www.newsobserver.com Open in urlscan Pro
104.111.236.243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k7...
Effective URL:
https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p...
Submission: On January 23 via api (January 23rd 2021, 12:04:19 pm UTC) from DE

Summary HTTP 232 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 92 IPs in 11 countries across 70 domains to perform 232 HTTP transactions. The main IP is 104.111.236.243, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.newsobserver.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 21st 2019. Valid for: a year.

This is the only time www.newsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
49	104.111.236.243 104.111.236.243	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:10c... 2a02:26f0:10c:59b::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	3.224.214.149 3.224.214.149	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:206... 2600:9000:206f:9c00:15:d134:4e40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
2	52.51.251.137 52.51.251.137	16509 (AMAZON-02) (AMAZON-02)
3	52.212.209.68 52.212.209.68	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.49.92.20 52.49.92.20	16509 (AMAZON-02) (AMAZON-02)
2	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
3 3	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.67.103 65.9.67.103	16509 (AMAZON-02) (AMAZON-02)
1	34.245.253.34 34.245.253.34	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 2	3.248.38.24 3.248.38.24	16509 (AMAZON-02) (AMAZON-02)
1	23.210.250.13 23.210.250.13	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	35.157.168.64 35.157.168.64	16509 (AMAZON-02) (AMAZON-02)
1	199.232.198.217 199.232.198.217	54113 (FASTLY) (FASTLY)
9	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.220.155 35.244.220.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:5200:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:9a00:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
2	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1 1	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.111.234.92 104.111.234.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:219... 2600:9000:2190:6000:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.102.8 13.224.102.8	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.73.61 65.9.73.61	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
6	52.203.172.63 52.203.172.63	14618 (AMAZON-AES) (AMAZON-AES)
2	65.9.84.191 65.9.84.191	16509 (AMAZON-02) (AMAZON-02)
1 3	151.101.14.137 151.101.14.137	54113 (FASTLY) (FASTLY)
3	65.9.86.127 65.9.86.127	16509 (AMAZON-02) (AMAZON-02)
1 3	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	54.198.41.31 54.198.41.31	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.69.60 65.9.69.60	16509 (AMAZON-02) (AMAZON-02)
3	52.4.26.179 52.4.26.179	14618 (AMAZON-AES) (AMAZON-AES)
1	35.201.100.179 35.201.100.179	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2013	15169 (GOOGLE) (GOOGLE)
1	13.224.102.104 13.224.102.104	16509 (AMAZON-02) (AMAZON-02)
1	52.46.131.209 52.46.131.209	16509 (AMAZON-02) (AMAZON-02)
2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1 2	99.80.71.186 99.80.71.186	16509 (AMAZON-02) (AMAZON-02)
1	35.190.95.58 35.190.95.58	15169 (GOOGLE) (GOOGLE)
1	130.211.9.87 130.211.9.87	15169 (GOOGLE) (GOOGLE)
1	35.186.214.121 35.186.214.121	15169 (GOOGLE) (GOOGLE)
1	3.213.50.82 3.213.50.82	14618 (AMAZON-AES) (AMAZON-AES)
3	2a04:4e42:1b:... 2a04:4e42:1b::539	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81a::2006	15169 (GOOGLE) (GOOGLE)
1	65.9.82.50 65.9.82.50	16509 (AMAZON-02) (AMAZON-02)
2 7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.111.215.135 104.111.215.135	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.140.46.189 3.140.46.189	16509 (AMAZON-02) (AMAZON-02)
1 1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	54.93.211.166 54.93.211.166	16509 (AMAZON-02) (AMAZON-02)
1	18.193.131.107 18.193.131.107	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.47.17 130.211.47.17	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	34.107.221.36 34.107.221.36	15169 (GOOGLE) (GOOGLE)
1	50.19.252.36 50.19.252.36	14618 (AMAZON-AES) (AMAZON-AES)
1 3	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
232	92

2 199.60.103.254 (Canada) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 104.111.236.243 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-236-243.deploy.static.akamaitechnologies.com

www.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media2.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sacbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-wires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.thestate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:10c:59b::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.214.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-214-149.compute-1.amazonaws.com

trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:9c00:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ovp.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.251.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-251-137.eu-west-1.compute.amazonaws.com

mcclatchy.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mboxedge37.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.209.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-209-68.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.92.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-92-20.eu-west-1.compute.amazonaws.com

mcclatchy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

mcclatchy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.191.134 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

vd.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.67.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)

mcclatchy-newsobserver.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.245.253.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-253-34.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States)

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.38.24 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-38-24.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.13 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-13.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.168.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-168-64.eu-central-1.compute.amazonaws.com

depart.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.217 (United States)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.220.155 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 155.220.244.35.bc.googleusercontent.com

