www.thenewstribune.com Open in urlscan Pro
23.41.253.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://verify.clientservice-changpassword.cloudns.be/signin/028cbeb3da391b88853df5ea3fe2144bfd35cf4d304e2a09cfa9b43e730c67c0
Effective URL:
https://www.thenewstribune.com/
Submission: On April 22 via automatic, source openphish (April 22nd 2024, 1:10:52 pm UTC) — Scanned from DE

Summary HTTP 209 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 48 IPs in 5 countries across 35 domains to perform 209 HTTP transactions. The main IP is 23.41.253.69, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.thenewstribune.com. The Cisco Umbrella rank of the primary domain is 292361.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 30th 2024. Valid for: 7 months.

This is the only time www.thenewstribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.240.147.59 162.240.147.59	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 1	166.108.36.245 166.108.36.245	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
56	23.41.253.69 23.41.253.69	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.141.129 52.217.141.129	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:18::1724:a28d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:266... 2600:9000:266e:9200:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:7416::1	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:266... 2600:9000:266e:b200:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.245.31.78 18.245.31.78	16509 (AMAZON-02) (AMAZON-02)
3	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:9600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	52.37.89.212 52.37.89.212	16509 (AMAZON-02) (AMAZON-02)
8	54.189.181.41 54.189.181.41	16509 (AMAZON-02) (AMAZON-02)
13	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	2600:1901:0:d... 2600:1901:0:d733::1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.244.18.38 18.244.18.38	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	54.204.184.105 54.204.184.105	14618 (AMAZON-AES) (AMAZON-AES)
2	13.32.27.39 13.32.27.39	16509 (AMAZON-02) (AMAZON-02)
1	34.160.169.226 34.160.169.226	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223e:a400:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:25a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.31.42 18.245.31.42	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:d200:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	52.216.41.209 52.216.41.209	16509 (AMAZON-02) (AMAZON-02)
1	3.239.232.93 3.239.232.93	14618 (AMAZON-AES) (AMAZON-AES)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2600:9000:266... 2600:9000:266e:9800:e:ec66:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	3.69.41.26 3.69.41.26	16509 (AMAZON-02) (AMAZON-02)
1	52.17.37.247 52.17.37.247	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:1800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
6	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	208.89.15.170 208.89.15.170	11054 (LIVEPERSON) (LIVEPERSON)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
209	48

1 162.240.147.59 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-147-59.unifiedlayer.com

verify.clientservice-changpassword.cloudns.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 166.108.36.245 (Sacramento, United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com

thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 23.41.253.69 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-253-69.deploy.static.akamaitechnologies.com

www.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-wires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-partners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.141.129 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mcclatchy-next-apps-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:18::1724:a28d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

api.dsp.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:266e:9200:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

flowerstreatment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:b200:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.31.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-78.fra56.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.146.152 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:9600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.37.89.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-89-212.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.189.181.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-181-41.us-west-2.compute.amazonaws.com

profile-api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:d733::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

scissorsstatement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.184.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-184-105.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-39.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.169.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.169.160.34.bc.googleusercontent.com

scissorsstatement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:a400:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:25a1 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-42.fra56.r.cloudfront.net

edition.pagesuite-professional.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:d200:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.41.209 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.239.232.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-93.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:266e:9800:e:ec66:e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.69.41.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.37.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-37-247.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	thenewstribune.com 1 redirects thenewstribune.com — Cisco Umbrella Rank: 280790 www.thenewstribune.com — Cisco Umbrella Rank: 292361	995 KB
28	amplitude.com api2.amplitude.com — Cisco Umbrella Rank: 1163 profile-api.amplitude.com — Cisco Umbrella Rank: 51497 api.lab.amplitude.com — Cisco Umbrella Rank: 4102	8 KB
8	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3754 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3986	288 KB
5	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3884 va.idp.liveperson.net — Cisco Umbrella Rank: 9538 va.v.liveperson.net — Cisco Umbrella Rank: 4268	132 KB
5	connatix.com img.connatix.com — Cisco Umbrella Rank: 4713 cd.connatix.com — Cisco Umbrella Rank: 3577 cds.connatix.com — Cisco Umbrella Rank: 3681	481 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 5123	84 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2808	9 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	171 KB
4	gstatic.com fonts.gstatic.com	81 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	4 KB
3	keywee.co 1 redirects cdn.keywee.co — Cisco Umbrella Rank: 22940	9 KB
3	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 12368 www.i.matheranalytics.com — Cisco Umbrella Rank: 12239	43 KB
3	scissorsstatement.com scissorsstatement.com — Cisco Umbrella Rank: 64589	910 B
3	mcclatchy.com api.dsp.mcclatchy.com — Cisco Umbrella Rank: 49682	2 KB
3	amazonaws.com mcclatchy-next-apps-prod.s3.amazonaws.com — Cisco Umbrella Rank: 69526 ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9171 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5784	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7278	126 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2941 www.google.com — Cisco Umbrella Rank: 2	322 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	161 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1891	11 KB
2	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3156	651 B
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	28 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1634	124 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 7908	137 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 183	3 KB
2	mcclatchy-wires.com www.mcclatchy-wires.com — Cisco Umbrella Rank: 75586	91 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1376	1 KB
1	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 19823	9 KB
1	imrworldwide.com secure-us.imrworldwide.com — Cisco Umbrella Rank: 2666	425 B
1	pagesuite-professional.co.uk edition.pagesuite-professional.co.uk — Cisco Umbrella Rank: 78708	32 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 586	480 B
1	mcclatchy-partners.com www.mcclatchy-partners.com — Cisco Umbrella Rank: 193984	21 KB
1	flowerstreatment.com flowerstreatment.com — Cisco Umbrella Rank: 66254	25 KB
1	cloudns.be 1 redirects verify.clientservice-changpassword.cloudns.be	487 B
0	fullcontact.com Failed tags.fullcontact.com Failed
209	35

	Domain	Requested by
53	www.thenewstribune.com	www.thenewstribune.com cmp.osano.com
13	api.lab.amplitude.com	www.thenewstribune.com
8	profile-api.amplitude.com	www.thenewstribune.com
7	api2.amplitude.com	www.thenewstribune.com
6	lpcdn.lpsnmedia.net	cmp.osano.com
5	cmp.osano.com	www.thenewstribune.com cmp.osano.com
4	tags.srv.stackadapt.com	www.thenewstribune.com tags.srv.stackadapt.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.thenewstribune.com cmp.osano.com
3	cdn.keywee.co	1 redirects cdn.keywee.co
3	scissorsstatement.com	flowerstreatment.com
3	api.dsp.mcclatchy.com	www.thenewstribune.com
2	va.v.liveperson.net	cmp.osano.com
2	accdn.lpsnmedia.net	cmp.osano.com
2	lptag.liveperson.net	cmp.osano.com
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.thenewstribune.com www.googletagmanager.com
2	ml314.com	www.thenewstribune.com ml314.com
2	sdk.iad-05.braze.com	www.thenewstribune.com
2	cdn.confiant-integrations.net	cmp.osano.com
2	securepubads.g.doubleclick.net	cmp.osano.com
2	htlbid.com	cmp.osano.com
2	js.matheranalytics.com	1 redirects www.thenewstribune.com
2	sb.scorecardresearch.com	www.thenewstribune.com
2	cds.connatix.com	cd.connatix.com cds.connatix.com
2	www.mcclatchy-wires.com	www.thenewstribune.com
2	img.connatix.com	www.thenewstribune.com
1	va.idp.liveperson.net	cmp.osano.com
1	www.google.com
1	region1.analytics.google.com	www.googletagmanager.com
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	www.thenewstribune.com
1	secure-us.imrworldwide.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	ams-pageview-public.s3.amazonaws.com	www.thenewstribune.com
1	d15kdpgjg3unno.cloudfront.net	cmp.osano.com
1	edition.pagesuite-professional.co.uk	www.thenewstribune.com
1	dyv1bugovvq1g.cloudfront.net	htlbid.com
1	www.i.matheranalytics.com	www.thenewstribune.com
1	static.adsafeprotected.com	www.thenewstribune.com
1	cd.connatix.com	www.thenewstribune.com
1	www.mcclatchy-partners.com	www.thenewstribune.com
1	flowerstreatment.com	cmp.osano.com
1	mcclatchy-next-apps-prod.s3.amazonaws.com	www.thenewstribune.com
1	thenewstribune.com	1 redirects
1	verify.clientservice-changpassword.cloudns.be	1 redirects
0	tags.fullcontact.com Failed	www.thenewstribune.com
209	49

This site contains links to these domains. Also see Links.

Domain
subscribe.thenewstribune.com
liveedition.thenewstribune.com
www.legacy.com
myaccount.thenewstribune.com
thenewstribune.newspapers.com
go.mcclatchy.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.bestofpiercecounty.com
tribnet.obituaries.com
placeclassifieds.mcclatchy.com
classifieds.mcclatchy.com
placecelebration.mcclatchy.com
jobs.thenewstribune.com
business.mcclatchy.com
hiring.mcclatchy.com
www.winwithmcclatchy.com
mycheckout.thenewstribune.com
thenewstribune.com
www.tiktok.com
www.mcclatchy.com
my.datasubject.com
account.thenewstribune.com

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-30` - `2024-09-03`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
orchestration.mcclatchy.com R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
flowerstreatment.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
img.connatix.com GTS CA 1P5	`2024-04-04` - `2024-07-03`	3 months	crt.sh
connatix.com GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-29` - `2024-12-30`	a year	crt.sh
scissorsstatement.com R3	`2024-04-14` - `2024-07-13`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
www.i.matheranalytics.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sdk.iad-05.braze.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
edition.pagesuite.com Amazon RSA 2048 M03	`2023-08-17` - `2024-09-13`	a year	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2024-01-18` - `2024-12-28`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.imrworldwide.com GlobalSign RSA OV SSL CA 2018	`2024-01-02` - `2025-02-02`	a year	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.anyword.com Amazon RSA 2048 M01	`2023-06-05` - `2024-07-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2024-02-26` - `2025-02-25`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-10-31` - `2024-10-30`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.thenewstribune.com/
Frame ID: 9968BE09F97722250241DD1B511EA843
Requests: 158 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: CA5D8BFEC6B8BD041A70713FDD7A3D28
Requests: 1 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Frame ID: D238D4E3ABAAB26DAB2EFCF71F29E023
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/3d61e84c-a795-472b-a264-58b5eaa28f48
Frame ID: E02D5C33197AF31A34C5F18871BC92CD
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/5fb6d6d3-9a35-4453-8485-da4649dc1e23
Frame ID: 9088126222C44B074FB467AC296C4F4A
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/dd04f861-7179-4bc5-b2fa-5e408a726706
Frame ID: 4A26137D760527F70F3EA6B1A1F4A123
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/50e5843e-bdbb-4b6e-a6fe-88a8e7ff8743
Frame ID: 534AC68D268C676324FFF8936AB8C643
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/724a149d-64b8-4dd9-a608-fdbb563235f8
Frame ID: 80369651C55D848193374B948ABA32A1
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/c80d89cb-ac73-466e-9705-1f3bcb3c50d1
Frame ID: BE24DDCFFAEF6611506A1B1A38E546BB
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/21defe4f-59ee-4757-95db-05960aefaef3
Frame ID: 4F16A732789C9D94D515175ED09016C8
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/58906f53-863b-4bcf-a3ad-b092c18db85d
Frame ID: 974AFD5DF218B974B200857BF06FCF47
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/9cc836a8-62fd-44c2-8602-aca2d53a8571
Frame ID: 4E48778C5FB45AC328FEA381E48C75C2
Requests: 11 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: 751409FA7CDBDF6926BFBDC3DB08659A
Requests: 1 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1713791448314&loc=https%3A%2F%2Fwww.thenewstribune.com
Frame ID: F4E74C0875360EDB8232CA6C1D180F2C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tacoma WA Breaking News, Crime & More | Tacoma News Tribune

Page URL History Show full URLs

https://verify.clientservice-changpassword.cloudns.be/signin/028cbeb3da391b88853df5ea3fe2144bfd35cf4d304e2a09cfa9b43e730c67c0 HTTP 302
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

209
Requests

77 %
HTTPS

39 %
IPv6

35
Domains

49
Subdomains

48
IPs

5
Countries

2975 kB
Transfer

8368 kB
Size

10
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.thenewstribune.com/beinformed
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://liveedition.thenewstribune.com/
Title: Tacoma Now

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/tribnet/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://myaccount.thenewstribune.com/tac_nt/home
Title: Account Management

Search URL Search Domain Scan URL

URL: https://thenewstribune.newspapers.com/
Title: Archives

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1/
Title: Contact McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tacomanewstribune
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/thenewstribune
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thenewstribune/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TacomaNewsTribune
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.bestofpiercecounty.com/
Title: Best of Pierce County

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/tribnet/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://tribnet.obituaries.com/
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/tacoma/index.html
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/tacoma/flow.html?action=jump&_flowId=adportal-classified-flow&categoryName=Recruitment&classificationName=Employment
Title: Post a Job

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/tacoma
Title: Browse Classifieds

Search URL Search Domain Scan URL

URL: https://placecelebration.mcclatchy.com/celebrations/tacoma/index.html
Title: Place an Ad - Celebrations

Search URL Search Domain Scan URL

URL: https://jobs.thenewstribune.com/
Title: Search Jobs

Search URL Search Domain Scan URL

URL: https://business.mcclatchy.com/tacoma
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://hiring.mcclatchy.com/recruitmentproducts
Title: Staffing Solutions

Search URL Search Domain Scan URL

URL: https://www.winwithmcclatchy.com/political-advocacy
Title: Political | Advocacy Advertising

Search URL Search Domain Scan URL

URL: https://mycheckout.thenewstribune.com/subscribe?ofrgp_id=463&g2i_or_o=OnSite&g2i_or_p=MCCtb&cid=top-bar_sale_Earth-Day-0.99-2mo_202403
Title: GET ACCESS NOW

Search URL Search Domain Scan URL

URL: https://thenewstribune.com/mobile
Title: Tacoma News Tribune App

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/TacomaNewsTribune

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@thenewstribune/

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-tribune
Title: About Us

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1
Title: McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://my.datasubject.com/16A0CuTCdGtXx3A1C/22280
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://mycheckout.thenewstribune.com/subscribe?ofrgp_id=428&g2i_or_o=OnSite&g2i_or_p=Atribit2&cid=modal_homepage_1-1mo-15.99-attribits-lightbox_202311
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://account.thenewstribune.com/auth0
Title: SIGN IN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://verify.clientservice-changpassword.cloudns.be/signin/028cbeb3da391b88853df5ea3fe2144bfd35cf4d304e2a09cfa9b43e730c67c0 HTTP 302
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1653 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

Request Chain 168

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

209 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thenewstribune.com/
Redirect Chain

https://verify.clientservice-changpassword.cloudns.be/signin/028cbeb3da391b88853df5ea3fe2144bfd35cf4d304e2a09cfa9b43e730c67c0
https://thenewstribune.com/
https://www.thenewstribune.com/

189 KB
22 KB

730ms
357ms

Document
text/html

23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bf13ebc710c14d9944ac55ba9973275d2ea7874e25143d1cb0e21e5108d618d0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 21010
content-type: text/html;charset=utf-8
date: Mon, 22 Apr 2024 13:10:41 GMT
etag: W/"2f2bc-iqWOLIVonEyZJNXHQCx6WREP22U"
expires: Mon, 22 Apr 2024 13:10:41 GMT
last-modified: Mon, 22 Apr 2024 13:07:36 GMT
mi-api: WPS
mi-cache: HIT
mi-cache-age: 47
pragma: no-cache
server: MI
server-timing: ak_p; desc="1713791441413_388358853_161811999_22004_14086_110_229_255";dur=1
surrogate-control: varnish=ESI/2.1
vary: Accept-Encoding
x-akamai-transformed: 9 20818 0 pmb=mTOE,4
x-cachebust
x-mi-in-market: 0
x-proxy-forwarding-type: BlackList
x-varnish: 40026677, 112067945 96417380

