu, 28 Feb 2019 20:51:17 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"6dcdf371cc651169ef30288de8f7f554"
mi-cache
HIT
access-control-max-age
86400
x-varnish
421437354 434179755
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=401595
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
wsp_chase1110.png
www.thenewstribune.com/latest-news/koykg0/picture281723718/alternates/LANDSCAPE_768/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/koykg0/picture281723718/alternates/LANDSCAPE_768/wsp_chase1110.png
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
cb2f6d800163b3fede82ffa5e22ea193faa40031c27089cadd2b801f410f028a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
0
server-timing
ak_p; desc="1699997332424_34831240_51352728_408_8678_9_0_146";dur=1
content-length
55602
last-modified
Sat, 11 Nov 2023 03:46:33 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"6c35c133a07a595e6d078a0b7b7e0685"
mi-cache
MISS
access-control-max-age
86400
x-varnish
71606627, 417761788
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=281965
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
Tacoma%20School%20District%20administration%20building.jpg
www.thenewstribune.com/latest-news/s71qu5/picture237082904/alternates/LANDSCAPE_768/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/s71qu5/picture237082904/alternates/LANDSCAPE_768/Tacoma%20School%20District%20administration%20building.jpg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
457c0a075d640c9e798de090cecd9a1ca5f6fb873d2e9ec0c46aef26a7e644a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
460534
server-timing
ak_p; desc="1699997332426_34831240_51352729_699_9194_9_0_146";dur=1
content-length
71075
last-modified
Mon, 24 Apr 2023 20:17:20 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"7329a5ea32efaf5b42fa5667f83f9a0c"
mi-cache
HIT
access-control-max-age
86400
x-varnish
505781448, 152275907 63013123
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=9068
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
230928%20bh%20hsfb%20GK%20vs%20Sumner_669.JPG
www.thenewstribune.com/latest-news/oyt89s/picture279907594/alternates/LANDSCAPE_768/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/oyt89s/picture279907594/alternates/LANDSCAPE_768/230928%20bh%20hsfb%20GK%20vs%20Sumner_669.JPG
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
9f551f00baf7bbd76a9798d9873b41b68fe354ce227373649c17f30ba5603678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
9829
server-timing
ak_p; desc="1699997332428_34831240_51352730_878_10709_9_0_146";dur=1
content-length
45642
last-modified
Thu, 09 Nov 2023 19:47:37 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"a42d8e30f1e458422908450192e74fb0"
mi-cache
HIT
access-control-max-age
86400
x-varnish
984592333 947675008
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=238529
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
231113%20bh%20TPD%20Ellis%20Trial%20Arbenz%2040.JPG
www.thenewstribune.com/latest-news/c0x77r/picture281808838/alternates/LANDSCAPE_768/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/c0x77r/picture281808838/alternates/LANDSCAPE_768/231113%20bh%20TPD%20Ellis%20Trial%20Arbenz%2040.JPG
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
9afa8767feaadb1bd8a75a3bbcd5cdef2b955be465104890802ff79abc23b9e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
962
server-timing
ak_p; desc="1699997332423_34831240_51352731_135_8633_9_0_146";dur=1
content-length
39654
last-modified
Tue, 14 Nov 2023 01:23:21 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"9bdaafef17733cac90311c34c1569ab6"
mi-cache
HIT
access-control-max-age
86400
x-varnish
218306302 213357518
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=533478
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
220412%20pc%20wx%20stormy%20downtown%20tacoma_1.JPG
www.thenewstribune.com/latest-news/9mkzvk/picture260383697/alternates/LANDSCAPE_768/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/9mkzvk/picture260383697/alternates/LANDSCAPE_768/220412%20pc%20wx%20stormy%20downtown%20tacoma_1.JPG
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
c1eb665caecaf2df2837a83f4ef16316fb40766d620de247779adc5658afb870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
348
server-timing
ak_p; desc="1699997332422_34831240_51352732_121_8744_9_0_146";dur=1
content-length
41092
last-modified
Wed, 13 Apr 2022 17:36:26 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"98a1bdce50f6e79138e75d62a5a9b6f1"
mi-cache
HIT
access-control-max-age
86400
x-varnish
689209501 683905796
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=603606
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
1_th.jpg
img.connatix.com/822e7e0c-5716-49d0-867b-2b635f6d82bb/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/822e7e0c-5716-49d0-867b-2b635f6d82bb/1_th.jpg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f9a5ddfc7af46fd681e14a203899a719059f16dfc7f24fad7a89f088023e64
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
121149
cf-resized
internal=ok/h q=0 n=25+0 c=11+277 v=2023.9.8 l=121149
last-modified
Mon, 13 Nov 2023 23:38:05 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cf3Y3X0PbGFScJPJu-bzzvDglVsZ7-Tzt04sSdBa-5DQ:c9650157e21fef8544c9303557fcd8c1"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 56151B smaller"
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
826258bfbe962c35-FRA
access-control-allow-headers
range
priority
u=1;i=?0,cf-chb=(194;u=4;i=?0 40968;u=5;i=?0 98574;u=6;i=?0)
vote%20by%20foot.jpg
www.thenewstribune.com/latest-news/39zcjg/picture237049184/alternates/LANDSCAPE_768/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thenewstribune.com/latest-news/39zcjg/picture237049184/alternates/LANDSCAPE_768/vote%20by%20foot.jpg
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
1c34c1766345e28fdb577f10c567312a2325c25d038839c2ad6198e136bd774e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
208
server-timing
ak_p; desc="1699997332422_34831240_51352733_119_8739_9_0_146";dur=1
content-length
55453
last-modified
Mon, 24 Oct 2022 22:39:14 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"f0f402878596a1df601fbfa43395b536"
mi-cache
HIT
access-control-max-age
86400
x-varnish
837354610 796534413
content-type
image/jpeg
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=471805
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
abe6adc5-d2e0-4e67-8e52-c8c7ae831c52
https://www.thenewstribune.com/ 		270 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.thenewstribune.com/abe6adc5-d2e0-4e67-8e52-c8c7ae831c52
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad5ae4c6b97938ad155b618094a1e4bb2291f95a88fea30fc83baeea967c14cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
270
Content-Type
text/javascript
userprofile
profile-api.amplitude.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&get_amp_props=true&get_cohort_ids=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.thenewstribune.com
access-control-max-age
1800
date
Tue, 14 Nov 2023 21:28:52 GMT
server
Jetty(9.4.40.v20210413)
vary
Origin
x-amzn-trace-id
Root=1-6553e694-108f11361069012c7de63e42
x-content-type-options
nosniff
userprofile
profile-api.amplitude.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&get_amp_props=true&get_cohort_ids=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.thenewstribune.com
access-control-max-age
1800
date
Tue, 14 Nov 2023 21:28:52 GMT
server
Jetty(9.4.40.v20210413)
vary
Origin
x-amzn-trace-id
Root=1-6553e694-5892bbd60c88cd002395baef
x-content-type-options
nosniff
userprofile
profile-api.amplitude.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&get_amp_props=true&get_cohort_ids=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.thenewstribune.com
access-control-max-age
1800
date
Tue, 14 Nov 2023 21:28:52 GMT