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:5200:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:9a00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:e:face:b00c:0:2 (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-92.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:6000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.8 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-8.zrh50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)

analytics-check.publishersite.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.72.95 (United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.203.172.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.84.191 (Seattle, United States)

ASN16509 (AMAZON-02, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.137 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.86.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.64.33 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.198.41.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-41-31.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.69.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.4.26.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-26-179.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.100.179 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 179.100.201.35.bc.googleusercontent.com

connect.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

geo.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-104.zrh50.r.cloudfront.net

context.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.131.209 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.71.186 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-71-186.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.95.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.95.190.35.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.9.87 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 87.9.211.130.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.214.121 (Mountain View, United States)

ASN15169 (GOOGLE, US)

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.50.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

srv-2021-01-23-12.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::539 (Ascension Island)

ASN54113 (FASTLY, US)

manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.82.50 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.90 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

mcclatchy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.140.46.189 (Seattle, United States)

ASN16509 (AMAZON-02, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.50.124 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.93.211.166 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-211-166.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.131.107 (United States)

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.47.17 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 17.47.211.130.bc.googleusercontent.com

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.221.36 (United States)

ASN15169 (GOOGLE, US)
PTR: 36.221.107.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.252.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.246.227.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	newsobserver.com www.newsobserver.com media2.newsobserver.com	921 KB
19	google.com www.google.com contributor.google.com fundingchoicesmessages.google.com adservice.google.com	126 KB
11	googlesyndication.com 1 redirects 4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	14 KB
9	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	88 KB
9	doubleclick.net 2 redirects pubads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	138 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	208 KB
7	everesttech.net 4 redirects cm.everesttech.net lasteventf-tm.everesttech.net pixel.everesttech.net	3 KB
7	cookielaw.org cdn.cookielaw.org	113 KB
6	postrelease.com jadserve.postrelease.com	3 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	113 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	iris.tv ovp.iris.tv context.iris.tv	61 KB
4	boltdns.net manifest.prod.boltdns.net cf-images.us-east-1.prod.boltdns.net	244 KB
4	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com	271 KB
4	facebook.com 3 redirects web.facebook.com www.facebook.com	2 KB
4	rlcdn.com ats.rlcdn.com geo.rlcdn.com api.rlcdn.com	60 KB
4	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	26 KB
4	demdex.net dpm.demdex.net mcclatchy.demdex.net	5 KB
4	omtrdc.net mcclatchy.tt.omtrdc.net mcclatchy.sc.omtrdc.net mboxedge37.tt.omtrdc.net	6 KB
4	trinitymedia.ai trinitymedia.ai vd.trinitymedia.ai depart.trinitymedia.ai	146 KB
3	rubiconproject.com 1 redirects fastlane.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com	2 KB
3	criteo.com bidder.criteo.com gum.criteo.com	300 B
3	cdnbasket.net data.cdnbasket.net page.cdnbasket.net view.cdnbasket.net	1 KB
3	chartbeat.net ping.chartbeat.net	504 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	amazon-adsystem.com c.amazon-adsystem.com	34 KB
3	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com	3 KB
3	criteo.net static.criteo.net	38 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	onetrust.com geolocation.onetrust.com	1 KB
3	mcclatchy.com media.mcclatchy.com	3 KB
3	adobedtm.com assets.adobedtm.com	18 KB
2	cdnwidget.com ids.cdnwidget.com e.cdnwidget.com	240 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	openx.net 1 redirects mcclatchy-d.openx.net	917 B
2	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	734 B
2	adsrvr.org 1 redirects match.adsrvr.org	1 KB
2	parsely.com cdn.parsely.com srv-2021-01-23-12.pixel.parsely.com	23 KB
2	brightcove.com edge.api.brightcove.com	9 KB
2	everestjs.net www.everestjs.net	8 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	79 KB
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	12 KB
2	scroll.com static.scroll.com connect.scroll.com	7 KB
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	1 KB
2	quantserve.com edge.quantserve.com pixel.quantserve.com	9 KB
2	mcclatchy-wires.com www.mcclatchy-wires.com	24 KB
2	crwdcntrl.net ad.crwdcntrl.net tags.crwdcntrl.net	14 KB
2	facebook.net connect.facebook.net	61 KB
2	silobreaker.com 1 redirects info.silobreaker.com	3 KB
1	ipify.org api.ipify.org	259 B
1	googletagservices.com www.googletagservices.com	28 KB
1	idealmedia.io cm.idealmedia.io	556 B
1	lentainform.com cm.lentainform.com	623 B
1	sharethrough.com match.sharethrough.com	263 B
1	adnxs.com ib.adnxs.com	715 B
1	2mdn.net s0.2mdn.net	10 KB
1	amazonaws.com sqs.us-east-1.amazonaws.com	658 B
1	google.de www.google.de	107 B
1	bounceexchange.com assets.bounceexchange.com	137 KB
1	indexww.com js-sec.indexww.com	26 KB
1	publishersite.xyz analytics-check.publishersite.xyz	391 B
1	quantcount.com rules.quantcount.com	1 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	thestate.com www.thestate.com	40 KB
1	ntv.io s.ntv.io	102 KB
1	wknd.ai tag.wknd.ai	3 KB
1	sacbee.com www.sacbee.com	18 KB
1	zeustechnology.com mcclatchy-newsobserver.zeustechnology.com	53 KB
1	heraldsun.com www.heraldsun.com	16 KB
232	70