Redirect headers

Connection: Keep-Alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 22 Apr 2024 13:10:41 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.thenewstribune.com/
Server: Apache

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 87ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100..900;1,100..900&family=Noto+Serif:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e33790c4c6d5893103a96a4feb3b597173a66b1d9b3a9051071f9e1d5d4487d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Apr 2024 13:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 13:10:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Apr 2024 13:10:41 GMT

GET
H2 200 mi-styles.d4f89217fa4604bf5a43.css
www.thenewstribune.com/wps/build/webpack/css/ 225 KB
48 KB 187ms
187ms Stylesheet
text/css 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.d4f89217fa4604bf5a43.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a7ee8c122b977ab8b8f7d41d156058bf73213f32253c1ca8898da04dd4416fbb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 70
x-cachebust
server-timing: ak_p; desc="1713791442062_388358853_161812774_1432_11331_115_0_255";dur=1
content-length: 48146
last-modified: Wed, 17 Apr 2024 11:24:14 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"3845c-18eebccd730"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 69150485, 884573649 884146922
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=244395
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 thenewstribunecore.js Show response
www.thenewstribune.com/oi-blsnzoy/ 130 KB
38 KB 542ms
541ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9fafa9bcdd54c16db02d887015da9a5bc80f598f32d49429a08c29828df2e797

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 293
x-cachebust
server-timing: ak_p; desc="1713791442065_388358853_161812775_38359_12971_110_0_219";dur=1
content-length: 38740
last-modified: Mon, 22 Apr 2024 12:50:55 GMT
server: MI
etag: W/"2094b-616aee35e69c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 98212683 102733988
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1 200
OK style.css
mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/ 272 B
665 B 349ms
126ms Stylesheet
text/css 52.217.141.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/style.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.141.129 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 13:10:43 GMT
Last-Modified: Wed, 10 May 2023 23:40:01 GMT
Server: AmazonS3
x-amz-request-id: 2GD57E1F3HVWA33B
ETag: "2d39810a5e64f8448f15544f86081077"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 272
x-amz-id-2: lYXuOBZhPh/iW/X/pQ51lpIGBUDewV6TaXxCYaNUhEf1i3aJYxYuWXK0htSIgaibVyKeFjA9SH4=

GET
H2 200 ebd1a36 Show response
www.thenewstribune.com/akam/13/ 26 KB
10 KB 533ms
533ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/ebd1a36
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3a1546a5731cdd2b460d8adbc09e84951ff88eee2a59699837c61f6fc068e9a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: gzip
x-cachebust
server-timing: ak_p; desc="1713791442429_388358853_161813457_39379_6986_111_0_146";dur=1
content-length: 8769
pragma: no-cache
last-modified: Thu, 22 Feb 2024 19:48:52 GMT
etag: "f13893b8d4a3a55f8099b5f6a8a988e39116df3e2fdbf057f4c6a14d01a96045"
stored-attribute-sha-checksum: 3a1546a5731cdd2b460d8adbc09e84951ff88eee2a59699837c61f6fc068e9a3
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=21600
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Mon, 22 Apr 2024 13:10:42 GMT

GET
H2 200 mastheadPage.bundle-3f30032934e5003f114f.js Show response
www.thenewstribune.com/wps/build/webpack/ 189 KB
61 KB 298ms
298ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mastheadPage.bundle-3f30032934e5003f114f.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f297c6ea8cd6c71f29984880ff77978944b9509ad8576846ab6c557d1ef30a86

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1
x-cachebust
server-timing: ak_p; desc="1713791442062_388358853_161812776_3415_11236_115_0_219";dur=1
content-length: 62437
last-modified: Thu, 18 Apr 2024 15:43:45 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2f45c-18ef1e0cb68"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 87664307, 110893373 104804092
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=301961
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoLoader.bundle-656b841ddb22a0280b4c.js Show response
www.thenewstribune.com/wps/build/webpack/ 286 KB
89 KB 152ms
152ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videoLoader.bundle-656b841ddb22a0280b4c.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b53690006914e1f314cd21a31e98f4d803a4bbeba56c34b628dbacb3a9696fc3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 138
x-cachebust
server-timing: ak_p; desc="1713791442615_388358853_161813791_2399_12575_112_0_146";dur=1
content-length: 90116
last-modified: Thu, 18 Apr 2024 15:44:22 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"479e7-18ef1e15bf0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 85830830, 21109096 23271693
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=302282
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 204 graphql
api.dsp.mcclatchy.com/ Frame 0
0 331ms
214ms Preflight 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-mcc-identity, x-mcc-session
access-control-allow-methods: GET, PATCH, POST, PUT
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
date: Mon, 22 Apr 2024 13:10:42 GMT
expires: Mon, 22 Apr 2024 13:10:42 GMT
pragma: no-cache
server-timing: ak_p; desc="1713791442635_388276365_2241410853_16188_14029_34_38_219";dur=1
strict-transport-security: max-age=63072000
vary: Origin

POST
H2 200 graphql Show response
api.dsp.mcclatchy.com/ 66 B
898 B 198ms
197ms Fetch
application/json 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f60413dd2940de49e26d7c52c0b49339c08cf94393b5d6930e7817cd829703ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=63072000
date: Mon, 22 Apr 2024 13:10:43 GMT
vary: Origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=115, origin; dur=16, ak_p; desc="1713791442890_388276365_2241412299_13194_12500_39_0_219";dur=1
content-length: 66
expires: Mon, 22 Apr 2024 13:10:43 GMT

GET
BLOB 200
OK 0ca12025-7665-4c9a-a125-b1bfc8d9bd39 Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0ca12025-7665-4c9a-a125-b1bfc8d9bd39
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8af19960057bbf7ab1255e3837b5df6c0c612c9389062b4b0e3c5f6f02938796

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 osano.js Show response
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ 174 KB
48 KB 156ms
101ms Script
application/javascript 2600:9000:266e:9200:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:9200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f2bca25a2bc03309f53d062a57d1ec27e147a195e2b820c2ed2f126bd29315d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: br
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 48262
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 17:31:59 GMT
server: CloudFront
etag: "a424bfb50abe7efba995494b0abea958"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: -ncx4GOOELcDosapYs3c10GuvQA18BhGhrsWbUUP0u3bXqEhd9F2Wg==

GET
BLOB 200
OK 0c66579d-c78d-46f1-92d6-9aea2c2668e0 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0c66579d-c78d-46f1-92d6-9aea2c2668e0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f006b11718ab9b252cefa304cc26fd51fd9bcb6eb1005869376d3d7fadbbee07

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 vendorBundle.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 87 KB
31 KB 197ms
197ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/vendorBundle.693d70d3386858c669c6.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 09d2b49eacb1cbff267f6ea24161d8d5f4833b3bc63e2daff2c1b53d0e2c6505

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 525
x-cachebust
server-timing: ak_p; desc="1713791442637_388358853_161813830_3161_11646_112_0_219";dur=1
content-length: 31272
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"15d7b-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 223327677, 191367927 193855693
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604688
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK efcc7562-22de-421c-9766-2b6b50b56e15 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/efcc7562-22de-421c-9766-2b6b50b56e15
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6da0471cefd61a24780ac09688cc91f74023f24a13d5eefc177c83bfdc40653

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 0f459697-579d-4b52-8d70-511bcb0fe5bc Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0f459697-579d-4b52-8d70-511bcb0fe5bc
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 893360208aa14651cd8c78ac47dd77492d4956a38404124020740c12209b8049

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK ea2e3425-3527-449a-89dc-fd8fea40f4d1 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ea2e3425-3527-449a-89dc-fd8fea40f4d1
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84d690739b0af09df301ee214ca564b0a4b3665121398771df6809b854c8e73f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 9e78bb8a-3d51-4152-a8da-b177a6b352d5 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/9e78bb8a-3d51-4152-a8da-b177a6b352d5
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cc9dd132de66f2f70e009db498c014b20452d4c1fd5325d91f4f1ce09cc8aeb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 danelei.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 83 KB
23 KB 160ms
160ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/danelei.693d70d3386858c669c6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/0ca12025-7665-4c9a-a125-b1bfc8d9bd39
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 832ef38b2e1fae6178c7b82ce4f22ee940e797fb10538046b9954ca17177951b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 525
x-cachebust
server-timing: ak_p; desc="1713791442861_388358853_161814275_3434_13367_110_0_146";dur=1
content-length: 22594
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"14b40-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1020240401, 94161010 92162736
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604623
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 escenic.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 187 KB
51 KB 185ms
185ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/escenic.693d70d3386858c669c6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/0c66579d-c78d-46f1-92d6-9aea2c2668e0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d609cab2795f79e23bcb585c884c82418ce745cbd6880ace912778d0641411f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 525
x-cachebust
server-timing: ak_p; desc="1713791443017_388358853_161814586_5836_11997_111_0_146";dur=1
content-length: 50921
last-modified: Mon, 22 Apr 2024 12:50:55 GMT
server: MI
etag: W/"2ec3d-616aee35e69c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 180140519 184951099
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604645
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 netdale.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 43 KB
15 KB 149ms
148ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/netdale.693d70d3386858c669c6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/efcc7562-22de-421c-9766-2b6b50b56e15
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8fee49e2a60f8b6020f878806764e617361216015926d6f5d60e28993f88f789

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 449
x-cachebust
server-timing: ak_p; desc="1713791443030_388358853_161814618_1080_13481_111_0_146";dur=1
content-length: 14385
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"ab6b-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 89418315 108726957
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604660
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 zones.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 75 KB
21 KB 180ms
180ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/zones.693d70d3386858c669c6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/0f459697-579d-4b52-8d70-511bcb0fe5bc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d65b4618caa24f51732c41f165e9b0d0b39f673ca3ca53d485f3d2491f8555d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 449
x-cachebust
server-timing: ak_p; desc="1713791443034_388358853_161814619_1521_12765_111_0_146";dur=1
content-length: 20621
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"12c4a-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 191367928 177958063
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604666
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 nextCustom.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 22 KB
8 KB 380ms
380ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/nextCustom.693d70d3386858c669c6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/ea2e3425-3527-449a-89dc-fd8fea40f4d1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0ba66b3e64344894bab2296ff7c0b711a560884500fb0d4c03b21793e44ef3ad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 538
x-cachebust
server-timing: ak_p; desc="1713791443042_388358853_161814620_9945_12877_111_0_146";dur=1
content-length: 7506
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"56e7-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 231835489 230722619
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604670
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 woldoni.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 21 KB
7 KB 183ms
183ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/9e78bb8a-3d51-4152-a8da-b177a6b352d5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 00f704d7c65928141bc518c193f283ffc2f4f441587d9eb76ec95ac09e0aff82

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 538
x-cachebust
server-timing: ak_p; desc="1713791443030_388358853_161814621_4664_11463_111_0_146";dur=1
content-length: 5848
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"533f-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 111708550 111249234
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604644
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 10b57718-0b79-46f7-bbaf-4a474513b8b0
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/10b57718-0b79-46f7-bbaf-4a474513b8b0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 modal-v3.0.2.js Show response
www.thenewstribune.com/oi-blsnzoy/js/ 7 KB
2 KB 150ms
149ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/js/modal-v3.0.2.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1
x-cachebust
server-timing: ak_p; desc="1713791442879_388358853_161814305_746_13094_110_0_219";dur=1
content-length: 2103
last-modified: Thu, 18 Apr 2024 14:25:12 GMT
server: MI
etag: W/"1b3d-6165fbd2fe200"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 895588703 895131928
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=302004
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz Show response
flowerstreatment.com/ 68 KB
25 KB 137ms
69ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef24a2be848d73ee9faad0ceaa36d122f895cebcc2795bdb86e96aec7f103a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Mon, 22 Apr 2024 13:10:43 GMT
x-datacenter: gce-europe-west1
etag: "4d68737fafc218f90256621c40ee0836464fd14f5c23fe8d619c4d4c9e20a611"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-zh1p
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1205290244
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 logo.svg
www.thenewstribune.com/wps/build/images/newLogos/thenewstribune/ 10 KB
5 KB 224ms
224ms Image
image/svg+xml 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/newLogos/thenewstribune/logo.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d172d3fa9e3a275a4c24dfa2f6e93f529f8ce5ac88f40cb0b221a4e8da0a0b91

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 69776
x-cachebust
server-timing: ak_p; desc="1713791443081_388358853_161814706_2419_15091_111_0_219";dur=1
content-length: 3725
last-modified: Thu, 18 Apr 2024 15:43:41 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"280d-18ef1e0bbc8"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 84835589, 172319919 164892314
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=483090
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 145ms
50ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100..900;1,100..900&family=Noto+Serif:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 21:35:01 GMT
x-content-type-options: nosniff
age: 574542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Apr 2025 21:35:01 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
43 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100..900;1,100..900&family=Noto+Serif:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 17:00:25 GMT
x-content-type-options: nosniff
age: 245418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Apr 2025 17:00:25 GMT

GET
H2 200 Tacoma%20housing_optional%20jump%20page%20photo.JPG
www.thenewstribune.com/latest-news/gcwayg/picture234042082/alternates/LANDSCAPE_768/ 92 KB
93 KB 180ms
178ms Image
image/jpeg 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/gcwayg/picture234042082/alternates/LANDSCAPE_768/Tacoma%20housing_optional%20jump%20page%20photo.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d16f7013ad13befa75d729b5366336b8d54c31ba40675b106d6ca9d53227f07c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 158
x-cachebust
server-timing: ak_p; desc="1713791443090_388358853_161814728_1173_18806_111_0_146";dur=1
content-length: 94008
last-modified: Wed, 12 Oct 2022 22:31:32 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "93bd568e8d3d10238b2d237fd406826b"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 102273429 102961946
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=600712
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 01HouseOfTomorrowGone.jpg
www.thenewstribune.com/latest-news/4wo2uy/picture287846250/alternates/LANDSCAPE_768/ 99 KB
100 KB 181ms
179ms Image
image/jpeg 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/4wo2uy/picture287846250/alternates/LANDSCAPE_768/01HouseOfTomorrowGone.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bd7af5f95a4572e496408a3c43967506be455e8310eeef5d23f676f7a0099d51

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 163
x-cachebust
server-timing: ak_p; desc="1713791443091_388358853_161814729_1101_13270_111_0_146";dur=1
content-length: 101133
last-modified: Fri, 19 Apr 2024 19:21:02 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "77588ee82c90e4a363f571b3a67ff5ea"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 95894552, 1023252699 1025511235
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=600777
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 039.jpg
www.thenewstribune.com/latest-news/jhtq95/picture287854930/alternates/LANDSCAPE_768/ 40 KB
41 KB 294ms
293ms Image
image/jpeg 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/jhtq95/picture287854930/alternates/LANDSCAPE_768/039.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fa6d12434e7178cf19bec0f2e7a36dd4b81dac39673eb2e41dede152247d386e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 179
x-cachebust
server-timing: ak_p; desc="1713791443090_388358853_161814730_2147_13674_111_0_146";dur=1
content-length: 41359
last-modified: Fri, 19 Apr 2024 23:11:07 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "d085da9b83f97db00b4754a79911eab1"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 190712146, 223785153 227876469
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=602573
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 TAC_TacomaGeneralER.jpg
www.thenewstribune.com/news/local/p6y37t/picture242557801/alternates/LANDSCAPE_768/ 55 KB
56 KB 336ms
334ms Image
image/jpeg 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/news/local/p6y37t/picture242557801/alternates/LANDSCAPE_768/TAC_TacomaGeneralER.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fd9a471a57b363ad69a36c7b4bf9085e1253f162e83e336cbfa00a7efea74262

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 416
x-cachebust
server-timing: ak_p; desc="1713791443161_388358853_161814832_1668_11231_111_0_219";dur=1
content-length: 56406
last-modified: Thu, 07 May 2020 01:29:00 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "1d3ec457dab806570af41382469bdb8c"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 153225668, 193513570 200776418
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=523619
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 1_th.jpg
img.connatix.com/ef842212-fa7e-4392-9e96-6b5e13d64b43/ 236 KB
237 KB 251ms
142ms Image
image/jpeg 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/ef842212-fa7e-4392-9e96-6b5e13d64b43/1_th.jpg