server
Jetty(9.4.40.v20210413)
vary
Origin
x-amzn-trace-id
Root=1-6553e694-3c7174b21f56560f02dab150
x-content-type-options
nosniff
ad0fb5f9-0a07-4e7f-bcab-d1e84887ff01
https://www.thenewstribune.com/ 		270 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.thenewstribune.com/ad0fb5f9-0a07-4e7f-bcab-d1e84887ff01
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0df336e99c1d16170378d9d02260be6c55e313fc6dbef61418c743361dafd74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
270
Content-Type
text/javascript
03c7de5d-443a-438e-90fa-54f092101afe
https://www.thenewstribune.com/ 		270 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.thenewstribune.com/03c7de5d-443a-438e-90fa-54f092101afe
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e85e8ef53515fc413458b31793b5bbc054d81df21adce6adabd6ee0c700c62d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
270
Content-Type
text/javascript
userprofile
profile-api.amplitude.com/v1/ 		191 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&get_amp_props=true&get_cohort_ids=true
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
d4922a5e0e6e3a16867f756c12667e531b11dd372553ea04896e5673c849201a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thenewstribune.com/
accept-language
de-DE,de;q=0.9
Authorization
Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Jetty(9.4.40.v20210413)
x-amzn-trace-id
Root=1-6553e694-63fee04c0dcd19d44a9076fb
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
access-control-allow-credentials
true
userprofile
profile-api.amplitude.com/v1/ 		191 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&get_amp_props=true&get_cohort_ids=true
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
d4922a5e0e6e3a16867f756c12667e531b11dd372553ea04896e5673c849201a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thenewstribune.com/
accept-language
de-DE,de;q=0.9
Authorization
Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Jetty(9.4.40.v20210413)
x-amzn-trace-id
Root=1-6553e694-2a558c156558730d7de95bbf
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
access-control-allow-credentials
true
userprofile
profile-api.amplitude.com/v1/ 		191 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&get_amp_props=true&get_cohort_ids=true
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
d4922a5e0e6e3a16867f756c12667e531b11dd372553ea04896e5673c849201a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thenewstribune.com/
accept-language
de-DE,de;q=0.9
Authorization
Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Jetty(9.4.40.v20210413)
x-amzn-trace-id
Root=1-6553e694-4085cd053c0dcb807cb19898
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
access-control-allow-credentials
true
userprofile
profile-api.amplitude.com/v1/ 		191 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&get_amp_props=true&get_cohort_ids=true
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
d4922a5e0e6e3a16867f756c12667e531b11dd372553ea04896e5673c849201a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thenewstribune.com/
accept-language
de-DE,de;q=0.9
Authorization
Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Jetty(9.4.40.v20210413)
x-amzn-trace-id
Root=1-6553e694-532047b4432eb2fb209d71e0
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
access-control-allow-credentials
true
userprofile
profile-api.amplitude.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&get_amp_props=true&get_cohort_ids=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.113.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-113-203.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.40.v20210413) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.thenewstribune.com
access-control-max-age
1800
date
Tue, 14 Nov 2023 21:28:52 GMT
server
Jetty(9.4.40.v20210413)
vary
Origin
x-amzn-trace-id
Root=1-6553e694-1864c766296c044408d37421
x-content-type-options
nosniff
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_7396850
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 17:45:23 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
5283810
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
W2Sh8M0NX-v8oxvMk44P2kDjX9SS-z11ws7KprFofgeiWHMYJYFgrg==
si
capi.connatix.com/tr/ 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=45fdac0d-132d-416d-9337-6dc76d9a7ac7&cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
826258c02f0c2c35-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
fontawesome-webfont.woff2
www.thenewstribune.com/wps/source/sass/main/fonts/font-awesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.a947d33a8bcded9edba0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Referer
https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.a947d33a8bcded9edba0.css
Origin
https://www.thenewstribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
4708
server-timing
ak_p; desc="1699997332494_34831240_51352805_38682_9689_9_0_255";dur=1
content-length
56780
last-modified
Fri, 03 Nov 2023 12:48:30 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
W/"ddcc-18b953a5530"
mi-cache
HIT
access-control-max-age
86400
x-varnish
647033595, 578060476 508660464
content-type
font/woff2;charset=ISO-8859-1
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=180
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
naeliya.84a99f882cf1876769db.js
www.thenewstribune.com/-oiyszlbno/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/-oiyszlbno/naeliya.84a99f882cf1876769db.js
Requested by
Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/abe6adc5-d2e0-4e67-8e52-c8c7ae831c52
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
64d1b5b582ea62eea3e88619e7a3bb9a26e03c654d705aa0c374e30a57ae4fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
67
server-timing
ak_p; desc="1699997332520_34831240_51352834_1810_8769_10_0_146";dur=1
content-length
1145
last-modified
Tue, 14 Nov 2023 17:27:27 GMT
server
MI
etag
W/"b8d-60a2019b83dc0"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
874381364 876249114
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=590765
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
get
vi.ml314.com/ 		264 B
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vi.ml314.com/get?eid=88280&tk=Sd8Lhw2fKivbawYXOa0sKaCgKxoI2fc6Kjw9Z4GOBSB2s3d&fp=
Requested by
Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/ad0fb5f9-0a07-4e7f-bcab-d1e84887ff01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
135.104.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
via
1.1 google
date
Tue, 14 Nov 2023 21:28:52 GMT
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript
cache-control
private,max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sponsored.0a1e2b57539f26526e0e.js
www.thenewstribune.com/-oiyszlbno/ 		1 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/-oiyszlbno/sponsored.0a1e2b57539f26526e0e.js
Requested by
Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/03c7de5d-443a-438e-90fa-54f092101afe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
6ed64cc766d99ea4091ec21b7db529c919122df7512e402754534d0ab210269e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
2422
server-timing
ak_p; desc="1699997332541_34831240_51352849_7760_7922_9_0_146";dur=1
content-length
521
last-modified
Tue, 14 Nov 2023 17:27:27 GMT
server
MI
etag
W/"487-60a2019b83dc0"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
338985911 330399777
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=593120
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
base-card.js
www.thenewstribune.com/static/hi/cards/v1/base-card/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/static/hi/cards/v1/base-card/base-card.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
1d310979570a2f21ee40c598a02cfc0b2c823c533d68e22110e9ab18bb0226f3