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89538a02946f43f9567bf59b8ecb7bcb3a64c0af5c85fc7bc03f878eb4b42ca8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 241641
cf-resized: internal=ok/h q=0 n=22+0 c=16+437 v=2024.4.0 l=241641
last-modified: Tue, 05 Dec 2023 00:59:24 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cfiLut9ZFwL50q7LQRr60j53WFsZ7-Tzt04sSdBa-5DQ:cb200d8334a54d1de214fe85a645f18a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "original is 214595B smaller"
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8785db077b5035b7-WAW
access-control-allow-headers: range
priority: u=1;i=?0,cf-chb=(195;u=4;i=?0 67447;u=5;i 121685;u=6;i)

GET
H2 200 01JordanHendersonArraignment.jpg
www.thenewstribune.com/latest-news/dse3e4/picture287854815/alternates/LANDSCAPE_768/ 29 KB
30 KB 348ms
347ms Image
image/jpeg 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/dse3e4/picture287854815/alternates/LANDSCAPE_768/01JordanHendersonArraignment.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac777dc8ee6f21ee3433e15ca369f04fb9d6cf477acdc42732f0c4c2ff2c99a0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 4061
x-cachebust
server-timing: ak_p; desc="1713791443169_388358853_161814833_1504_11084_111_0_219";dur=1
content-length: 30197
last-modified: Fri, 19 Apr 2024 23:03:18 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "00fd4df2fe8a0db57ed3b4ec72864552"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 142291026, 84154897 64633122
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=385595
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 clematis
www.thenewstribune.com/living/home-garden/marianne-binetti/71cpmv/picture202474324/alternates/LANDSCAPE_768/ 57 KB
58 KB 319ms
318ms Image
image/jpeg 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/living/home-garden/marianne-binetti/71cpmv/picture202474324/alternates/LANDSCAPE_768/clematis
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 94612e362f9324286d1a7b0cb04476dfd4444cb2dacd9bc50493525d6f5ca06e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 152494
x-cachebust
server-timing: ak_p; desc="1713791443156_388358853_161814834_1024_11742_111_0_219";dur=1
content-length: 58216
last-modified: Thu, 01 Mar 2018 17:26:27 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "a022e06572883337ea8a97c4ad036e96"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 204275259 167056865
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=580442
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 704d7326-1926-45db-b66c-95df11a17e24
www.mcclatchy-wires.com/incoming/vseefj/picture287892685/alternates/LANDSCAPE_768/ 70 KB
71 KB 363ms
204ms Image
image/jpeg 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/vseefj/picture287892685/alternates/LANDSCAPE_768/704d7326-1926-45db-b66c-95df11a17e24
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8116fd2103fa0870a96d796f0990683e43cff4556f02de0ccba0985a4583446b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 16
x-cachebust
server-timing: ak_p; desc="1713791443245_388358853_161814980_892_12815_110_0_146";dur=1
content-length: 72048
last-modified: Mon, 22 Apr 2024 05:40:09 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "cac7839b3f06736ae62799e4aa32e4e9"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 178038895 177774858
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577923
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 f6312114-8bc0-4352-8338-1c3485db4919
www.mcclatchy-wires.com/incoming/k5jmpt/picture286401265/alternates/LANDSCAPE_768/ 20 KB
20 KB 380ms
222ms Image
image/jpeg 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/k5jmpt/picture286401265/alternates/LANDSCAPE_768/f6312114-8bc0-4352-8338-1c3485db4919
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fb33a49aa638c5ef553ddb294c7461132c89efe46935f77e3b487d7602b39100

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 334
x-cachebust
server-timing: ak_p; desc="1713791443242_388358853_161814981_5999_13538_110_0_146";dur=1
content-length: 20050
last-modified: Mon, 22 Apr 2024 12:38:03 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "19296471f2648efa9c9b63186f2c4e59"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 109282900, 1026695234 1027676885
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=603262
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 20230601%20-%20model%20-%20oxy-r%20peptides%204%20-%20us%20-%20resized_7x5%20(1_fitted.jpeg
www.mcclatchy-partners.com/incoming/ggsefu/picture286576360/alternates/LANDSCAPE_768/ 21 KB
21 KB 434ms
150ms Image
image/jpeg 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-partners.com/incoming/ggsefu/picture286576360/alternates/LANDSCAPE_768/20230601%20-%20model%20-%20oxy-r%20peptides%204%20-%20us%20-%20resized_7x5%20(1_fitted.jpeg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 873c33f8e6318d4c2696fe7f9622b5f0a266cec71e9134194745051e013a05cb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 75
x-cachebust
server-timing: ak_p; desc="1713791443383_388358853_161815239_417_15788_111_0_146";dur=1
content-length: 21231
last-modified: Tue, 12 Mar 2024 13:11:58 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "9b1cba730aca6b75760147f62078be03"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 339084055, 821380959 831166295
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=275973
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 1_th.jpg
img.connatix.com/668c306c-8b4b-473a-9f55-3c86f20d20f1/ 78 KB
78 KB 209ms
101ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/668c306c-8b4b-473a-9f55-3c86f20d20f1/1_th.jpg

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3fb8c9d56d1f1975692ec6393662b50501cd041ce09b0123a3799361214dea1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 79662
cf-resized: internal=ok/h q=0 n=38+0 c=13+284 v=2024.4.0 l=79662
last-modified: Thu, 18 Apr 2024 16:33:13 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf2Vb5t6CIGqvxR_kiqj_3FwIKsZ7-Tzt04sSdBa-5DQ:a0291e87ec3af08da40913196188ffd7"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8785db077b4b35b7-WAW
access-control-allow-headers: range

GET
H2 200 /
cmp.osano.com/ Frame CA5D 0
0 115ms
22ms Document
text/html 2600:9000:266e:b200:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:b200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 45211
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Mon, 22 Apr 2024 00:41:05 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
x-amz-cf-id: D0Ic-5XE47OOhXv5S8let1F70hbEcHuF6mPxymRNkbZiN5UC8SbX7g==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 de.json
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ Frame 0
0 493ms
421ms Preflight 18.245.31.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-78.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 22 Apr 2024 13:10:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-cf-id: f5qRAmkDf-o-vmz-g7PBtgiS12xybCsqxXpx1LQOhfHtjNMsyunzWA==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ 101 KB
26 KB 70ms
68ms Script
application/javascript 2600:9000:266e:9200:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:9200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b3d6003e7ac6faea14056a61f10c55ab83f170610d1825f1b1a8059398db23c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: psz0qwenYU6FHyGntt_oaPEdyZ.pfVcI
content-encoding: gzip
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
date: Mon, 22 Apr 2024 03:46:17 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 37451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 17:31:55 GMT
server: AmazonS3
etag: W/"3c43909661fdbb8b883d3057f8534470"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: WY1JyCcx2joq6EHtmOt7eQCi9rZTlZNV0N_yk31JH7XKniOJbjOv8w==

GET
H3 200 de.json Show response
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ 31 KB
10 KB 122ms
122ms XHR
application/json 18.245.31.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-78.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e16763a0552a1cadd3c2225e18ff241a47c1e95e001eae3e6abc682e96ee3744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: B.mzPRqJ0QWGXe2qnbo6ubU5jTfyZdoj
x-content-type-options: nosniff
date: Mon, 22 Apr 2024 07:38:39 GMT
content-encoding: gzip
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
age: 25027
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 17:31:55 GMT
server: AmazonS3
etag: W/"b4bd683b93fbd2241af81a911cc41c73"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: 3FQKT5OKK4-A_UMJMzPUmrCBY00IlaXL0iHr1EsVVAhmcykhSeoy3Q==

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 218aab61-f5d2-45e6-b96c-b17576d2229f Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/218aab61-f5d2-45e6-b96c-b17576d2229f
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43bf433be2889bce9c62535f00fc92f8f900555fb50ae00aaebd7f357f9d0599

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK dc1f0b78-3ed6-4d4b-a65a-e5389929e7c6 Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/dc1f0b78-3ed6-4d4b-a65a-e5389929e7c6
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3a9956a029ceaf98b8cb7f6e6718faa41c6bf2ac276a6f4d734c0ad35a30268

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 389d480d-a0ab-4d61-be8b-a1c704fa208f
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/389d480d-a0ab-4d61-be8b-a1c704fa208f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 graphql Show response
api.dsp.mcclatchy.com/ 125 B
956 B 178ms
177ms Fetch
application/json 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a084cb4687796fe0d8a337abc919d941c9d9b15841988064d984129078b3a548

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=63072000
date: Mon, 22 Apr 2024 13:10:43 GMT
vary: Origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=12, ak_p; desc="1713791443070_388276365_2241413534_9730_12219_41_0_219";dur=1
content-length: 125
expires: Mon, 22 Apr 2024 13:10:43 GMT

GET
H2 200 suggestedContent.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 15 KB
6 KB 589ms
589ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/suggestedContent.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6c41125e7c807460a35268a37034ad9163aa6ad6d9391b2b5fe3e9c483c71d48

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 420
x-cachebust
server-timing: ak_p; desc="1713791443164_388358853_161814835_41372_12524_110_0_146";dur=1
content-length: 4892
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"3b71-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 223750179 227220399
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604773
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 domkut.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 7 KB
3 KB 326ms
326ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/domkut.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 095a8bdd875470c01e1ac597d89569a6cb18cfecd53382d8f214bbaa4f6a887a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 538
x-cachebust
server-timing: ak_p; desc="1713791443156_388358853_161814836_2727_11571_111_0_146";dur=1
content-length: 2413
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"1c64-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 230722622, 189340073 189209611
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604587
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoLoader.bundle-656b841ddb22a0280b4c.js Show response
www.thenewstribune.com/wps/build/webpack/ 286 KB
0 0ms
0ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videoLoader.bundle-656b841ddb22a0280b4c.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b53690006914e1f314cd21a31e98f4d803a4bbeba56c34b628dbacb3a9696fc3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:42 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 138
x-cachebust
server-timing: ak_p; desc="1713791442615_388358853_161813791_2399_12575_112_0_146";dur=1
content-length: 90116
last-modified: Thu, 18 Apr 2024 15:44:22 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"479e7-18ef1e15bf0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 85830830, 21109096 23271693
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=302282
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H3 200 connatix.player.js Show response
cd.connatix.com/ Frame D238 797 B
611 B 123ms
50ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d26a512de72bf01d41261162563e51eaf89715ed1dffb3a757a7f562c5199fb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8785db079e7258ea-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
480 B 78ms
22ms Image
image/gif 2600:9000:223f:9600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adunitid=dknewb&adnum=270540
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 02:40:14 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 37830
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: MaqKJC1E6w7co8-RA1g7yoVn0ubF24mco6IOGIJYkgii1qSsV99MFg==

GET
BLOB 200
OK 137606be-fd95-4ec8-a0eb-6d230561e6e6 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/137606be-fd95-4ec8-a0eb-6d230561e6e6
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecd7da60e2f378fed0368f7c50734fcd75dd0ab870dbf04d8ddee251451621e1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 2acf4c3f-6fdd-4179-8aa9-a84bf71638fd Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/2acf4c3f-6fdd-4179-8aa9-a84bf71638fd
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb001858659bc5ef2851c7bcf83f39f571be78c9cf4adb95615222a6413747db

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 cnx.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 6 KB
2 KB 208ms
208ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/cnx.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5dd7c5186b955a5ed8ca222dee73f9662d802b1466cffffa12b25fc0362b05b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 449
x-cachebust
server-timing: ak_p; desc="1713791443272_388358853_161815026_5137_12598_112_0_146";dur=1
content-length: 1888
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"1682-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1019559784, 109088706 101225683
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604671
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK a958a9bc-d4ac-4a25-b441-cb40691a0345 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a958a9bc-d4ac-4a25-b441-cb40691a0345
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e14c55d8259f417e2fa1644a3aedbca78f7618b65bb5f8082b5803aea46e571e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 sponsored.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 5 KB
2 KB 200ms
200ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/sponsored.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7376ab01d50afda4cf861998d092f3459a49986ba258a685905dfe31d02b52d0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 525
x-cachebust
server-timing: ak_p; desc="1713791443272_388358853_161815027_4870_12538_111_0_146";dur=1
content-length: 1916
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"145e-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 205550229, 182209359 192907255
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604624
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H3 200 elLoader.js Show response
cds.connatix.com/p/471698/ Frame D238 3 KB
2 KB 59ms
40ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/471698/elLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e48bbc337a51ce8a8d042a287cfc3854c62ce1f71a3d7949af40889de782a0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-amz-version-id: dcVfqMKr.M2j.mW71kirKQRd1d6Jkivq
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 10:11:40 GMT
server: cloudflare
etag: W/"45cb969c0faf127fd3e1eece36bc6cab"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 8785db080f9558ea-TXL
access-control-allow-headers: range
expires: Tue, 22 Apr 2025 13:10:43 GMT

GET
BLOB 200
OK 4e8c6f2e-e3a9-4519-a50a-bd5538b67dc6 Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/4e8c6f2e-e3a9-4519-a50a-bd5538b67dc6
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d2d25118b553a78d50b808a2284baa92bc4bfcc3cb1d044c3a77df6ddb9bc0b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 naeliya.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 8 KB
3 KB 165ms
165ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/naeliya.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1ee3647c41e26f21aab5459e42c1dda2515262dc7d1f6f46f632a3e0a7dfafca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 538
x-cachebust
server-timing: ak_p; desc="1713791443316_388358853_161815097_1896_13029_112_0_146";dur=1
content-length: 2604
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"2034-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 185968598, 230269202 232851592
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604659
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 590ms
190ms Preflight 52.37.89.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.89.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-89-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Mon, 22 Apr 2024 13:10:43 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 207ms
207ms Fetch
application/json 52.37.89.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/escenic.693d70d3386858c669c6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.89.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-89-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

60e9b0b2f843eb2ab828436bc4fc43833934a3865fe4bb9c5af54827c5764a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-662661d3-5afe38fd19f2ee345bfbf1db
content-length: 94

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 597ms
194ms Preflight 54.189.181.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=fad10e1f-3521-4834-82c4-39b21f39c633&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.181.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-181-41.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Mon, 22 Apr 2024 13:10:43 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-662661d3-214864637a55fb7073516361
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 597ms
194ms Preflight 54.189.181.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=fad10e1f-3521-4834-82c4-39b21f39c633&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.181.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-181-41.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Mon, 22 Apr 2024 13:10:43 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-662661d3-00803be97e38184d11272277
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 596ms
193ms Preflight 54.189.181.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=fad10e1f-3521-4834-82c4-39b21f39c633&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.181.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-181-41.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Mon, 22 Apr 2024 13:10:43 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-662661d3-3001277e30ebfc6b64b2a977
x-content-type-options: nosniff

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 91ms
20ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 2199
cache-control: no-store
content-length: 0
date: Mon, 22 Apr 2024 13:10:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-6626593b-5fe5464c5fcb0a1c5d4e2aeb
x-cache: HIT
x-cache-hits: 64
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791443.293274,VS0,VE0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 91ms
21ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 2199
cache-control: no-store
content-length: 0
date: Mon, 22 Apr 2024 13:10:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-6626593b-5fe5464c5fcb0a1c5d4e2aeb
x-cache: HIT
x-cache-hits: 66
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791443.293542,VS0,VE0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 90ms
21ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 2199
cache-control: no-store
content-length: 0
date: Mon, 22 Apr 2024 13:10:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-6626593b-5fe5464c5fcb0a1c5d4e2aeb
x-cache: HIT
x-cache-hits: 67
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791443.293820,VS0,VE0

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
439 B 410ms
205ms Fetch
application/json 54.189.181.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=fad10e1f-3521-4834-82c4-39b21f39c633&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.181.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-181-41.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

56526b0e3a8ae87ca59691671e0fe28abcfb94a79d2edd786ec0abf81b54e0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-662661d4-2c2ae4aa27383f6224cc16be
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 2 KB
1020 B 616ms
204ms Fetch
application/json 54.189.181.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=fad10e1f-3521-4834-82c4-39b21f39c633&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.181.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-181-41.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

001ce3663353278b65f00d9aa1e5a939126a0150e9b90d59e641487c5915cc26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-662661d4-2ead5c4c5b630ceb434ba8bd
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
440 B 206ms
205ms Fetch
application/json 54.189.181.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=fad10e1f-3521-4834-82c4-39b21f39c633&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.181.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-181-41.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

56526b0e3a8ae87ca59691671e0fe28abcfb94a79d2edd786ec0abf81b54e0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-662661d3-34157cea49d53b802be7bd09
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 89ms
21ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 2199
cache-control: no-store
content-length: 0
date: Mon, 22 Apr 2024 13:10:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-6626593b-5fe5464c5fcb0a1c5d4e2aeb
x-cache: HIT
x-cache-hits: 65
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791443.293339,VS0,VE0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
144 B 222ms
222ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6ImZhZDEwZTFmLTM1MjEtNDgzNC04MmM0LTM5YjIxZjM5YzYzMyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiIyNGhhcmQtcGF5d2FsbC1leHBlcmltZW50IiwiZGF0ZSI6IjIwMjQtMDQtMjIifX0=
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyIyNGhhcmQtcGF5d2FsbC1leHBlcmltZW50Il0=
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 2
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791443.315179,VS0,VE201
x-amzn-trace-id: Root=1-662661d3-35f2a66d5dc6c0b42e0c15fb
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
134 B 443ms
21ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6ImZhZDEwZTFmLTM1MjEtNDgzNC04MmM0LTM5YjIxZjM5YzYzMyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDI0LTA0LTIyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791444.736880,VS0,VE1
x-amzn-trace-id: Root=1-662661d3-339ac72074f82cbf11e0468a
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
107 B 465ms
21ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6ImZhZDEwZTFmLTM1MjEtNDgzNC04MmM0LTM5YjIxZjM5YzYzMyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDI0LTA0LTIyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791444.759512,VS0,VE0
x-amzn-trace-id: Root=1-662661d3-339ac72074f82cbf11e0468a
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
140 B 421ms
199ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6ImZhZDEwZTFmLTM1MjEtNDgzNC04MmM0LTM5YjIxZjM5YzYzMyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDI0LTA0LTIyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 42
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791444.538028,VS0,VE178
x-amzn-trace-id: Root=1-662661d3-339ac72074f82cbf11e0468a
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 connatix.player.dc.js Show response
cds.connatix.com/p/471698/ Frame D238 592 KB
164 KB 69ms
69ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/471698/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/471698/elLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa93b9aa620271bcf96263eecb4fe125a80d551db461edc001d1dbc11564afd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-amz-version-id: tgmntLPPOKVS95WMJF2w2ii16BNMiokh
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 10:11:40 GMT
server: cloudflare
etag: W/"ee363514382dfbc69570e0e68ace8114"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 8785db08484158ea-TXL
access-control-allow-headers: range
expires: Tue, 22 Apr 2025 13:10:43 GMT

GET
BLOB 200
OK e511707b-6059-45ab-aada-ac918ae5f02c Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/e511707b-6059-45ab-aada-ac918ae5f02c
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e441609ee5b605bce6fea97ab493a502933ea2a21682ea653919e978106763b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK a3350540-78eb-4c8c-bc1e-208ad709a3b5 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a3350540-78eb-4c8c-bc1e-208ad709a3b5
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 292f17dd7f459e7a74449624ad04544400ca3cffb72f8b96837ebea6610328eb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 6df20e38-c8a0-44ff-a207-fc11e6f5991c Show response
https://www.thenewstribune.com/ 266 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/6df20e38-c8a0-44ff-a207-fc11e6f5991c
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f90446b37d5780bc2dd6a63fab6032372fcde637923be7eb6e99fc74b028b27

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 266
Content-Type: text/javascript

GET
BLOB 200
OK 60664066-372f-450e-831d-838de234d97e Show response
https://www.thenewstribune.com/ 266 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/60664066-372f-450e-831d-838de234d97e
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9db863505a005204a9bf90ffb1a3c4c9f4d032992cd6df42d7d6fbeb875ae99

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 266
Content-Type: text/javascript

GET
H2 200 performance.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 14 KB
5 KB 169ms
168ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/performance.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 35d424a5063cc135bf516469dfcc3bb0f33bf93fbb5c58222495215cc1259802

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 554
x-cachebust
server-timing: ak_p; desc="1713791443468_388358853_161815406_2578_13920_110_0_146";dur=1
content-length: 4669
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"3879-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 106636004, 1025641934 1025777462
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604626
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 30 KB
10 KB 169ms
168ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/quarantine.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3f135c6bc3d6c124e553dbac22efe6076624f7aff31ce00502c4d927e80b55a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 541
x-cachebust
server-timing: ak_p; desc="1713791443463_388358853_161815407_2674_13024_110_0_146";dur=1
content-length: 10171
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"769b-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 113935178 101915266
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604602
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 footerBundle.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 3 KB
1 KB 160ms
160ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/footerBundle.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d9c776c4b3a1542acd27216542997cc42ff323e51dc452696e77f7780fd365c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 554
x-cachebust
server-timing: ak_p; desc="1713791443464_388358853_161815408_1753_12608_110_0_146";dur=1
content-length: 890
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"a75-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 179224064, 228106810 218557515
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604672
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 miFooter.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 12 KB
4 KB 163ms
163ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/miFooter.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 085929e3439ce46bc66bbfbd102f83feb9b3ca160a951ebf70b45e60450e4679

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 528
x-cachebust
server-timing: ak_p; desc="1713791443463_388358853_161815409_2445_13234_110_0_146";dur=1
content-length: 3760
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"2e08-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 103094043 103127042
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604731
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 200 824f8be0e463051cb28e00903b5f1a33c76e30da8c25b47c569e Show response
scissorsstatement.com/submit/ 303 B
816 B 108ms
44ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/submit/824f8be0e463051cb28e00903b5f1a33c76e30da8c25b47c569e

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

9ec0e09feba849a14b60a8f4e2ce2995ea012592b1341326b80306ff15b49b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Mon, 22 Apr 2024 13:10:43 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
x-hostname: fen-hoothoot-europe-west1-spot-zh1p
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 22 Apr 2024 13:10:42 GMT

GET
BLOB 200
OK 35413fc3-e336-4b71-bb54-c69732827a6b Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/35413fc3-e336-4b71-bb54-c69732827a6b
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a6b7a817521b7df99469d3bff1b99513f677d48e09966a92cd7832bca005438

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 a1e4bc6201a749f2d78dcf168cb07fca14a6016cadbe1fe0a4e1 Show response
scissorsstatement.com/ 3 B
66 B 62ms
61ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/a1e4bc6201a749f2d78dcf168cb07fca14a6016cadbe1fe0a4e1

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Mon, 22 Apr 2024 13:10:43 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
x-hostname: fen-hoothoot-europe-west1-spot-zh1p
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 22 Apr 2024 13:10:42 GMT

POST
H2 200 pixel_ebd1a36 Show response
www.thenewstribune.com/akam/13/ 0
817 B 127ms
127ms XHR
text/html 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/pixel_ebd1a36
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/akam/13/ebd1a36
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 13:10:43 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
x-cachebust
server-timing: ak_p; desc="1713791443616_388358853_161815729_604_8191_110_0_219";dur=1
access-control-allow-headers: *
content-length: 0
expires: Mon, 22 Apr 2024 13:10:43 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
197 B 269ms
20ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6ImZhZDEwZTFmLTM1MjEtNDgzNC04MmM0LTM5YjIxZjM5YzYzMyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDI0LTA0LTIyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791444.780720,VS0,VE0
x-amzn-trace-id: Root=1-662661d3-339ac72074f82cbf11e0468a
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 3

GET
BLOB 200
OK e271c6ac-9553-4dd3-b730-8965101ec783 Show response
https://www.thenewstribune.com/ 382 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/e271c6ac-9553-4dd3-b730-8965101ec783
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acbfa18515df05309e92473554174bfaebdb9720babe75568d2957c24a6d74ce

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 382
Content-Type: [object object]

GET
BLOB 200
OK 3d61e84c-a795-472b-a264-58b5eaa28f48 Show response
https://www.thenewstribune.com/ Frame E02D 466 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/3d61e84c-a795-472b-a264-58b5eaa28f48
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 466
Content-Type: text/javascript

GET
BLOB 200
OK 5fb6d6d3-9a35-4453-8485-da4649dc1e23 Show response
https://www.thenewstribune.com/ Frame 9088 555 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/5fb6d6d3-9a35-4453-8485-da4649dc1e23
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e862bf1e216f81d079dc802b0dae8313937d4857175abb0f4706ec8f8f07cdc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 555
Content-Type: text/javascript

GET
BLOB 200
OK dd04f861-7179-4bc5-b2fa-5e408a726706 Show response
https://www.thenewstribune.com/ Frame 4A26 590 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/dd04f861-7179-4bc5-b2fa-5e408a726706
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 590
Content-Type: text/javascript

GET
H2 200 pdp.gif
www.thenewstribune.com/oi-blsnzoy/ 42 B
455 B 537ms
537ms Image
image/gif 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/oi-blsnzoy/pdp.gif?k=eyJpZCI6Im1pX3RpX3RudF9mYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzNfMTcxMzc5MTQ0MzIwNl8xNzEzNzkxNDQzMjAxIiwiZG9tSW50ZXJhY3RpdmUiOjMxNzksInJlcXVlc3RTdGFydCI6MTczM30=
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 302759
x-cachebust
server-timing: ak_p; desc="1713791443648_388358853_161815796_39984_15835_117_0_146";dur=1
content-length: 42
last-modified: Thu, 18 Apr 2024 14:25:12 GMT
server: MI
etag: "2a-6165fbd2fe200"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 85064876 990807791
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86400
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 266ms
194ms Preflight 54.189.181.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=fad10e1f-3521-4834-82c4-39b21f39c633&user_id=&comp_id=apflrqef

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.181.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-181-41.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Mon, 22 Apr 2024 13:10:43 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-662661d3-50309b667dd9c784418971b5
x-content-type-options: nosniff

GET
H2 400 userprofile Show response
profile-api.amplitude.com/v1/ 331 B
600 B 216ms
215ms Fetch
application/json 54.189.181.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=fad10e1f-3521-4834-82c4-39b21f39c633&user_id=&comp_id=apflrqef

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.181.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-181-41.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

e2eb97b657dc4c9636590a6058ae6abf8a74a41d45772556d62390b0b99b5849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-662661d3-5aceb5536c50bd8d0afec39a
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
content-length: 331

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 374 B
362 B 443ms
194ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

096d737de4e9d2ccaf1e6b46be90c8d4cc8e5186e13eb2a0d3936509c3512040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6ImZhZDEwZTFmLTM1MjEtNDgzNC04MmM0LTM5YjIxZjM5YzYzMyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJzb3BoaS10ZXN0LWdyb3VwLXRpZXItMiIsImRhdGUiOiIyMDI0LTA0LTIyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJzb3BoaS10ZXN0LWdyb3VwLXRpZXItMiJd
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 260
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791444.801813,VS0,VE174
x-amzn-trace-id: Root=1-662661d3-05ebf3f9018a5d2107aca0be
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame E02D 4 KB
2 KB 79ms
24ms Script
application/javascript 18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/3d61e84c-a795-472b-a264-58b5eaa28f48
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 00:48:42 GMT
content-encoding: gzip
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 45327
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ZyyUCi0LIvgCC0UtOtjNt-nNFCv-w6ofmBjDjwy-405GXy2sBphGhg==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/11/ Frame 9088
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1653
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

148 KB
43 KB

25ms
23ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Apr 2024 09:03:15 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 17 Nov 2023 15:14:59 GMT
server: nginx
age: 14848
etag: "7c7b83c1a7aee9d99fa9f7b5fa2e2f6c"
vary: Accept-Encoding
x-cache: HIT Fri, 17 Nov 2023 15:29:13 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43804

Redirect headers

date: Mon, 22 Apr 2024 13:10:43 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-served-by: 2-gc-europe-west6-8j341031

GET fullcontact.js
tags.fullcontact.com/anon/ Frame 4A26 0
0

GET
H2 204 b
sb.scorecardresearch.com/ Frame E02D 0
224 B 25ms
24ms Image
text/plain 18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1713791443622&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.thenewstribune.com%2F&c8=Tacoma%20WA%20Breaking%20News%2C%20Crime%20%26%20More%20%7C%20Tacoma%20News%20Tribune&c9=https%3A%2F%2Fwww.thenewstribune.com%2F
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:43 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: 66IqKO4wMDJsLr9YHwiLv0Zp4OtY3Wlu0_--5K7F7pjpWGnaGCLF1g==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame 9088 43 B
245 B 508ms
121ms Image
image/gif 54.204.184.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&hier=_HomePage&ptype=homepage&pubname=The%20News%20Tribune&sec=Homepage&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=de-DE&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=11&tvcfg=all&tid=0e0e17f8-8bd4-43fc-b7ee-775fad740eb7&pid=bc251c63-7684-4c02-8433-d374e4c618c5&dtm=1713791443736&qnm=_matherq&visible=1&tabid=7c8fa28a-c745-49a2-947d-e8bbe28ae948&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1713791444&vid=1&lvidt=1713791444&duid=4cea54a1-9e18-410f-870f-da023724107b&fp=1187562409&cid=ma12095&mrk=74930801&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcxMzc5MTQzOTgwNyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMC4xMTE4NjVtYiIsImhlYXBUIjoiMjYuNzQwODc3bWIiLCJmc3RQYWludCI6IjMxNDQiLCJmZXRjaFMiOiIxMzU3IiwiZG9tYWluUyI6IjEzOTYiLCJkb21haW5FIjoiMTM5NiIsImNvbm5TIjoiMTM5NiIsImNvbm5FIjoiMTczMiIsInNzbFMiOiIxNTA3IiwicmVxdVMiOiIxNzMzIiwicmVzcFMiOiIyMDg5IiwicmVzcEUiOiIyMTIzIiwiZG9tTG9hZCI6IjIwOTYiLCJkb21JbnRlciI6IjMxNzgiLCJkb21Mb2FkUyI6IjMxOTkiLCJkb21Mb2FkRSI6IjMyMDEifX0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.184.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-184-105.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Mon, 22 Apr 2024 13:10:44 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
BLOB 200
OK 99acb681-49dc-4e30-8c08-148793122c08 Show response
https://www.thenewstribune.com/ 266 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/99acb681-49dc-4e30-8c08-148793122c08
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b37d872dba020ee1c19d170ad5d40645bafb68a2f0e982472a55aa5830338eda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 266
Content-Type: text/javascript

GET
BLOB 200
OK 6981f915-78f1-4a21-ad7d-21075888a98a Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/6981f915-78f1-4a21-ad7d-21075888a98a
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e8f83993c6b48ed294ffe2317c8362c68dfad9d772f6940f0a4260cf4feb7ad

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 204ms
204ms Fetch
application/json 52.37.89.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/escenic.693d70d3386858c669c6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.89.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-89-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

2f93cf44d9d08ef7f1a6ddc96a3ecf7b9217ddc7fc6fab8d070f09f91365edeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-662661d4-5e3ac16a6cb8d56e04fea676
content-length: 94

GET
H2 200 homepage.json Show response
www.thenewstribune.com/static/hi/zones/ 1 KB
1 KB 610ms
609ms Fetch
application/json 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/zones/homepage.json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/zones.693d70d3386858c669c6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4a5bca6580a6caf83f9bf95c31541f90aa9114f80798948c82736d141c0d2e66

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 274
x-cachebust
server-timing: ak_p; desc="1713791444146_388358853_161816775_47729_12810_113_0_219";dur=1
content-length: 420
last-modified: Mon, 08 Apr 2024 16:14:23 GMT
server: MI
etag: W/"53b-61598193e75c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 392889122, 394791660 393451862
content-type: application/json
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 52f5f4d7-d82d-4db6-8d00-e13f8b30b8a8 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/52f5f4d7-d82d-4db6-8d00-e13f8b30b8a8
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2730289bd1ac68ea19e6c07768ed684787f25bc268b2a5f7a2963341d6123878