Request headers

Referer
https://www.thenewstribune.com/static/hi/cards/v1/featured-carousel/featured-carousel.js
Origin
https://www.thenewstribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
115
server-timing
ak_p; desc="1699997332530_34831240_51352850_35245_8156_9_0_219";dur=1
content-length
824
last-modified
Thu, 18 May 2023 16:47:03 GMT
server
MI
etag
"703-5fbfa8dcd6fc0"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
828342900, 93234012 102043936
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=300
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
enhancements.js
www.thenewstribune.com/static/hi/themes/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/static/hi/themes/enhancements.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
3871b068c6701fa8f67906f9cb2026817d56da6b926daba22590fe6ee9bedfbd

Request headers

Referer
https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Origin
https://www.thenewstribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
307
server-timing
ak_p; desc="1699997332543_34831240_51352851_38408_10022_9_0_219";dur=1
content-length
2338
last-modified
Mon, 27 Feb 2023 16:55:24 GMT
server
MI
etag
W/"1a11-5f5b1585c1700"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
14188553, 801571856 807338729
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=300
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
exclusive-card.js
www.thenewstribune.com/static/hi/prodx/premium-topper/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/static/hi/prodx/premium-topper/exclusive-card.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
18e07d2e805871c64b625eb03c950fc77cbbdb707a26493fce307d39f4571524

Request headers

Referer
https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Origin
https://www.thenewstribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
gzip
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
296
server-timing
ak_p; desc="1699997332530_34831240_51352852_34903_8158_9_0_219";dur=1
content-length
752
last-modified
Fri, 06 May 2022 19:44:44 GMT
server
MI
etag
W/"688-5de5d17130300"
vary
Accept-Encoding
mi-cache
HIT
x-varnish
147263271, 464323733 439126256
content-type
application/javascript
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=300
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-headers
*
cSyncRemoteEntry.js
cds.connatix.com/p/377483/ Frame 4BC9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/377483/cSyncRemoteEntry.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-amz-version-id
156NfHA44lY8pZrLaQ05EXeBS8DFJhsF
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Nov 2023 15:57:42 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
826258c0efe52c35-FRA
access-control-allow-headers
range
expires
Wed, 13 Nov 2024 21:28:52 GMT
hls.1.3.4.js
cds.connatix.com/a/ 		263 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/a/hls.1.3.4.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-amz-version-id
08mQY6.qD2K9uG9Q090ZpTuzVoe6eKbG
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 30 May 2023 13:03:31 GMT
server
cloudflare
etag
W/"2065fde20cf0becb2eb29a9fa8b9936f"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
826258c0efe62c35-FRA
access-control-allow-headers
range
expires
Wed, 13 Nov 2024 21:28:52 GMT
player.css
cds.connatix.com/p/377483/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/377483/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d73606583c8e2ee4ed7904fec49734d6138cf4b310c22c2049ec7b63556a1dd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-amz-version-id
mpoo8GU8fYRXxh7__Ub4N15ES_7ZSvoj
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Nov 2023 15:57:39 GMT
server
cloudflare
etag
W/"24ebc8ae1a448c0f1b8f4b4d7b572438"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
826258c0efe72c35-FRA
access-control-allow-headers
range
expires
Wed, 13 Nov 2024 21:28:52 GMT
httpapi
api2.amplitude.com/2/ 		94 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.180.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-180-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
46f87da86ef9e90a73ab3602aad055699f099854cc52677f14bc3ee5ad4d21f8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://www.thenewstribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
trace-id
Root=1-6553e694-7b7db86103edf5de4ce8e9a3
content-length
94
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.180.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-180-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 14 Nov 2023 21:28:52 GMT
strict-transport-security
max-age=15768000
a05c9825-2404-4069-a1b7-658e76ec51eb
https://www.thenewstribune.com/ 		270 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.thenewstribune.com/a05c9825-2404-4069-a1b7-658e76ec51eb
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34638cf03a942f139d7bf9198f273b8917265cc7d726ab18cfe5800a98ca9364