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 4 KB
2 KB 189ms
189ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5ee20eaa627a9d71d972316c0668c77178d4d49ac1ddc2de5684cc378448b0a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImJyYXplX3VzZXJfYWxpYXMiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfcG1vZGUiOiIwIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiIxNjAweDEyMDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjQuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3Q0X2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImRhdGUiOiIyMDI0LTA0LTIyIn19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 1711
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791444.040084,VS0,VE168
x-amzn-trace-id: Root=1-662661d4-4e7a5dc441a620405e5467bb
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 207ms
207ms Fetch
application/json 52.37.89.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/escenic.693d70d3386858c669c6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.89.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-89-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

79fd014193fdcd11986d50c7b28670958552e7c88d85849f925c9a694108c8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-662661d4-65cd672627066d8e2c70e11f
content-length: 94

GET
H2 200 parsely.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 5 KB
2 KB 343ms
343ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/parsely.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bdaa4ff2ce76b9fa477ea350f241d882753dc0123a7486f41f7dbd8c25994eba

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 695
x-cachebust
server-timing: ak_p; desc="1713791444145_388358853_161816776_22455_15447_115_0_146";dur=1
content-length: 1870
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"13f3-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 165397732, 233505616 218557517
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604773
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 991c2c15-cd30-4b90-a9d4-2f1ba4e24be6 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/991c2c15-cd30-4b90-a9d4-2f1ba4e24be6
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 218cdf095144025dd682e5c397341bdd88e50c8201699971a85b59e3894dc4d8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 1a1d9527-333b-49a4-bbf7-34b4ef51a4ac Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1a1d9527-333b-49a4-bbf7-34b4ef51a4ac
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb2d3dada2e63fb9552e53876cda07a47801c4126284e56f8932c35056b3475f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 0146bf25-8d37-44bc-aa07-db23a80e5d65 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0146bf25-8d37-44bc-aa07-db23a80e5d65
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c60dc99b853148584d04f2196a1c6c9a16d744597f2bffa5b515d2d917f0d734

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 iterate.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 2 KB
1 KB 500ms
499ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/iterate.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 972294b2018c0d9835fc4aef9688d6750f9f525c93ee403377643f04f598312d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 695
x-cachebust
server-timing: ak_p; desc="1713791444402_388358853_161817327_37161_12767_113_0_146";dur=1
content-length: 1058
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"6d1-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1025709329 1008332702
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 hanealneh.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 173 KB
48 KB 513ms
513ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/hanealneh.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 285bc99421a69842533ad55062ed4d6fa6e134e4462ccb6ca890632861302cef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 696
x-cachebust
server-timing: ak_p; desc="1713791444398_388358853_161817328_38808_11598_113_0_146";dur=1
content-length: 48669
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"2b3b1-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 228003382, 193856517 184951045
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604778
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 talidgo.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 22 KB
7 KB 526ms
526ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/talidgo.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fbe7f52a5d32f5d92c59e392ced05bd9151bdc1378f7d53fe0ea5c1c74759a17

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 683
x-cachebust
server-timing: ak_p; desc="1713791444398_388358853_161817329_39828_11689_113_0_146";dur=1
content-length: 6795
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"56a9-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 106042811, 1021484362 1026037871
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 35fbf24d-9cad-4bc6-bdb1-aacfa81ce09b Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/35fbf24d-9cad-4bc6-bdb1-aacfa81ce09b
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19247c4bf7863dfde8a35b9d24f6fba316a35399a0977e6f642ce2df2f16f735

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 htlbid.css
htlbid.com/v3/thenewstribune.com/ 3 KB
672 B 528ms
468ms Stylesheet
text/css 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: br
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 14:27:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"6079441ba3e393b1ed99fc06f4fd2fea"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: J_ROFK7B9y4I7jFAuCVl_TF6oCn4hv8Lk4WaFKFB-YgCNI6MFBOOdA==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/thenewstribune.com/ 521 KB
136 KB 477ms
417ms Script
application/javascript 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36e7e3945b082b2a41bc9408f0f5d4dc4ae33d7850001ad8758987a1b1e72919

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: br
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 14:27:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"5310fa3751bd419ab931f69f0fca9cee"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: 6Td2iTNf2bGTpQles46D6vtK0sWiE4xaYd77ww4J5Qni-zPhypihkQ==

POST
H3 200 a34b4517ca914b4d66a95660a15f5a5c3c48b8
scissorsstatement.com/bb7c8ee35608a1/ 2 B
28 B 65ms
33ms Ping
application/json 34.160.169.226
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/bb7c8ee35608a1/a34b4517ca914b4d66a95660a15f5a5c3c48b8

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.169.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

226.169.160.34.bc.googleusercontent.com

Software

Resource Hash

4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Mon, 22 Apr 2024 13:10:44 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
x-hostname: fen-hoothoot-europe-west1-spot-zh1p
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 22 Apr 2024 13:10:43 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 29 B
144 B 193ms
192ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImJyYXplX3VzZXJfYWxpYXMiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfcG1vZGUiOiIwIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiIxNjAweDEyMDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjQuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3Q0X2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImZsYWdfa2V5Ijoiem9uZS1jb250ZW50IiwiZGF0ZSI6IjIwMjQtMDQtMjIifX0=
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ6b25lLWNvbnRlbnQiXQ==
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 49
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791445.637454,VS0,VE172
x-amzn-trace-id: Root=1-662661d4-3e9568b85719e0ee1862e667
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 284301473 Show response
www.thenewstribune.com/webapi-public/v2/content/ 862 B
1 KB 542ms
542ms Fetch
application/json 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/webapi-public/v2/content/284301473
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/zones.693d70d3386858c669c6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dcece8f7df774b4b978e8cb0bfa09da8ea8de2dd9cdc4deabbf691594ca0ee4e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 218
x-cachebust
server-timing: ak_p; desc="1713791444732_388358853_161817965_41414_11840_113_0_219";dur=1
content-length: 420
mi-api: true
last-modified: Mon, 22 Apr 2024 13:07:06 GMT
x-proxy-forwarding-type: WebAPI
server: MI
etag: W/"82fccd89-f2e5-4b2c-8f61-c01e54a598e6"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1028071067, 103715170 94681677
content-type: application/json;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=272
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 206ms
206ms Fetch
application/json 52.37.89.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/escenic.693d70d3386858c669c6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.89.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-89-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

b5b8bd52695dd8b96e74b125b389b4c6a0e887ab7722e21ab4649e90db42f88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:44 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-662661d4-56f0c29c083b10a55c963630
content-length: 94

GET
H2 200 thenewstribune.json Show response
www.thenewstribune.com/oi-blsnzoy/data/datawall/ 126 B
892 B 499ms
499ms XHR
application/json 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/data/datawall/thenewstribune.json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 817875cd68037c353805b105c90fbf96f433f0f26d2d5acbe408eecbe5f7e0ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 145
x-cachebust
server-timing: ak_p; desc="1713791445056_388358853_161818557_36800_11382_112_0_219";dur=1
content-length: 124
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"7e-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1006272019, 98213468 100801096
content-type: application/json
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=180
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 markup3s_v4.html Show response
www.thenewstribune.com/oi-blsnzoy/data/datawall/ 27 KB
5 KB 685ms
685ms XHR
text/html 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/data/datawall/markup3s_v4.html
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9a5e1bdbea96f3c5d3c726b22fe2950b290fb6725acfdfc73a2c5a863a018a8a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 66
x-cachebust
server-timing: ak_p; desc="1713791445056_388358853_161818558_36883_11404_116_0_219";dur=1
content-length: 4531
server: MI
etag: W/"6d11-616aee2e457c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
x-varnish: 188320809, 227486231 231216929
vary: Accept-Encoding
access-control-allow-credentials: false
cache-control: max-age=180
mi-cache: HIT
access-control-allow-headers: *

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 775 B
434 B 188ms
188ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/woldoni.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c7064bdcd04183dae27f707e6805423ccbc56f8ad72df39c63b9019a10a91c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImJyYXplX3VzZXJfYWxpYXMiOiJmYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzMiLCJkZXZpY2VfcG1vZGUiOiIwIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiIxNjAweDEyMDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjQuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3Q0X2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImRhdGUiOiIyMDI0LTA0LTIyIn19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-WXkdEms1kcNV81IeB1qqTRJToktXL0r2
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 316
x-served-by: cache-fra-etou8220025-FRA
x-timer: S1713791445.954767,VS0,VE168
x-amzn-trace-id: Root=1-662661d5-0091780311a85da44371480e
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 93 KB
30 KB 119ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a030ddc5f530328d584ad1f4f0e671a49d78a710fc9cbbcd81bfc80a624345bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29803
x-xss-protection: 0
server: cafe
etag: 670 / 19835 / 31082879 / config-hash: 9236536051639988408
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Apr 2024 13:10:45 GMT

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 167 KB
37 KB 102ms
60ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4e51e5bb82763a2769706fc7b61e37babb69d7942a40cde2ad4d355aa6f5ed6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 12:26:43 GMT
server: cloudflare
x-amz-request-id: 4JMJQ7THRCH2WK33
etag: W/"fbb1085cea68d8c076d885fb9d7b5d8b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 8785db137915aca7-TXL
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bvCVvbspD341iSPsZHihp5htAOfBl8wsrIX9n48Gk3orxvZXNt27532WW8Gkm3n1e865AcvahXY=

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/ 451 KB
141 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js?cb=31082879

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71eb11ec6af6382b7d873d1900a972390f18a8897964f41e8acd9f3a1b8fa14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 13:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85944
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143856
x-xss-protection: 0
server: cafe
etag: 5552259019330558669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 21 Apr 2025 13:18:21 GMT

GET
BLOB 200
OK 78fc413d-caaf-4c83-bf11-1b3f6f2c55bd
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/78fc413d-caaf-4c83-bf11-1b3f6f2c55bd
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202403121239/ 284 KB
87 KB 48ms
48ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202403121239/wrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b914de15dd75628895223bfe09012e3687598bca4dbaa34a97234f6a8826e9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Mar 2024 16:41:24 GMT
server: cloudflare
x-amz-request-id: CPJR14Z5CG7ZM7M5
age: 1618567
etag: W/"c1e08625d829bb0007d3c12ed83ad1cb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8785db144b33aca7-TXL
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0bu1vOgzNBrUbDNho7nKYyx8geL7W1Pn2xCzWyDvb+7MXjZDeUIBbKvHKEBFoOuJUN7X3piXjuU=

GET
H2 200 eedition-promo-games.js Show response
www.thenewstribune.com/static/hi/cards/v1/eedition-promo/ 11 KB
4 KB 531ms
531ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/cards/v1/eedition-promo/eedition-promo-games.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c2705632879b9e4cf84ca44ec56248c4e6a28f23f6776f5c442f893c2afc3d66

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 289
x-cachebust
server-timing: ak_p; desc="1713791445280_388358853_161818960_40004_14294_116_0_219";dur=1
content-length: 3439
last-modified: Thu, 28 Mar 2024 19:38:56 GMT
server: MI
etag: W/"2cdd-614bdac89dad0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 474386480 474089855
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=278
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/ 24 KB
3 KB 498ms
436ms Fetch
application/json 2600:9000:223e:a400:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:a400:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c09ecff56fe0dc82be5c8fbf359e02b260b6e8ede808c6a68c1b02c52ed11bec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
content-encoding: gzip
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2293
x-amz-expiration: expiry-date="Sat, 22 Jun 2024 00:00:00 GMT", rule-id="cleanup"
last-modified: Mon, 22 Apr 2024 13:10:20 GMT
server: AmazonS3
etag: "6921a7f768aa006b72fffc2c97931296"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: rTb7eH0uIplOKvVL6A2ZJpw7rsuTiEN7HzQBwRtalI7GTqyqeOdHbA==

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 290ms
226ms Preflight 2606:4700:4400::6812:25a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 8785db15ed173666-FRA
content-encoding: gzip
date: Mon, 22 Apr 2024 13:10:45 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 564 B
651 B 1243ms
1243ms XHR
application/json 2606:4700:4400::6812:25a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/hanealneh.693d70d3386858c669c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c63eae5dbdc4ea281f260a2e3a5433700e094e5fed88a78d640ae8a708615f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key: 83d75cce-ff55-432f-b0b6-78b7ba1ad6a8
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Last-Req-Ms-Ago: 7200000
Referer: https://www.thenewstribune.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Braze-Req-Attempt: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 7cc2983c-f5ff-4491-8754-8e708e04c236
x-runtime: 1.026469
server: cloudflare
etag: W/"61c63eae5dbdc4ea281f260a2e3a5433"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1713791448
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 8785db174ecb3666-FRA
x-ratelimit-remaining: 474.0

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e33d4565bdbaf2ffd0d9fc9964475d388d74012e261f01975b18705df8041cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 13:07:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Apr 2024 13:10:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
752 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,700

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3f8d02a7a7b9fc07dcc70c897787cc409719570b458412f476e9ccd97c7d2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Apr 2024 13:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 12:40:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Apr 2024 13:10:45 GMT

GET
H2 200 thenewstribune-black.png
www.thenewstribune.com/oi-blsnzoy//images/logos/ 10 KB
10 KB 278ms
278ms Image
image/png 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/oi-blsnzoy//images/logos/thenewstribune-black.png
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0f183d0f4e84ac50c22fe0b6299ec2ca8c664eff2f3c2b13b02a58c0c1bfae2e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 58302
x-cachebust
server-timing: ak_p; desc="1713791445739_388358853_161819902_14278_14493_114_0_146";dur=1
content-length: 9785
last-modified: Thu, 18 Apr 2024 14:25:12 GMT
server: MI
etag: "2639-6165fbd2fe200"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 171413886, 219663227 213165857
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 205ms
205ms Fetch
application/json 52.37.89.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/escenic.693d70d3386858c669c6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.89.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-89-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

52c3acf3a95b4c8e58579bd003a605aabc56623d8fd9e0e60aea3d8717ee8c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:45 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-662661d5-1f53f2b15692ed09154f5541
content-length: 94

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 21:35:01 GMT
x-content-type-options: nosniff
age: 574542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Apr 2025 21:35:01 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 17:00:25 GMT
x-content-type-options: nosniff
age: 245418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Apr 2025 17:00:25 GMT

GET
H2 200 get_image.aspx
edition.pagesuite-professional.co.uk/ 31 KB
32 KB 105ms
24ms Image
image/jpeg 18.245.31.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edition.pagesuite-professional.co.uk/get_image.aspx?w=200&pbid=dafd1f4e-1b23-4f7e-9a04-8933e0208fae
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-42.fra56.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 96d69ddc0ddadb10b3dfcc9626b213c933262eeee17855d7a35881773cf5a8d3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:03:48 GMT
via: 1.1 04d30d89cfeb7f513dc1f5b2d3c605d2.cloudfront.net (CloudFront)
last-modified: Mon, 22 Apr 2024 10:19:10 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA56-P8
age: 417
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: private
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qgjO1vy7eIMb1HuPWoqYWqfb01AhWFrkAmwWrilmeE9KciVhtuT8Cw==

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 116 KB
25 KB 78ms
24ms Script
text/javascript 2600:9000:2490:d200:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5441ece0e7fd76d08bc8dc8d50c06353bd6b67634787f399e996df2e5ae842a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: LsFAyctzBjjRSOvWUGbZGO3WG88duVQq
content-encoding: gzip
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
date: Mon, 22 Apr 2024 01:02:38 GMT
last-modified: Tue, 09 Apr 2024 16:31:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 45650
x-amz-server-side-encryption: AES256
etag: W/"ae37b71ef686db8329487f723e5791f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
x-amz-cf-id: 4UdUG5jJMlgiUs4BfoHX6V3izEY9JxJ-kmenhNafM7Pf1wEZq1HeWA==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 335ms
117ms Image
image/png 52.216.41.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1d5c59e663ea
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.41.209 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 13:10:47 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: EVDZH4Y6ZWZGDSV7
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: uNtqES5+Bl1kaLRKsfiX6Mm386i8rGfX+XE2+RWJH7vN8t2vv5CzPmxxqQjZ51Sqpv4xcXy9X5U=

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 500ms
125ms XHR
text/xml 3.239.232.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.239.232.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-239-232-93.compute-1.amazonaws.com
Software: /
Resource Hash: 220d64d60e05bc63b03ed6380b405d3b3780e0f4570c0dd44dd453efc0803a87

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Mon, 22 Apr 2024 13:10:46 GMT
connection: keep-alive
x-amzn-RequestId: 43cee694-632c-5fff-a29d-b834073a6cf2
Content-Length: 378
Content-Type: text/xml

GET
BLOB 200
OK 7e4329de-169c-401d-941e-a520e7f1f5d4 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/7e4329de-169c-401d-941e-a520e7f1f5d4
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 961e1eb470acb49f2cecc15568ea759c26e1ebf84c575e6d5f434416bddcf030

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK f45a4c06-1c4e-45e1-b5c8-2a88a583654b Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/f45a4c06-1c4e-45e1-b5c8-2a88a583654b
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee69f71ef0d1b1aaf168e078ac1cadec393f2098fb18879d75950155ed0bee3c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 487968fc-6f78-453f-8105-f3ab5a47aa3b Show response
https://www.thenewstribune.com/ 382 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/487968fc-6f78-453f-8105-f3ab5a47aa3b
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b3ce15faceb70c7b150bd7a15ffadb35d8b07c74f23ea17a7f0931da4aced24

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 382
Content-Type: [object object]

GET
BLOB 200
OK f31f9f77-bea1-4dcc-8388-ad14191c45d5 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/f31f9f77-bea1-4dcc-8388-ad14191c45d5
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22e96067f789606d764ab553b768892cdaacb3c669b37581d6841e04016faa9f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 8e9e531e-07a1-403b-af41-815b416c8f65 Show response
https://www.thenewstribune.com/ 366 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/8e9e531e-07a1-403b-af41-815b416c8f65
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 379a336e0eb18890122f64e9354d6b0cecfc69aeef5711aaeb886005d2a74a08

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 366
Content-Type: [object object]

GET
H2 200 webpush_desktop_en.svg Show response
www.thenewstribune.com/oi-blsnzoy/messaging/ 62 KB
24 KB 168ms
168ms XHR
image/svg+xml 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/messaging/webpush_desktop_en.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0bb3754e5ea2f7bc2ee48c5dd9511630fd8440667c48040c7f7b1ae2cbec4d55

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6294
x-cachebust
server-timing: ak_p; desc="1713791446471_388358853_161821144_1975_13666_116_0_219";dur=1
content-length: 23970
last-modified: Thu, 18 Apr 2024 14:25:12 GMT
server: MI
etag: "f802-6165fbd2fe200"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 100445285 107324843
content-type: image/svg+xml
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=308516
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 50e5843e-bdbb-4b6e-a6fe-88a8e7ff8743 Show response
https://www.thenewstribune.com/ Frame 534A 595 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/50e5843e-bdbb-4b6e-a6fe-88a8e7ff8743
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 826f7ae6fd28c94530393905aa590d0e5e9fd1f98b1a9e58bb50329586c67ebb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 595
Content-Type: text/javascript

GET
BLOB 200
OK 724a149d-64b8-4dd9-a608-fdbb563235f8 Show response
https://www.thenewstribune.com/ Frame 8036 512 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/724a149d-64b8-4dd9-a608-fdbb563235f8
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeefaae7e90680816ec89d5a80f2e8e9f07ef6a56a1d66fa2f8dc07a8a92b820

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 512
Content-Type: text/javascript

GET
BLOB 200
OK c80d89cb-ac73-466e-9705-1f3bcb3c50d1 Show response
https://www.thenewstribune.com/ Frame BE24 724 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/c80d89cb-ac73-466e-9705-1f3bcb3c50d1
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 724
Content-Type: text/javascript

GET
BLOB 200
OK 21defe4f-59ee-4757-95db-05960aefaef3 Show response
https://www.thenewstribune.com/ Frame 4F16 510 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/21defe4f-59ee-4757-95db-05960aefaef3
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 510
Content-Type: text/javascript

GET
BLOB 200
OK 58906f53-863b-4bcf-a3ad-b092c18db85d Show response
https://www.thenewstribune.com/ Frame 974A 464 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/58906f53-863b-4bcf-a3ad-b092c18db85d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e4be20312e2b84c81275836c74764a61075c14fc7c58073c778e61efd19428

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 464
Content-Type: text/javascript

GET
BLOB 200
OK 9cc836a8-62fd-44c2-8602-aca2d53a8571 Show response
https://www.thenewstribune.com/ Frame 4E48 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/9cc836a8-62fd-44c2-8602-aca2d53a8571
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bb47164a4822568c1d4151c0763427320322bef5b6bba78a0b86e82beec03c5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1896
Content-Type: text/javascript

GET
H2 200 pageLoad.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 4 KB
2 KB 725ms
724ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/pageLoad.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: be40e63f40f17f6223b9e7ccf41912e39cb5aebe3a241163d1e6107ee3425aee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:47 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 692
x-cachebust
server-timing: ak_p; desc="1713791446473_388358853_161821145_57902_12946_115_0_146";dur=1
content-length: 1570
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"f0c-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 184951068, 231019471 232098012
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604740
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 chatbot.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 5 KB
2 KB 520ms
520ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/chatbot.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 79b16699262de2692f98685f3b707072e74660b0c37613d73a957c7c8a1a51fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 673
x-cachebust
server-timing: ak_p; desc="1713791446473_388358853_161821146_39114_10715_110_0_146";dur=1
content-length: 1888
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"1257-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 189994227 191826785
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.thenewstribune.com/oi-blsnzoy/ 42 B
461 B 313ms
312ms Image
image/gif 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/oi-blsnzoy/pdp.gif?k=eyJpZCI6Im1pX3RpX3RudF9mYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzNfMTcxMzc5MTQ0NTY0NV8xNzEzNzkxNDQzMjAxIiwiZ3B0UmVxdWVzdGVkIjo1MTcwLCJsb2FkRXZlbnRTdGFydCI6NjUxMn0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 302761
x-cachebust
server-timing: ak_p; desc="1713791446472_388358853_161821147_16139_20141_110_0_146";dur=1
content-length: 42
last-modified: Thu, 18 Apr 2024 14:25:12 GMT
server: MI
etag: "2a-6165fbd2fe200"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 111646659, 194052377 15148313
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86348
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tehi.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 6 KB
3 KB 573ms
573ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/tehi.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c0786fdbc945610c0f147c5e774ca5201493a44601f58993a8806cfb9e02c192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 539
x-cachebust
server-timing: ak_p; desc="1713791446473_388358853_161821148_42774_14318_110_0_146";dur=1
content-length: 2186
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"1758-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 82704993 94714344
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604749
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.thenewstribune.com/oi-blsnzoy/ 42 B
455 B 274ms
274ms Image
image/gif 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/oi-blsnzoy/pdp.gif?a=eyJpZCI6Im1pX3RpX3RudF9mYWQxMGUxZi0zNTIxLTQ4MzQtODJjNC0zOWIyMWYzOWM2MzNfMTcxMzc5MTQ0NTY0NV8xNzEzNzkxNDQzMjAxIiwibm93IjoxNzEzNzkxNDQ2MzU0LCJucyI6dHJ1ZX0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 302761
x-cachebust
server-timing: ak_p; desc="1713791446470_388358853_161821149_13885_12970_114_0_146";dur=1
content-length: 42
last-modified: Thu, 18 Apr 2024 14:25:12 GMT
server: MI
etag: "2a-6165fbd2fe200"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 227486234 111646660
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86362
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 favicon-32.png
www.thenewstribune.com/wps/build/images/thenewstribune/ 411 B
871 B 141ms
140ms Other
image/png 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/favicon-32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a1a850fd1774ef1f9ad3314570b39867b72669a78e9dc00c7dbae09e3e81a010

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2674
x-cachebust
server-timing: ak_p; desc="1713791446470_388358853_161821150_785_13133_116_0_219";dur=1
content-length: 411
last-modified: Wed, 10 Apr 2024 13:24:07 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"19b-18ec82e14d8"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1030714435, 290720238 289047024
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=51598
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 534A 33 KB
11 KB 85ms
25ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?223
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/50e5843e-bdbb-4b6e-a6fe-88a8e7ff8743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 12:28:00 GMT
via: 1.1 google
content-encoding: br
age: 2566
x-guploader-uploadid: ABPtcPoOwKUYVjHT9Oxj5R0-7mUb8C9qg8gqM3iWXVAIFOcCLZ1LFRZ5_-AxZCxvmJDh7eKTMAo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10617
last-modified: Tue, 19 Mar 2024 18:01:29 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1710871289439515
x-goog-hash: crc32c=HinCJA==, md5=x4MOkeS+jF0j70aOQ9M5fQ==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34224
accept-ranges: bytes

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/ Frame 8036
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
8 KB

24ms
24ms

Script
application/javascript

2600:9000:266e:9800:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Protocol: H2
Server: 2600:9000:266e:9800:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Apr 2024 07:38:13 GMT
content-encoding: gzip
via: 1.1 fbd2b51fce9ee4f3aa7b93dbbda3d698.cloudfront.net (CloudFront)
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 192754
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=259200,public
x-amz-cf-id: snqzWz5qBHLEsBZn_MxBTxqxN8nWUL5g17lL8qu5a1RU0DBQ8vf7lA==

Redirect headers

date: Mon, 22 Apr 2024 13:01:28 GMT
via: 1.1 fbd2b51fce9ee4f3aa7b93dbbda3d698.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 559
x-cache: Hit from cloudfront
location: /dist/analytics-1.5.12.min.js
content-length: 0
x-amz-cf-id: P3vFYUkLXh_c8B0CK_EyrZIcwRvNbIh-zUG5GXqnL0k9eJhehXcnbw==

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ Frame BE24 18 KB
7 KB 179ms
117ms Script
text/javascript 3.69.41.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/c80d89cb-ac73-466e-9705-1f3bcb3c50d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d7e8cbd2881827fc717a735dda11706222caaa3e285f539dfbf02b729414b002

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 22 Apr 2024 13:10:46 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 m
secure-us.imrworldwide.com/cgi-bin/ Frame 4F16 44 B
425 B 177ms
48ms Image
image/gif 52.17.37.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1713791446362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.37.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-37-247.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 13:10:46 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ Frame 974A 23 KB
9 KB 95ms
21ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/58906f53-863b-4bcf-a3ad-b092c18db85d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 29 Apr 2024 13:10:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4E48 198 KB
72 KB 90ms
40ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/9cc836a8-62fd-44c2-8602-aca2d53a8571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

523fa670c24e78579d7b5c8c3f2c04f6a623bc2222c5d9e96d8c14630d5caf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73168
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Apr 2024 13:10:46 GMT

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ Frame 974A 1 KB
1 KB 77ms
22ms Script
application/javascript 2600:9000:223c:1800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 12:27:23 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:15:13 GMT
server: AmazonS3
etag: W/"52f4ba3839d01c1dbb310f6ef96bde89"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: PDK2aj6y-SROavAxFqL5uMD0BU7WFmIA184TJJ7kb1uxqraQL568MQ==

GET
H2 200 3010.js Show response
cdn.keywee.co/config/ Frame 8036 233 B
564 B 22ms
22ms Script
application/javascript 2600:9000:266e:9800:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/3010.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:9800:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 10:33:28 GMT
via: 1.1 fbd2b51fce9ee4f3aa7b93dbbda3d698.cloudfront.net (CloudFront)
last-modified: Fri, 25 Feb 2022 21:45:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 14369
etag: "81210c02155f33808ec1fb7ec890dfee"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 233
x-amz-cf-id: 6GsMCqZ4eTfCz0uaAmD6LiBKV0i7zjEpbLZ1QiR3SPk3dZEuJSlYaA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4E48 256 KB
89 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WMTZ88VSK5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

749b306df0cf147b1570bf4123479abe1519bbe871971cefbbf0cd59c37e19f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Apr 2024 13:10:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 4E48 52 KB
21 KB 83ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Apr 2024 11:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4958
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Apr 2024 13:48:08 GMT

GET
H2 200 favicon-196.png
www.thenewstribune.com/wps/build/images/thenewstribune/ 1 KB
2 KB 135ms
135ms Image
image/png 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/favicon-196.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: df966430d36d0f9a0c25cb72a40a5f24a4c82d3eebb4a9f51ad563d328487eaf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:46 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 106317
x-cachebust
server-timing: ak_p; desc="1713791446640_388358853_161821446_357_14724_110_0_146";dur=1
content-length: 1104
last-modified: Wed, 10 Apr 2024 13:24:07 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"450-18ec82e14d8"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1040613459, 661984082 248054809
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=138513
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 sa.css
tags.srv.stackadapt.com/ Frame BE24 65 B
203 B 114ms
114ms Stylesheet
text/css 3.69.41.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d8b46f6b76486af4b4560fa1d367dc7e4572fa6dd92153ec99a8876255c7e15c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 22 Apr 2024 13:10:46 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ Frame BE24 0
2 KB 163ms
115ms Fetch
image/jpeg 3.69.41.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 22 Apr 2024 13:10:46 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

POST
H2 204 collect
region1.analytics.google.com/g/ Frame 4E48 0
259 B 82ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WMTZ88VSK5&_ng=1&gtm=45je44h0v9134454662za200&_p=1713791446363&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=527670318.1713791447&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&dp=%2F&dr=&dt=Home%3AHomepage&sid=1713791446&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.content_group1=The%20News%20Tribune&ep.content_group2=Homepage&ep.dimension1=TNT&ep.dimension2=The%20News%20Tribune&ep.dimension3=Home&ep.dimension4=_HomePage%7C%7C%7C%7C&ep.dimension6=Homepage&ep.dimension7=Product%3A%20Escenic&ep.dimension8=&ep.dimension9=&ep.dimension10=&ep.dimension13=&ep.dimension14=&ep.dimension15=&ep.page_hostname=www.thenewstribune.com&tfd=232
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMTZ88VSK5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 13:10:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame 4E48 0
250 B 91ms
30ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-WMTZ88VSK5&cid=527670318.1713791447&gtm=45je44h0v9134454662za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMTZ88VSK5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 13:10:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 4E48 42 B
63 B 80ms
48ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-WMTZ88VSK5&cid=527670318.1713791447&gtm=45je44h0v9134454662za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1932479363

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 13:10:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 4E48 2 B
212 B 32ms
32ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=97446103&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&dr=&dp=%2F&dh=www.thenewstribune.com&ul=de-de&de=UTF-8&dt=Home%3AHomepage&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YADAAUABAAAAACgDIC~&jid=33193267&gjid=947251832&cid=527670318.1713791447&tid=UA-48278079-1&_gid=387812218.1713791447&_r=1&gtm=457e44h0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&cg1=The%20News%20Tribune&cg2=Homepage&cd1=TNT&cd2=The%20News%20Tribune&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd6=Homepage&cd7=Product%3A%20Escenic&cd8=&cd9=&cd10=&cd13=&cd14=&cd15=&npa=1&z=1914613218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 13:10:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 4E48 4 B
151 B 35ms
34ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48278079-1&cid=527670318.1713791447&jid=33193267&gjid=947251832&_gid=387812218.1713791447&npa=1&_u=YADAAUAAAAAAACgDIC~&z=1257743846

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 22 Apr 2024 13:10:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 4E48 42 B
63 B 97ms
50ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48278079-1&cid=527670318.1713791447&jid=33193267&npa=1&_u=YADAAUAAAAAAACgDIC~&z=91144944

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 13:10:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 4E48 42 B
63 B 47ms
47ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48278079-1&cid=527670318.1713791447&jid=33193267&npa=1&_u=YADAAUAAAAAAACgDIC~&z=91144944