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
270
Content-Type
text/javascript
load.js
s.ntv.io/serve/ 		619 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/a05c9825-2404-4069-a1b7-658e76ec51eb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.28.80 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-28-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
24ef8028a7a18ced624a26872abdfbf2694fcd27cb429223d2e88e857c4615ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 21:28:52 GMT
Content-Encoding
gzip
x-amz-request-id
CZRNAQ8R8HMYEM6G
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
DTN4Vvv/n7FAZr1wV4BJBT5of/wjDeOYaGNjCp7NDcFmaGz8dq6Ve5MbUY/lcc4hKV3+AqThCg0=
Last-Modified
Tue, 14 Nov 2023 03:01:54 GMT
Server
AmazonS3
ETag
"12a311bdb66adc4d82bb22299b676489"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
952.js
cds.connatix.com/p/377483/ Frame 4BC9 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/377483/952.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/377483/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-amz-version-id
nICIex6UzkgJHfqIJzLVugH97sL.kwk_
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Nov 2023 15:57:42 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
826258c1082a5b44-FRA
access-control-allow-headers
range
expires
Wed, 13 Nov 2024 21:28:52 GMT
402.js
cds.connatix.com/p/377483/ Frame 4BC9 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/377483/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/377483/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1cf560a4e42b1321a32a04030dddb56c511f0e7493718f82cfd1797e5aa9a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
x-amz-version-id
sr3oxSSKDA36_npCvaa8AQciBSHrVMRz
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Nov 2023 15:57:42 GMT
server
cloudflare
etag
W/"04982ce209e45ea5b9d8a2076bc96397"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
826258c1082b5b44-FRA
access-control-allow-headers
range
expires
Wed, 13 Nov 2024 21:28:52 GMT
sync
capi.connatix.com/core/ Frame 4BC9
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0b2c3140a1222ed1192d94f73b307ec99a52ddef5f2d7aec95d12e608423f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thenewstribune.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
826258c1bec14dbe-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 14 Nov 2023 21:28:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
access-control-allow-origin
https://www.thenewstribune.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
826258c158562c35-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
27
alt-svc
h3=":443"; ma=86400
pls
capi.connatix.com/core/ Frame 4BC9 		36 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=377483&cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e912074fcccaff683e465a400b9a08298f25fed104e0cc7b5c2a1604be7e1a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.thenewstribune.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
826258c1586d2c35-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
t
jadserve.postrelease.com/ 		818 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.thenewstribune.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.219.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-219-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8ee311f83e24220465428b5d58aa83d330cb414af3744efdbc0513c3b3bbdc8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 21:28:53 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
387
expires
Mon, 1 Jan 1990 12:00:00 GMT
3a84aef51582611056dec828c201497c20396dac557d2
scissorsstatement.com/submit/dd27c0a/ 		303 B
821 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scissorsstatement.com/submit/dd27c0a/3a84aef51582611056dec828c201497c20396dac557d2
Requested by
Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
510fa6a0473625d1823742d47997b004b2e12eff7e564b0a008bdd55c8f45216
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.thenewstribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 14 Nov 2023 21:28:52 GMT
via
1.1 google
x-buildnumber
1052555292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
x-hostname
fen-hoothoot-europe-west1-z5cq
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 14 Nov 2023 21:28:51 GMT
insights.bin
ins.connatix.com/3adfcf98-38fa-4cd4-ba50-72ad199af1af/5/ Frame 4BC9 		0
0
insights.bin
ins.connatix.com/6b1c2b91-2b2d-42a5-9998-3b8ae61e12dd/9/ Frame 4BC9 		0
0
3_media.bin
vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/822e7e0c-5716-49d0-867b-2b635f6d82bb/ Frame 4BC9 		0
0
blockedDomains_8.bin
lit.connatix.com/08d7c5ed-194d-4552-8a9b-750201d79e22/ Frame 4BC9 		0
0
wps-custom-js.js
assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/ 		1 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/wps-custom-js.js
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fba77aa733c49e480958aa2de564f8fac93c88f092d3c8f288a2e1d33aa59014

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Feb 2023 17:54:25 GMT
server
cloudflare
etag
W/"21fb96e555a9803c998521ed721d0b5f"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
vary
Origin, Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
826258c299942c35-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Nov 2024 21:28:52 GMT
wps-custom-css.css
assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/ 		210 B
273 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/wps-custom-css.css
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7ad52f6852de9481a13b90a5fe61d694f8403bf3154547b8f0b07a44686973d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 17:02:09 GMT
server
cloudflare
etag
W/"02e4633b767f1fbff5c21b6ce2b99233"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
vary
Origin, Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
826258c299932c35-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Nov 2024 21:28:52 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8bb4d432f16fe81e430eb5bb798c7e0e74440444dca1da93934c8886769944b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thenewstribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30664
x-xss-protection
0
server
cafe
etag
266 / 19675 / 31079658 / config-hash: 17831174982284439715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 21:28:52 GMT
5_media.bin
vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/3adfcf98-38fa-4cd4-ba50-72ad199af1af/ Frame 4BC9 		0
0
9_media.bin
vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/6b1c2b91-2b2d-42a5-9998-3b8ae61e12dd/ Frame 4BC9 		0
0
3_media.bin
vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/92daa325-e43e-428d-bbde-ce1e2f0b1280/ Frame 4BC9 		0
0
3_media.bin
vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/1e86b17d-e9a1-4233-a3dd-d154a54d9091/ Frame 4BC9 		0
0
3_media.bin
vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/bdf7432d-e966-4dc9-a248-249fae650b1d/ Frame 4BC9 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4BC9 		0
0
elements.ui.6b396270ed5ff930957f.js
cds.connatix.com/p/377483/ Frame 4BC9 		0
0
/
pl.connatix.com/ Frame 4BC9 		0
0
pixel_173813bb
www.thenewstribune.com/null/akam/13/ 		30 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thenewstribune.com/null/akam/13/pixel_173813bb
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/akam/13/173813bb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-230-25.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
22239bc5d2a6138030a5ba0ef71da27272d0e379e254745c332da9792c875593

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 Nov 2023 21:28:53 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
0
server-timing
ak_p; desc="1699997332951_34831240_51353285_20447_5872_11_0_219";dur=1
content-length
30553
pragma
no-cache
mi-api
WPS
last-modified
Tue, 14 Nov 2023 21:28:53 GMT
x-proxy-forwarding-type
BlackList
server
MI
etag
"7759-NEjvzm3IeceAYgX0oDHKsX3TNJc"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
64130976, 692617371
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
noindex, nofollow
access-control-allow-headers
*
expires
Tue, 14 Nov 2023 21:28:53 GMT
2018e9b98b900a069a6d19a99e5f7cdf752ff8844124e913d6e4
scissorsstatement.com/ 		3 B
75 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scissorsstatement.com/2018e9b98b900a069a6d19a99e5f7cdf752ff8844124e913d6e4
Requested by
Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 14 Nov 2023 21:28:52 GMT
via
1.1 google
x-buildnumber
1052555292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
x-hostname
fen-hoothoot-europe-west1-z5cq
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 14 Nov 2023 21:28:51 GMT
vardata
api.lab.amplitude.com/sdk/ 		2 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
X-Amp-Exp-Flag-Keys
WyIyNGhhcmQtcGF5d2FsbC1leHBlcmltZW50Il0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Authorization
Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjQiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTkiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IiIsImRldmljZV9pZCI6Ijk4NzNjYjYwLTZkZTQtNDM0OS1hY2MzLWExYTYxYWE1NmY5OSIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzEwMSIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJIb21lIiwicGFnZV9uYW1lIjoiSG9tZTpIb21lcGFnZSIsInBhZ2VfcGF0aCI6Ii8iLCJwdWJsaWNhdGlvbl9uYW1lIjoiVGhlIE5ld3MgVHJpYnVuZSIsInJlZmVycmluZ19ob3N0Ijoibm9fcmVmZXJyZXIiLCJzZGtfaW5pdF9zdGF0dXMiOiJzdG9yYWdlIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3LnRoZW5ld3N0cmlidW5lLmNvbSIsInRheG9ub215IjoiX0hvbWVQYWdlfHx8fCIsInVybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJkZXZpY2VfcG1vZGUiOiIxIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiIxNjAweDEyMDAiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTIzIFNhZmFyaS81MzcuMzYiLCJzb3BoaV90ZXN0cyI6W3sidGVzdElkIjoicHc6YXJ0aWNsZTp0ZXN0NF9hYmMiLCJ0ZXN0R3JvdXAiOiJjb250cm9sIn1dLCJmbGFnX2tleSI6IjI0aGFyZC1wYXl3YWxsLWV4cGVyaW1lbnQiLCJkYXRlIjoiMjAyMy0xMS0xNCJ9fQ

Response headers

date
Tue, 14 Nov 2023 21:28:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
0
x-cache
MISS
content-length
2
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1699997333.015909,VS0,VE178
x-amzn-trace-id
Root=1-6553e695-0babecb567bf4f7402fd8a21
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
vardata
api.lab.amplitude.com/sdk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.thenewstribune.com
access-control-max-age
1800
age
2811
cache-control
no-store
content-length
0
date
Tue, 14 Nov 2023 21:28:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id
Root=1-6553db9a-7521e5e85babcfc925d22a4e
x-cache
HIT
x-cache-hits
379
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1699997333.008400,VS0,VE0
privacyConsent
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/privacyConsent?ntv_pl=1092954&ntv_gdpr_consent=&ntv_it
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.219.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-219-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 21:28:53 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
vardata
api.lab.amplitude.com/sdk/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7548edfb8ddfeb16200fa2fa9e9ee158e9178a1793665563c7e4e3e69ec73072
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
Authorization
Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjQiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTkiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IiIsImRldmljZV9pZCI6Ijk4NzNjYjYwLTZkZTQtNDM0OS1hY2MzLWExYTYxYWE1NmY5OSIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzEwMSIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJIb21lIiwicGFnZV9uYW1lIjoiSG9tZTpIb21lcGFnZSIsInBhZ2VfcGF0aCI6Ii8iLCJwdWJsaWNhdGlvbl9uYW1lIjoiVGhlIE5ld3MgVHJpYnVuZSIsInJlZmVycmluZ19ob3N0Ijoibm9fcmVmZXJyZXIiLCJzZGtfaW5pdF9zdGF0dXMiOiJzdG9yYWdlIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3LnRoZW5ld3N0cmlidW5lLmNvbSIsInRheG9ub215IjoiX0hvbWVQYWdlfHx8fCIsInVybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJkZXZpY2VfcG1vZGUiOiIxIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiIxNjAweDEyMDAiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTIzIFNhZmFyaS81MzcuMzYiLCJzb3BoaV90ZXN0cyI6W3sidGVzdElkIjoicHc6YXJ0aWNsZTp0ZXN0NF9hYmMiLCJ0ZXN0R3JvdXAiOiJjb250cm9sIn1dLCJkYXRlIjoiMjAyMy0xMS0xNCJ9fQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
x-cache
MISS
content-length
977
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1699997333.211491,VS0,VE200
x-amzn-trace-id
Root=1-6553e695-485216b0713088d902d6c646
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
httpapi
api2.amplitude.com/2/ 		94 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.180.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-180-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6c393a7d9e8e87cbba101a13f54d1aa59480a83b59b1704e1776bdfea24d2c22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 21:28:53 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
trace-id
Root=1-6553e695-306779603ab34e5a74bb173d
content-length
94
vardata
api.lab.amplitude.com/sdk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.thenewstribune.com
access-control-max-age
1800
age
2811
cache-control
no-store
content-length
0
date
Tue, 14 Nov 2023 21:28:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id
Root=1-6553db9a-7521e5e85babcfc925d22a4e
x-cache
HIT
x-cache-hits
380
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1699997333.203746,VS0,VE0
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.180.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-180-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 14 Nov 2023 21:28:53 GMT
strict-transport-security
max-age=15768000
vardata
api.lab.amplitude.com/sdk/ 		29 B
198 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Requested by
Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/-oiyszlbno/thenewstribunecore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
X-Amp-Exp-Flag-Keys
WyJ6b25lLWNvbnRlbnQiXQ
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Authorization
Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjQiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTkiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IiIsImRldmljZV9pZCI6Ijk4NzNjYjYwLTZkZTQtNDM0OS1hY2MzLWExYTYxYWE1NmY5OSIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzEwMSIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJIb21lIiwicGFnZV9uYW1lIjoiSG9tZTpIb21lcGFnZSIsInBhZ2VfcGF0aCI6Ii8iLCJwdWJsaWNhdGlvbl9uYW1lIjoiVGhlIE5ld3MgVHJpYnVuZSIsInJlZmVycmluZ19ob3N0Ijoibm9fcmVmZXJyZXIiLCJzZGtfaW5pdF9zdGF0dXMiOiJzdG9yYWdlIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3LnRoZW5ld3N0cmlidW5lLmNvbSIsInRheG9ub215IjoiX0hvbWVQYWdlfHx8fCIsInVybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJkZXZpY2VfcG1vZGUiOiIxIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiIxNjAweDEyMDAiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTIzIFNhZmFyaS81MzcuMzYiLCJzb3BoaV90ZXN0cyI6W3sidGVzdElkIjoicHc6YXJ0aWNsZTp0ZXN0NF9hYmMiLCJ0ZXN0R3JvdXAiOiJjb250cm9sIn1dLCJmbGFnX2tleSI6InpvbmUtY29udGVudCIsImRhdGUiOiIyMDIzLTExLTE0In19