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 13:10:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ Frame BE24 238 B
437 B 120ms
120ms XHR
text/plain 3.69.41.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XDbR9bgzYgamKCe5q8YQuw,%20hXFHelqg_0qGLqDaoIkgLQ,%20GHZN9LleKWz0uNsDtvQTcQ&is_js=true&landing_url=https%3A%2F%2Fwww.thenewstribune.com%2F&t=sapx&tip=XsR8SokXZtXnR7wV3lmVv8qFnbgpj7ks99ra2ZEk6k8&host=https%3A%2F%2Fwww.thenewstribune.com&sa_conv_data_css_value=%270-8cf540b6-ec41-5ea7-60bf-b47e216d658a%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd98cf540b6ec415ea760bfb47e216d658ad972da16&sa-user-id-v3=s%253AAQAKIFucj13AgAf0uFIkoyap2h1nTfEJV6lZguIF-XNcZQ-oEHwYBCDWw5mxBjABOgS9M-cxQgSU7Hcr.Jodb%252Fd373pPDMEksDim7K2DLx8QrTAqUxr8oiHcpi%252BE&sa-user-id-v2=s%253AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%252BjWvDZvNRXCZ5ROl3S8&sa-user-id=s%253A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Mon, 22 Apr 2024 13:10:46 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 238
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 212ms
48ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=2196236

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 18:56:18 GMT
server: ws
etag: "65414dd2-24b8"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9400

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/ 341 KB
120 KB 91ms
90ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

efc92ac0ec3a512a221727578f0001ee9e32062d568ddd55e4c3c7c09b31a8a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/ 7 KB
2 KB 222ms
41ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

c073b660c35f54f8d5dabdf1bbc7914fbdc02680a6bab2ca243cf0b6ae12eed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:47 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 22 Apr 2024 13:11:29 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/ 2 KB
1 KB 256ms
82ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

575161098bed9055cc69ce25e8d906f672af02d23072ce084120e06505d5bfc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:47 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 22 Apr 2024 13:11:29 GMT

GET
BLOB 200
OK 3025abfa-a3f1-4395-a768-214114cdb483
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/3025abfa-a3f1-4395-a768-214114cdb483
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK e55084bf-b9ea-44a1-9beb-e80b246c2e23
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/e55084bf-b9ea-44a1-9beb-e80b246c2e23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.35.1-release_1248342920/ 40 KB
12 KB 184ms
24ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.35.1-release_1248342920/ui-framework.js?version=10.35.1-release_1248342920
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:50 GMT
content-encoding: br
age: 820737
x-guploader-uploadid: ABPtcPpYqNocGolMZxJl_MbsBlq9tW9lfZeIiPN5ssA54DbBauQQ_nN_gAwOe_FnQFpuqEu1xg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12465
last-modified: Sat, 13 Apr 2024 00:59:04 GMT
server: UploadServer
etag: W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
vary: Accept-Encoding
x-goog-generation: 1712969944433866
x-goog-hash: crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 40455
accept-ranges: none
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.35.1-release_1248342920/ 8 KB
3 KB 182ms
23ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.35.1-release_1248342920/surveylogicinstance.min.js?version=10.35.1-release_1248342920
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 08:53:29 GMT
content-encoding: br
age: 447438
x-guploader-uploadid: ABPtcPq9SR6o6Z-WCvIVwftcnyLgEdTw1UFCDNHQPVswT5vj9GaElIxGBjmnm8Bo5hEiPhhsHwwxVS7foQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2376
last-modified: Sat, 13 Apr 2024 00:59:04 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1712969944408627
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 7866
accept-ranges: none
content-type: application/javascript

GET
BLOB 200
OK d42b79b9-bbeb-4f56-843c-ea2f1856bace
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d42b79b9-bbeb-4f56-843c-ea2f1856bace
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.35.1-release_1248342920/ 1 MB
253 KB 24ms
23ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.35.1-release_1248342920/desktopEmbedded.js?version=10.35.1-release_1248342920
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1220dc5612c87d2337f3993bca060c6ee2c21cd9a359bcb8b424a5df5c86d2ea

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:35:46 GMT
content-encoding: br
age: 128101
x-guploader-uploadid: ABPtcPpRxXCCXAofxqchrFkA66r0rIjDTvazOzyU_6iWLwTsVr2Ks28zYTXpkyx0BtDAznc3hZL0b8vFiA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258968
last-modified: Sat, 13 Apr 2024 00:59:04 GMT
server: UploadServer
etag: W/"447fbe24c2942169e00a4ef3116b103b"
vary: Accept-Encoding
x-goog-generation: 1712969944002655
x-goog-hash: crc32c=gjvL4g==, md5=RH++JMKUIWngCk7zEWsQOw==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1069343
accept-ranges: none
content-type: application/javascript

GET
H2 200 lp-origin-trial.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/ 476 B
730 B 80ms
80ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/lp-origin-trial.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e091d8f5f42fece940cc4faa3b8386a10753364193e3dfaf706bf2a188b3ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:10:16 GMT
age: 820831
x-guploader-uploadid: ABPtcPrlV2dXJ2x3Uy7maN8ki6FbBlEX55QvErmDKhVORe_ZxBnDNUgOm0WrFAAgEjkBzVYBv3W-aN7HUw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
last-modified: Sat, 13 Apr 2024 00:58:12 GMT
server: UploadServer
etag: "7d44c520c37ffbd0eac5c4b3d3e63049"
x-goog-generation: 1712969892032062
x-goog-hash: crc32c=4nqNBQ==, md5=fUTFIMN/+9DqxcSz0+YwSQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 476
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/ Frame 7514 0
0 75ms
23ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 447437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 16205
content-type: text/html
date: Wed, 17 Apr 2024 08:53:30 GMT
etag: W/"e098d3d727aaf27bf2da4b85e6ad4919"
last-modified: Sat, 13 Apr 2024 00:58:12 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712969892120874
x-goog-hash: crc32c=fA9DNw== md5=4JjT1yeq8nvy2kuF5q1JGQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 48087
x-guploader-uploadid: ABPtcProkQRbtKQE291MHwvu6XGgnf060AZP0jfZzh_RS0mJIgcYRWgZvQXeDHK1zEmmlD6opHE

GET
H3 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/ 43 KB
15 KB 23ms
23ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/storage.secure.min.js?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 38d46dcff34248f80e9e7934e6fd325d865718e8c3e1958d37c1eb0b59d0890f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:50 GMT
content-encoding: br
age: 820737
x-guploader-uploadid: ABPtcPqY2PMp5GJK8A9U1LYwRiYo7lOrpYoMUbCnoCJqAx4x-RusixYukdJ_cYiQjLd0MVK8Hg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15053
last-modified: Sat, 13 Apr 2024 00:58:12 GMT
server: UploadServer
etag: W/"afacd51b3dd0b038f579f6d6b27bfdd2"
vary: Accept-Encoding
x-goog-generation: 1712969892028204
x-goog-hash: crc32c=bWmpuQ==, md5=r6zVGz3QsDj1efbWsnv90g==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 44303
accept-ranges: none
content-type: application/javascript

GET
H2 200 postmessage.min.html
va.idp.liveperson.net/postmessage/ Frame F4E7 0
0 485ms
119ms Document
text/html 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1713791448314&loc=https%3A%2F%2Fwww.thenewstribune.com

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding: gzip
content-type: text/html
date: Mon, 22 Apr 2024 13:10:48 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 2196236 Show response
va.v.liveperson.net/api/js/ 242 B
1 KB 671ms
282ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/2196236?&cb=lpCb2462x44911&t=sp&ts=1713791448309&pid=4409396978&tid=8069644804&pt=Tacoma%20WA%20Breaking%20News%2C%20Crime%20%26%20More%20%7C%20Tacoma%20News%20Tribune&u=https%3A%2F%2Fwww.thenewstribune.com%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%224ec8f100-343d-42f1-88f1-00343d52f142%22%2C%22account%22%3A%222196236%22%7D%5D

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

5e8bfd127c7b5edfe476e31e1c93d3cbfcb1bf90f64badf25a967d19cd5728bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
BLOB 200
OK b9bde885-18b5-4120-8393-a441be42d548 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b9bde885-18b5-4120-8393-a441be42d548
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af6280fe7b07df022ea2ce42b7ba56eccbb563400b638e2a5c6b12be23f95bbd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 variantTopBarModal.693d70d3386858c669c6.js Show response
www.thenewstribune.com/oi-blsnzoy/ 72 KB
11 KB 315ms
315ms Script
application/javascript 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/oi-blsnzoy/variantTopBarModal.693d70d3386858c669c6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9350489feeaf3004580fb2f9cc1cafb2b02983aaa9e5398b66042448594726b9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:49 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 504
x-cachebust
server-timing: ak_p; desc="1713791449413_388358853_161826505_15849_14328_113_0_146";dur=1
content-length: 11272
last-modified: Mon, 22 Apr 2024 12:50:47 GMT
server: MI
etag: W/"121b9-616aee2e457c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 221955594 221011476
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604749
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 534A 62 B
254 B 48ms
47ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88280&ct=js&pi=&fp=fad10e1f-3521-4834-82c4-39b21f39c633&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.thenewstribune.com%2F&pv=1713791446454_x74y49xh0&bl=de-de&cb=3606498&return=&ht=&d=&dc=&si=1713791446454_x74y49xh0&cid=mi_ti_tnt_fad10e1f-3521-4834-82c4-39b21f39c633_1713791445645_1713791443201&s=1600x1200&rp=https%3A%2F%2Fwww.thenewstribune.com%2F&v=2.7.1.157
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?223
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 13:10:49 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 css
fonts.googleapis.com/ 20 KB
949 B 31ms
31ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:100,200,300,400,500,600,700

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

5096fbe26ded2024e322b44e7643ac4d32c7e662daf74b23530ca17dcd955b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Apr 2024 13:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 13:10:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Apr 2024 13:10:49 GMT

GET
H2 200 EarthDay-tb.svg
www.thenewstribune.com/oi-blsnzoy/data/ 32 KB
22 KB 140ms
140ms Image
image/svg+xml 23.41.253.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/oi-blsnzoy/data/EarthDay-tb.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.253.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-253-69.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aa87b9455ec0ad6d595f4daccb9cf007ad86a0399c1bbe02f3d5c9d86bbd2bde

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:49 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1378
x-cachebust
server-timing: ak_p; desc="1713791449810_388358853_161827229_1427_12516_117_0_146";dur=1
content-length: 22051
last-modified: Thu, 18 Apr 2024 14:25:12 GMT
server: MI
etag: "7f7c-6165fbd2fe200"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 887432580, 963848328 977903132
content-type: image/svg+xml
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=303444
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 205ms
205ms Fetch
application/json 52.37.89.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/oi-blsnzoy/escenic.693d70d3386858c669c6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.89.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-89-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

5064b47f9b9b448f18c6545cfafcb88c6f4da178fc6aef5e234daf2aa36b705e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:49 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-662661d9-65d989054b962eec7c809da4
content-length: 94

GET
H2 200 2196236 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 127ms
127ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/2196236?sid=ZHn8JIB9Sd2R3Ur4P12tyg&cb=lpCb24360x20991&t=pl&ts=1713791449218&pid=4409396978&tid=8069644804&vid=QzYjAzZTQ2MTI0ZmNkYWNh

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

79ab904903b228630b12bc14430144ac1cf8f8008e416b71e20b7932bb1b93cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 13:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
verify.clientservice-changpassword.cloudns.be/	1969-12-31 23:59:59	Name: PHPSESSID Value: 10e4764943ce6b21d06641a8f30c1992
.thenewstribune.com/	1970-01-21 05:31:59	Name: _awl Value: 2.1713791443.5-9399d96673303021621fd9fee97ea14c-6763652d6575726f70652d7765737431-0
.thenewstribune.com/	1970-01-20 20:03:18	Name: ak_bmsc Value: A1CCF744574582FD3773D3F21B77F5B0~000000000000000000000000000000~YAAQxeIlF2WjHvyOAQAArCLuBRdNo9Amt/GE23TUZYrEMSL1xvNMRGMjzo1mK0bMHzIYX/S4sNMnfOLgZSpZ0X6/Int00SwBmVoC0pwF6SEuaMYOc61PFrdxdjpOU4YU8gyDwK5YIzAaT0avJynzHnavTDADqnW9d1WTQk9pSIaJnAEZGdOFfhHahAQEiSxKNyxwVArYslvN9LA02mrQB0OtisuOHaLvtj0keDxNCd3oed2WZhj74lDMqbQLAzmacSR8+P1x/0/E2O8t/Tsu1NVznN9q8TkWm7CQv4uu323BMUipecrDh8xIaSpahwx+Pjt8Db6HUfz2HAr1UBuboF97iB/nrYv2ubqEBZHixthDtQc/lwu+DHz7ZbGSvvm7A+WBqIii08xNRP9F8V6+ynnX3RXoQ5qb2zQEHFxKlyJ0o5cV2tXwQk2RYRi0EZHJdvewcR+tlnVG2VZee7LOcYxOK0/9
.thenewstribune.com/	1970-01-20 20:03:18	Name: bm_sv Value: FB411EBC2BE9A37646D5EA13E1BE60B2~YAAQxeIlF/GjHvyOAQAAWyruBRf4mtusZcZH3WTlPkOaEB50UmZQySvpfzG6qSY9x9BkxxJ1B3X/isQI8ChXQeQ66bddUTFjr312ZRHGS++UAz9E+Cgj2p9qwTYf0u8x4AQ+2ogh7r4chdWdmkpnOOpOGLg3UkHHHgwQ+YO3yEOsLzbYxWU742yfnCPeW0qfOc5kjZT4DLxIy6eXJxGf21BB3HypoIetVNtd0X5xAU3d9hZAIPujmev3UIJ9VwRgIt8JHgiupdE=~1
tags.srv.stackadapt.com/	1970-01-21 04:48:47	Name: sa-user-id Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
.srv.stackadapt.com/	1970-01-21 04:48:47	Name: sa-user-id Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
tags.srv.stackadapt.com/	1970-01-21 04:48:47	Name: sa-user-id-v2 Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
.srv.stackadapt.com/	1970-01-21 04:48:47	Name: sa-user-id-v2 Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
tags.srv.stackadapt.com/	1970-01-21 04:48:47	Name: sa-user-id-v3 Value: s%3AAQAKIFucj13AgAf0uFIkoyap2h1nTfEJV6lZguIF-XNcZQ-oEHwYBCDWw5mxBjABOgS9M-cxQgSU7Hcr.Jodb%2Fd373pPDMEksDim7K2DLx8QrTAqUxr8oiHcpi%2BE
.srv.stackadapt.com/	1970-01-21 04:48:47	Name: sa-user-id-v3 Value: s%3AAQAKIFucj13AgAf0uFIkoyap2h1nTfEJV6lZguIF-XNcZQ-oEHwYBCDWw5mxBjABOgS9M-cxQgSU7Hcr.Jodb%2Fd373pPDMEksDim7K2DLx8QrTAqUxr8oiHcpi%2BE