Response headers

date
Tue, 14 Nov 2023 21:28:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
x-cache
MISS
content-length
49
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1699997334.457911,VS0,VE185
x-amzn-trace-id
Root=1-6553e696-22219ac708926e711f497d65
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thenewstribune.com
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
vardata
api.lab.amplitude.com/sdk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://www.thenewstribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.thenewstribune.com
access-control-max-age
1800
age
2812
cache-control
no-store
content-length
0
date
Tue, 14 Nov 2023 21:28:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id
Root=1-6553db9a-7521e5e85babcfc925d22a4e
x-cache
HIT
x-cache-hits
382
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1699997334.447879,VS0,VE0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ins.connatix.com
URL
https://ins.connatix.com/3adfcf98-38fa-4cd4-ba50-72ad199af1af/5/insights.bin
Domain
ins.connatix.com
URL
https://ins.connatix.com/6b1c2b91-2b2d-42a5-9998-3b8ae61e12dd/9/insights.bin
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/822e7e0c-5716-49d0-867b-2b635f6d82bb/3_media.bin
Domain
lit.connatix.com
URL
https://lit.connatix.com/08d7c5ed-194d-4552-8a9b-750201d79e22/blockedDomains_8.bin
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/3adfcf98-38fa-4cd4-ba50-72ad199af1af/5_media.bin
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/6b1c2b91-2b2d-42a5-9998-3b8ae61e12dd/9_media.bin
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/92daa325-e43e-428d-bbde-ce1e2f0b1280/3_media.bin
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/1e86b17d-e9a1-4233-a3dd-d154a54d9091/3_media.bin
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-3b27599e-2d5f-4cc8-9dc7-616c94c24871/bdf7432d-e966-4dc9-a248-249fae650b1d/3_media.bin
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/377483/elements.ui.6b396270ed5ff930957f.js
Domain
pl.connatix.com
URL
https://pl.connatix.com/

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| pageInfo object| mistats object| yozonsWebpackJsonp object| regeneratorRuntime object| mi function| admiral object| analyticsConnectorInstances function| $ function| jQuery object| googletag object| Util function| cnx string| bazadebezolkohpepadr object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ object| arrSectionID string| urhehlevkedkilrobacf object| mediaRule function| _bmb function| 4dm1r11545242527 boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __INTLIFY_JIT_COMPILATION__ boolean| __INTLIFY_DROP_MESSAGE_COMPILER__ boolean| __INTLIFY_PROD_DEVTOOLS__ object| wpsVideoPlayers object| cnx_player_usr_storage object| _prx object| cnx_webpack_global object| cnx_usr_storage undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| player_instance_4d8fb13354b34202805be8ccb6dd4c3c object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| replacePlayButton object| htlbid object| optiCommon object| ggeac object| google_tag_data object| google_js_reporting_queue function| cnxAddEventListener

7 Cookies

Domain/Path Name / Value
www.sign-xfinityaccountupdateipxahiz.duckdns.org/ Name: PHPSESSID
Value: 446fec344667c4be18d5601f800ccb5d
.thenewstribune.com/ Name: ak_bmsc
Value: CE27EFC1F9EDE7015819A864355A0EE5~000000000000000000000000000000~YAAQiHsTAldXTM2LAQAAnLO8zxVC0pOkQ1S3swCDNze888AxjInQ3FMnJs7CV8ut+hGRCCuzkMWwW7JlJDY+Xc3aS/2ns2A/5UJLhuYGkXlfpXcT0xWsehAi4Q8KtvhnBGfRXc/XU+24WlkR8vnsUBXj/ZiNSYTbXB1Wqz38hAw1SeRGyOql53YK0AXjGc0tYH9qpELfi0hXXHyuiZrojPd9IV08E6BXyd0ewWK11fFzHDLn609n59bc89a7uEQhP+0Jh23AiAF39NILWSYMT1MgJDIXHA8leuSjCdXKuzV158BHka05yz5IRM+91xIP0FmYtlwHf3WeAbP/134+G6/Z5i0TXfMnYz/D9tju/XXV1sVFMCxtAeZEXBP/n+Xdxyr7+PTfmY2Cuh/jZQP9m3oP7IBAXzkGCpDRbx5kwnO/LuFt2G+0avCB0In75HS36UJLnTSyPGtgEBbkYBAmSowtkbERrIP2bRpqRIWidnfpvrsNSmdhbGk=
.connatix.com/ Name: cnx_userId
Value: b4f5a384b239421b8aca5d33de00bcef
.thenewstribune.com/ Name: _awl
Value: 2.1699997332.5-c6a4802b24f980c6a3f608d476cc5ff1-6763652d6575726f70652d7765737431-0
.postrelease.com/ Name: opt_out
Value: 1
.thenewstribune.com/ Name: bm_mi
Value: 8B68175B7799251823777327CD29D7C1~YAAQiHsTAm5XTM2LAQAAl7a8zxUyZ4/19Dn4EnttR0iRD0+ocKd0sMAkqG8mxmEUEh/q5AUlrn5tPHemBNCgWgV2gXR7oWv/Z5JB9uNNjnadELThqjb/dIC0gV9qSx6Fio6S91W9JE77TtIu9UIbdJHjRYJXz7Vqrtc7DdnzI9An0LCAh8LHyHzbfjxShbg6dxogjPMvxpYNS+NMIY/GNAuREKeY5orcUDQU/EXVECzIeD+MddX0T6xE2WYqItshTdlaovWS1S5TrgHvhgPUOk1N/ModeF0QTUnFWJ8crmppQG041sM7byGchPKQWnIqawyxNPJy/tLV3I2iX3jOXXiT6BmmkJkDequ4imEu1lg=~1
.thenewstribune.com/ Name: bm_sv
Value: D6A7C0632886A6120BF5ACD80582EF57~YAAQiHsTAm9XTM2LAQAAl7a8zxWS04haYK6hGqI1haissz6NNOBm8MmCo32FL2M5+72QuWRJmdl405LhZCP/B78zoQlt1pBLftK8YhzIOo3sEnF5pKZVp5yw/12HlT+3GMMegCNA7gQXVQ+xOvXi9FRtacnl2oImH2hYcISgKKfu5mV+YJVmNdmpl+rd6cisb68CYIybSgqDa5wPZeFcZlcUP9xnnsez5c3DE5vpskbbB/r4mAq1vyGmDqAx6dRM/RwF+A0xnIw=~1