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	error	URL: https://www.thenewstribune.com/ Message: Custom state pseudo classes are changing from ":--webkit-scrollbar-track" to ":state(webkit-scrollbar-track)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
javascript	warning	URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thenewstribune.com/oi-blsnzoy/thenewstribunecore.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://profile-api.amplitude.com/v1/userprofile?device_id=fad10e1f-3521-4834-82c4-39b21f39c633&user_id=&comp_id=apflrqef Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
ams-pageview-public.s3.amazonaws.com
api.dsp.mcclatchy.com
api.lab.amplitude.com
api2.amplitude.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.keywee.co
cds.connatix.com
cmp.osano.com
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
edge.quantserve.com
edition.pagesuite-professional.co.uk
flowerstreatment.com
fonts.googleapis.com
fonts.gstatic.com
htlbid.com
img.connatix.com
js.matheranalytics.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
mcclatchy-next-apps-prod.s3.amazonaws.com
ml314.com
profile-api.amplitude.com
region1.analytics.google.com
rules.quantcount.com
sb.scorecardresearch.com
scissorsstatement.com
sdk.iad-05.braze.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
static.adsafeprotected.com
stats.g.doubleclick.net
tags.fullcontact.com
tags.srv.stackadapt.com
thenewstribune.com
va.idp.liveperson.net
va.v.liveperson.net
verify.clientservice-changpassword.cloudns.be
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.i.matheranalytics.com
www.mcclatchy-partners.com
www.mcclatchy-wires.com
www.thenewstribune.com
tags.fullcontact.com
104.18.41.104
107.178.250.234
13.32.27.39
142.250.185.196
142.250.186.106
142.250.186.35
151.101.130.132
162.240.147.59
166.108.36.245
172.64.144.166
172.64.146.152
178.249.97.23
178.249.97.99
18.244.18.38
18.245.31.42
18.245.31.78
2001:4860:4802:34::36
208.89.12.87
208.89.15.170
23.41.253.69
2600:1901:0:7416::1
2600:1901:0:d733::1
2600:9000:223c:1800:6:44e3:f8c0:93a1
2600:9000:223e:a400:5:82fd:2500:21
2600:9000:223f:9600:8:48e:53c0:93a1
2600:9000:2490:d200:11:b309:9100:21
2600:9000:266e:9200:3:b7e:8940:93a1
2600:9000:266e:9800:e:ec66:e40:93a1
2600:9000:266e:b200:3:b7e:8940:93a1
2606:4700:4400::6812:25a1
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9b
2a02:26f0:3500:18::1724:a28d
3.239.232.93
3.69.41.26
34.117.77.79
34.120.154.120
34.160.169.226
52.17.37.247
52.216.41.209
52.217.141.129
52.37.89.212
54.189.181.41
54.204.184.105
001ce3663353278b65f00d9aa1e5a939126a0150e9b90d59e641487c5915cc26
00f704d7c65928141bc518c193f283ffc2f4f441587d9eb76ec95ac09e0aff82
085929e3439ce46bc66bbfbd102f83feb9b3ca160a951ebf70b45e60450e4679
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd
095a8bdd875470c01e1ac597d89569a6cb18cfecd53382d8f214bbaa4f6a887a
096d737de4e9d2ccaf1e6b46be90c8d4cc8e5186e13eb2a0d3936509c3512040
09d2b49eacb1cbff267f6ea24161d8d5f4833b3bc63e2daff2c1b53d0e2c6505
0ba66b3e64344894bab2296ff7c0b711a560884500fb0d4c03b21793e44ef3ad
0bb3754e5ea2f7bc2ee48c5dd9511630fd8440667c48040c7f7b1ae2cbec4d55
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0f183d0f4e84ac50c22fe0b6299ec2ca8c664eff2f3c2b13b02a58c0c1bfae2e
1220dc5612c87d2337f3993bca060c6ee2c21cd9a359bcb8b424a5df5c86d2ea
18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a
19247c4bf7863dfde8a35b9d24f6fba316a35399a0977e6f642ce2df2f16f735
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e862bf1e216f81d079dc802b0dae8313937d4857175abb0f4706ec8f8f07cdc
1ee3647c41e26f21aab5459e42c1dda2515262dc7d1f6f46f632a3e0a7dfafca
218cdf095144025dd682e5c397341bdd88e50c8201699971a85b59e3894dc4d8
220d64d60e05bc63b03ed6380b405d3b3780e0f4570c0dd44dd453efc0803a87
22e96067f789606d764ab553b768892cdaacb3c669b37581d6841e04016faa9f
2730289bd1ac68ea19e6c07768ed684787f25bc268b2a5f7a2963341d6123878
285bc99421a69842533ad55062ed4d6fa6e134e4462ccb6ca890632861302cef
292f17dd7f459e7a74449624ad04544400ca3cffb72f8b96837ebea6610328eb
2f93cf44d9d08ef7f1a6ddc96a3ecf7b9217ddc7fc6fab8d070f09f91365edeb
35d424a5063cc135bf516469dfcc3bb0f33bf93fbb5c58222495215cc1259802
36e7e3945b082b2a41bc9408f0f5d4dc4ae33d7850001ad8758987a1b1e72919
379a336e0eb18890122f64e9354d6b0cecfc69aeef5711aaeb886005d2a74a08
38d46dcff34248f80e9e7934e6fd325d865718e8c3e1958d37c1eb0b59d0890f
3a1546a5731cdd2b460d8adbc09e84951ff88eee2a59699837c61f6fc068e9a3
3bb47164a4822568c1d4151c0763427320322bef5b6bba78a0b86e82beec03c5
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3f135c6bc3d6c124e553dbac22efe6076624f7aff31ce00502c4d927e80b55a4
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
43bf433be2889bce9c62535f00fc92f8f900555fb50ae00aaebd7f357f9d0599
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4a5bca6580a6caf83f9bf95c31541f90aa9114f80798948c82736d141c0d2e66
4e8f83993c6b48ed294ffe2317c8362c68dfad9d772f6940f0a4260cf4feb7ad
5064b47f9b9b448f18c6545cfafcb88c6f4da178fc6aef5e234daf2aa36b705e
5096fbe26ded2024e322b44e7643ac4d32c7e662daf74b23530ca17dcd955b77
523fa670c24e78579d7b5c8c3f2c04f6a623bc2222c5d9e96d8c14630d5caf0d
52c3acf3a95b4c8e58579bd003a605aabc56623d8fd9e0e60aea3d8717ee8c89
56526b0e3a8ae87ca59691671e0fe28abcfb94a79d2edd786ec0abf81b54e0d5
575161098bed9055cc69ce25e8d906f672af02d23072ce084120e06505d5bfc3
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5cc9dd132de66f2f70e009db498c014b20452d4c1fd5325d91f4f1ce09cc8aeb
5dd7c5186b955a5ed8ca222dee73f9662d802b1466cffffa12b25fc0362b05b2
5e33790c4c6d5893103a96a4feb3b597173a66b1d9b3a9051071f9e1d5d4487d
5e8bfd127c7b5edfe476e31e1c93d3cbfcb1bf90f64badf25a967d19cd5728bb
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ee20eaa627a9d71d972316c0668c77178d4d49ac1ddc2de5684cc378448b0a7
5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2
60e9b0b2f843eb2ab828436bc4fc43833934a3865fe4bb9c5af54827c5764a2a
61c63eae5dbdc4ea281f260a2e3a5433700e094e5fed88a78d640ae8a708615f
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d
6c41125e7c807460a35268a37034ad9163aa6ad6d9391b2b5fe3e9c483c71d48
70b914de15dd75628895223bfe09012e3687598bca4dbaa34a97234f6a8826e9
71eb11ec6af6382b7d873d1900a972390f18a8897964f41e8acd9f3a1b8fa14c
7376ab01d50afda4cf861998d092f3459a49986ba258a685905dfe31d02b52d0
749b306df0cf147b1570bf4123479abe1519bbe871971cefbbf0cd59c37e19f4
74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d
75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6
79ab904903b228630b12bc14430144ac1cf8f8008e416b71e20b7932bb1b93cf
79b16699262de2692f98685f3b707072e74660b0c37613d73a957c7c8a1a51fc
79fd014193fdcd11986d50c7b28670958552e7c88d85849f925c9a694108c8fb
7b3ce15faceb70c7b150bd7a15ffadb35d8b07c74f23ea17a7f0931da4aced24
7d26a512de72bf01d41261162563e51eaf89715ed1dffb3a757a7f562c5199fb
7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8116fd2103fa0870a96d796f0990683e43cff4556f02de0ccba0985a4583446b
817875cd68037c353805b105c90fbf96f433f0f26d2d5acbe408eecbe5f7e0ab
826f7ae6fd28c94530393905aa590d0e5e9fd1f98b1a9e58bb50329586c67ebb
832ef38b2e1fae6178c7b82ce4f22ee940e797fb10538046b9954ca17177951b
84d690739b0af09df301ee214ca564b0a4b3665121398771df6809b854c8e73f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873c33f8e6318d4c2696fe7f9622b5f0a266cec71e9134194745051e013a05cb
8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8
893360208aa14651cd8c78ac47dd77492d4956a38404124020740c12209b8049
89538a02946f43f9567bf59b8ecb7bcb3a64c0af5c85fc7bc03f878eb4b42ca8
8aa93b9aa620271bcf96263eecb4fe125a80d551db461edc001d1dbc11564afd
8af19960057bbf7ab1255e3837b5df6c0c612c9389062b4b0e3c5f6f02938796
8d2d25118b553a78d50b808a2284baa92bc4bfcc3cb1d044c3a77df6ddb9bc0b
8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e
8fee49e2a60f8b6020f878806764e617361216015926d6f5d60e28993f88f789
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
9350489feeaf3004580fb2f9cc1cafb2b02983aaa9e5398b66042448594726b9
94612e362f9324286d1a7b0cb04476dfd4444cb2dacd9bc50493525d6f5ca06e
961e1eb470acb49f2cecc15568ea759c26e1ebf84c575e6d5f434416bddcf030
96d69ddc0ddadb10b3dfcc9626b213c933262eeee17855d7a35881773cf5a8d3
972294b2018c0d9835fc4aef9688d6750f9f525c93ee403377643f04f598312d
9a5e1bdbea96f3c5d3c726b22fe2950b290fb6725acfdfc73a2c5a863a018a8a
9a6b7a817521b7df99469d3bff1b99513f677d48e09966a92cd7832bca005438
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
9e441609ee5b605bce6fea97ab493a502933ea2a21682ea653919e978106763b
9ec0e09feba849a14b60a8f4e2ce2995ea012592b1341326b80306ff15b49b42
9f90446b37d5780bc2dd6a63fab6032372fcde637923be7eb6e99fc74b028b27
9fafa9bcdd54c16db02d887015da9a5bc80f598f32d49429a08c29828df2e797
a030ddc5f530328d584ad1f4f0e671a49d78a710fc9cbbcd81bfc80a624345bb
a084cb4687796fe0d8a337abc919d941c9d9b15841988064d984129078b3a548
a1a850fd1774ef1f9ad3314570b39867b72669a78e9dc00c7dbae09e3e81a010
a3fb8c9d56d1f1975692ec6393662b50501cd041ce09b0123a3799361214dea1
a6da0471cefd61a24780ac09688cc91f74023f24a13d5eefc177c83bfdc40653
a7ee8c122b977ab8b8f7d41d156058bf73213f32253c1ca8898da04dd4416fbb
aa87b9455ec0ad6d595f4daccb9cf007ad86a0399c1bbe02f3d5c9d86bbd2bde
ac777dc8ee6f21ee3433e15ca369f04fb9d6cf477acdc42732f0c4c2ff2c99a0
acbfa18515df05309e92473554174bfaebdb9720babe75568d2957c24a6d74ce
aeefaae7e90680816ec89d5a80f2e8e9f07ef6a56a1d66fa2f8dc07a8a92b820
af6280fe7b07df022ea2ce42b7ba56eccbb563400b638e2a5c6b12be23f95bbd
b2e091d8f5f42fece940cc4faa3b8386a10753364193e3dfaf706bf2a188b3ca
b37d872dba020ee1c19d170ad5d40645bafb68a2f0e982472a55aa5830338eda
b3a9956a029ceaf98b8cb7f6e6718faa41c6bf2ac276a6f4d734c0ad35a30268
b3d6003e7ac6faea14056a61f10c55ab83f170610d1825f1b1a8059398db23c6
b4e51e5bb82763a2769706fc7b61e37babb69d7942a40cde2ad4d355aa6f5ed6
b53690006914e1f314cd21a31e98f4d803a4bbeba56c34b628dbacb3a9696fc3
b5b8bd52695dd8b96e74b125b389b4c6a0e887ab7722e21ab4649e90db42f88f
bb001858659bc5ef2851c7bcf83f39f571be78c9cf4adb95615222a6413747db
bb2d3dada2e63fb9552e53876cda07a47801c4126284e56f8932c35056b3475f
bd7af5f95a4572e496408a3c43967506be455e8310eeef5d23f676f7a0099d51
bdaa4ff2ce76b9fa477ea350f241d882753dc0123a7486f41f7dbd8c25994eba
be40e63f40f17f6223b9e7ccf41912e39cb5aebe3a241163d1e6107ee3425aee
bf13ebc710c14d9944ac55ba9973275d2ea7874e25143d1cb0e21e5108d618d0
c073b660c35f54f8d5dabdf1bbc7914fbdc02680a6bab2ca243cf0b6ae12eed7
c0786fdbc945610c0f147c5e774ca5201493a44601f58993a8806cfb9e02c192
c09ecff56fe0dc82be5c8fbf359e02b260b6e8ede808c6a68c1b02c52ed11bec
c2705632879b9e4cf84ca44ec56248c4e6a28f23f6776f5c442f893c2afc3d66
c60dc99b853148584d04f2196a1c6c9a16d744597f2bffa5b515d2d917f0d734
c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43
c7064bdcd04183dae27f707e6805423ccbc56f8ad72df39c63b9019a10a91c8f
c9db863505a005204a9bf90ffb1a3c4c9f4d032992cd6df42d7d6fbeb875ae99
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a
d16f7013ad13befa75d729b5366336b8d54c31ba40675b106d6ca9d53227f07c
d172d3fa9e3a275a4c24dfa2f6e93f529f8ce5ac88f40cb0b221a4e8da0a0b91
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d609cab2795f79e23bcb585c884c82418ce745cbd6880ace912778d0641411f9
d65b4618caa24f51732c41f165e9b0d0b39f673ca3ca53d485f3d2491f8555d5
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b
d7e8cbd2881827fc717a735dda11706222caaa3e285f539dfbf02b729414b002
d8b46f6b76486af4b4560fa1d367dc7e4572fa6dd92153ec99a8876255c7e15c
d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb
d9c776c4b3a1542acd27216542997cc42ff323e51dc452696e77f7780fd365c9
dcece8f7df774b4b978e8cb0bfa09da8ea8de2dd9cdc4deabbf691594ca0ee4e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df966430d36d0f9a0c25cb72a40a5f24a4c82d3eebb4a9f51ad563d328487eaf
e14c55d8259f417e2fa1644a3aedbca78f7618b65bb5f8082b5803aea46e571e
e16763a0552a1cadd3c2225e18ff241a47c1e95e001eae3e6abc682e96ee3744
e2eb97b657dc4c9636590a6058ae6abf8a74a41d45772556d62390b0b99b5849
e33d4565bdbaf2ffd0d9fc9964475d388d74012e261f01975b18705df8041cd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e48bbc337a51ce8a8d042a287cfc3854c62ce1f71a3d7949af40889de782a0
ecd7da60e2f378fed0368f7c50734fcd75dd0ab870dbf04d8ddee251451621e1
ee69f71ef0d1b1aaf168e078ac1cadec393f2098fb18879d75950155ed0bee3c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef24a2be848d73ee9faad0ceaa36d122f895cebcc2795bdb86e96aec7f103a3e
efc92ac0ec3a512a221727578f0001ee9e32062d568ddd55e4c3c7c09b31a8a4
f006b11718ab9b252cefa304cc26fd51fd9bcb6eb1005869376d3d7fadbbee07
f297c6ea8cd6c71f29984880ff77978944b9509ad8576846ab6c557d1ef30a86
f2bca25a2bc03309f53d062a57d1ec27e147a195e2b820c2ed2f126bd29315d0
f3f8d02a7a7b9fc07dcc70c897787cc409719570b458412f476e9ccd97c7d2d6
f5441ece0e7fd76d08bc8dc8d50c06353bd6b67634787f399e996df2e5ae842a
f60413dd2940de49e26d7c52c0b49339c08cf94393b5d6930e7817cd829703ab
f6e4be20312e2b84c81275836c74764a61075c14fc7c58073c778e61efd19428
f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08
fa6d12434e7178cf19bec0f2e7a36dd4b81dac39673eb2e41dede152247d386e
fb33a49aa638c5ef553ddb294c7461132c89efe46935f77e3b487d7602b39100
fbe7f52a5d32f5d92c59e392ced05bd9151bdc1378f7d53fe0ea5c1c74759a17
fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27
fd9a471a57b363ad69a36c7b4bf9085e1253f162e83e336cbfa00a7efea74262

www.thenewstribune.com Open in urlscan Pro 23.41.253.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

209 Requests

77 %HTTPS

39 %IPv6

35 Domains

49 Subdomains

48 IPs

5 Countries

2975 kBTransfer

8368 kBSize

10 Cookies

31 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thenewstribune.com Open in urlscan Pro
23.41.253.69 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

77 %
HTTPS

39 %
IPv6

35
Domains

49
Subdomains

48
IPs

5
Countries

2975 kB
Transfer

8368 kB
Size

10
Cookies

209 HTTP transactions
2 data transactions