2 Console Messages

Source Level URL
Text
network error URL: https://profile-api.amplitude.com/v1/userprofile?device_id=9873cb60-6de4-4349-acc3-a1a61aa56f99&user_id=&comp_id=apflrqef
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.thenewstribune.com/null/akam/13/pixel_173813bb
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lab.amplitude.com
api2.amplitude.com
assets.connatix.com
capi.connatix.com
cd.connatix.com
cds.connatix.com
flowerstreatment.com
fonts.googleapis.com
fonts.gstatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
jadserve.postrelease.com
lit.connatix.com
mcclatchy-next-apps-prod.s3.amazonaws.com
media.thenewstribune.com
pl.connatix.com
profile-api.amplitude.com
s.ntv.io
scissorsstatement.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
thenewstribune.com
vi.ml314.com
vid.connatix.com
www.bellinghamherald.com
www.mcclatchy-partners.com
www.mcclatchy-wires.com
www.sign-xfinityaccountupdateipxahiz.duckdns.org
www.thenewstribune.com
cds.connatix.com
imasdk.googleapis.com
ins.connatix.com
lit.connatix.com
pl.connatix.com
vid.connatix.com
104.79.28.80
151.101.130.132
162.240.159.184
166.108.36.245
172.64.146.152
23.196.230.25
2600:1901:0:7416::1
2600:1901:0:d733::1
2600:9000:223f:3600:8:48e:53c0:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:827::200a
2a00:1450:4001:830::2002
3.232.219.155
35.201.104.135
44.232.113.203
52.13.180.254
52.217.102.28
020929acae00877f71f5fa637d16fa92de00c7758b160cf03a8b1f51f5aa52f1
0af966ad2f6c3d666c3e588c34f0b81be088a7ba2208cd7fc3106cd11e3294e1
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
138bc83ae236acea75cb990e66e458b5e8814d0f2e8bcec5133255421e84f9ac
18e07d2e805871c64b625eb03c950fc77cbbdb707a26493fce307d39f4571524
18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a
1c34c1766345e28fdb577f10c567312a2325c25d038839c2ad6198e136bd774e
1d310979570a2f21ee40c598a02cfc0b2c823c533d68e22110e9ab18bb0226f3
22239bc5d2a6138030a5ba0ef71da27272d0e379e254745c332da9792c875593
24ef8028a7a18ced624a26872abdfbf2694fcd27cb429223d2e88e857c4615ae
3324c64b9a96453cec4e83e2b4b717deb4295e92725283153102ebb34898bbe5
34638cf03a942f139d7bf9198f273b8917265cc7d726ab18cfe5800a98ca9364
384b40e7ee06437e7e287e5abed90881d74eb28b569a2fb2f22dbf5dd0ed9546
3871b068c6701fa8f67906f9cb2026817d56da6b926daba22590fe6ee9bedfbd
3a079d92879715bc2b7600b4a24f4b249d79350545cdbd1a778c980fd1610d6e
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449273ffdef7cb7215c20bc3660c4826dc982985cba34efb38cfd5b77bae7ee1
457c0a075d640c9e798de090cecd9a1ca5f6fb873d2e9ec0c46aef26a7e644a2
46f87da86ef9e90a73ab3602aad055699f099854cc52677f14bc3ee5ad4d21f8
510fa6a0473625d1823742d47997b004b2e12eff7e564b0a008bdd55c8f45216
563f451e52ec673ea0c66a892ebf753775985470847aee48be950196b011bb1d
568c451356216bcad0be9a07f979d3a732ddfdad3d31496dfe3385bf321fe4e3
5bf23e236fb911d6f963832a7c0f39942e7a79cde90482261d3b6d1bd33e0ead
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
64d1b5b582ea62eea3e88619e7a3bb9a26e03c654d705aa0c374e30a57ae4fcd
67c5e297a60166e8f4a8fbcfb519388fc828bd002c47c6d75cef72710bbf0484
69f6a33358785d82a97231190ca795d75759553a1d6a6bad86db8293afc59709
69f9a5ddfc7af46fd681e14a203899a719059f16dfc7f24fad7a89f088023e64
6c393a7d9e8e87cbba101a13f54d1aa59480a83b59b1704e1776bdfea24d2c22
6e1cf560a4e42b1321a32a04030dddb56c511f0e7493718f82cfd1797e5aa9a7
6ed64cc766d99ea4091ec21b7db529c919122df7512e402754534d0ab210269e
7404ed0d50e79dd60f5663a6c909bf7defb97ab0b43f0632f601e93fd6967f4b
7548edfb8ddfeb16200fa2fa9e9ee158e9178a1793665563c7e4e3e69ec73072
798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903
7cfa7e7c7353752864021902655093fccb3430e570ecc1b8cc774aa81624cf7a
7e6cb9b7efa7e57f942fc17e60c43cbf7c2c7f03a3fc94eb929e3e1faa08d3f9
7f0b2b6fda01e3865c53e3e228df2a75eb94da7417ee8d0ad256cefbbbdfba87
80bff926bd0bf17e96da62fb0d59dbf1fda4d537e24329f4c284440b8fac9d10
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
855b336540e9460f01d5d358d35d24748cbd20db695e0d41f6945cdbef07b7e8
8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7
8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e
8e235a199a1f8a90513cf1c356a57e5351a7820fe3bc16cbcebb3e9cea1bdbd7
8ee311f83e24220465428b5d58aa83d330cb414af3744efdbc0513c3b3bbdc8a
949e2886f2710abf4b3f39bc231ce4462d477f62bc6e958ce17804d82e293466
9afa8767feaadb1bd8a75a3bbcd5cdef2b955be465104890802ff79abc23b9e5
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9f551f00baf7bbd76a9798d9873b41b68fe354ce227373649c17f30ba5603678
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4561da777935fa07b41fbb1e3ade995d20c92560e803303f6f7e0d8fec27ff6
a88b890f285964941009eb7d74c460f059d2c1acf52613f8197a716bb9a12ffc
aa3345ec043f528c91a23a7dd57d53162321028618998eacc882214fada763d5
aa6bdf39c00b48ac3aa30765773e116d6f9a3997cf6de45978db04f4611348e2
abe7ef2d3cde940c95fbeac2647a2a2b418f5d084ce6ed1c35b586f75915ed77
acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039
ad5ae4c6b97938ad155b618094a1e4bb2291f95a88fea30fc83baeea967c14cc
ae783103640b0fef281d4e2e24dfe4425f6e8a4f479fe54fd8188a061e8a7416
b435c23887c894694efce0918537098f98f6c98883e3cbed9235908f94687183
b83e0ce15e07a2eaa30fe25661bfb19b0ab4ab3d1704c083c11fd9d46801f552
b9f65b633a49a499a034c954707d726a90d5571ec8fc571eb7c5e4e59e9b3108
c1eb665caecaf2df2837a83f4ef16316fb40766d620de247779adc5658afb870
c4b2f8a341bacba18ea9efdbc2c3d2c3a957572c9bc8ff96ab1445db62584b59
c7e912074fcccaff683e465a400b9a08298f25fed104e0cc7b5c2a1604be7e1a
c8bb4d432f16fe81e430eb5bb798c7e0e74440444dca1da93934c8886769944b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca76cf8aed858f3483b51a715f66ef1c177a551898cb235422ca93217ae5e281
cb2f6d800163b3fede82ffa5e22ea193faa40031c27089cadd2b801f410f028a
ceaccd3394b874684aeb2eb2642b9d244638121c9279cf45ca61b16b0d879b9f
d4922a5e0e6e3a16867f756c12667e531b11dd372553ea04896e5673c849201a
d5bf09202a93cf3845c80348bcb577496ce8fff47394a44e7bb5aa7e6b486d73
d73606583c8e2ee4ed7904fec49734d6138cf4b310c22c2049ec7b63556a1dd8
d7ad52f6852de9481a13b90a5fe61d694f8403bf3154547b8f0b07a44686973d
d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb
da79f7378503680ce10ad97633a64bf4af331527c1a04fe3542ebebe018741f1
e0df336e99c1d16170378d9d02260be6c55e313fc6dbef61418c743361dafd74
e2b2fe758e81c7e170c066469227ba7ca7f19187ece8237fb0691131e3141601
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7de2ef3ff2b3fd17fb01947fbeb17684ad45563cdeeebf8d78fac23d3100cc9
e85e8ef53515fc413458b31793b5bbc054d81df21adce6adabd6ee0c700c62d8
f000bfa61832b7beab13f80abc3b0aa946b3478018c161dc7f93483a492cbe4f
f0b2c3140a1222ed1192d94f73b307ec99a52ddef5f2d7aec95d12e608423f5a
f45f2ccb32edf33fed7207e1ba9d10f03ad0df58ee6e8d4d2f604d6875d9f266
fba77aa733c49e480958aa2de564f8fac93c88f092d3c8f288a2e1d33aa59014
fca5bc67a49af1a6099f7b2f4bf4c07a44679d69b60f3c4c298e24c6b4d8ddb2
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1