	Domain	Requested by
34	www.newsobserver.com	info.silobreaker.com www.newsobserver.com
14	fundingchoicesmessages.google.com	www.newsobserver.com
7	fonts.gstatic.com	fonts.googleapis.com
7	cdn.cookielaw.org	www.newsobserver.com cdn.cookielaw.org
7	media2.newsobserver.com	www.newsobserver.com media2.newsobserver.com
6	cm.mgid.com	jsc.mgid.com www.newsobserver.com
6	jadserve.postrelease.com	s.ntv.io www.newsobserver.com
5	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net www.newsobserver.com tpc.googlesyndication.com
5	x.bidswitch.net	5 redirects
4	pagead2.googlesyndication.com	www.newsobserver.com securepubads.g.doubleclick.net
4	ovp.iris.tv	www.newsobserver.com ovp.iris.tv
4	fonts.googleapis.com	www.newsobserver.com vd.trinitymedia.ai
3	pixel.everesttech.net	1 redirects
3	manifest.prod.boltdns.net	www.newsobserver.com
3	ping.chartbeat.net	www.newsobserver.com
3	sb.scorecardresearch.com	1 redirects info.silobreaker.com www.newsobserver.com
3	c.amazon-adsystem.com	www.newsobserver.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	mcclatchy-newsobserver.zeustechnology.com securepubads.g.doubleclick.net
3	static.criteo.net	mcclatchy-newsobserver.zeustechnology.com www.newsobserver.com
3	www.facebook.com	2 redirects connect.facebook.net
3	www.google-analytics.com	media2.newsobserver.com www.google-analytics.com
3	cm.everesttech.net	3 redirects
3	geolocation.onetrust.com	cdn.cookielaw.org www.newsobserver.com
3	dpm.demdex.net	media2.newsobserver.com www.newsobserver.com
3	pubads.g.doubleclick.net	www.newsobserver.com media2.newsobserver.com
3	media.mcclatchy.com	www.newsobserver.com info.silobreaker.com
3	assets.adobedtm.com	www.newsobserver.com assets.adobedtm.com
2	4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
2	cm.g.doubleclick.net	2 redirects
2	ads.betweendigital.com	2 redirects
2	mcclatchy-d.openx.net	1 redirects www.newsobserver.com
2	bidder.criteo.com	static.criteo.net
2	match.adsrvr.org	1 redirects js-sec.indexww.com
2	api.rlcdn.com	js-sec.indexww.com mcclatchy-newsobserver.zeustechnology.com
2	www.i.matheranalytics.com	www.newsobserver.com
2	cds.connatix.com	www.newsobserver.com cd.connatix.com
2	edge.api.brightcove.com	www.newsobserver.com
2	ads.pubmatic.com	mcclatchy-newsobserver.zeustechnology.com ads.pubmatic.com
2	www.everestjs.net	media2.newsobserver.com www.everestjs.net
2	confiant-integrations.global.ssl.fastly.net	www.newsobserver.com confiant-integrations.global.ssl.fastly.net
2	imasdk.googleapis.com	www.newsobserver.com imasdk.googleapis.com
2	secure-us.imrworldwide.com	1 redirects www.newsobserver.com
2	js.matheranalytics.com	1 redirects www.newsobserver.com
2	www.mcclatchy-wires.com	www.newsobserver.com
2	contributor.google.com	www.newsobserver.com
2	mcclatchy.sc.omtrdc.net	media2.newsobserver.com
2	trinitymedia.ai	www.newsobserver.com
2	www.google.com	www.newsobserver.com
2	connect.facebook.net	www.newsobserver.com connect.facebook.net
2	info.silobreaker.com	1 redirects
1	gum.criteo.com	static.criteo.net
1	api.ipify.org	www.newsobserver.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	e.cdnwidget.com	www.newsobserver.com
1	ids.cdnwidget.com	assets.bounceexchange.com
1	cm.idealmedia.io	www.newsobserver.com
1	cm.lentainform.com	www.newsobserver.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	match.sharethrough.com	www.newsobserver.com
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	as-sec.casalemedia.com	js-sec.indexww.com
1	capi.connatix.com	cd.connatix.com
1	s-img.mgid.com	www.newsobserver.com
1	fastlane.rubiconproject.com	mcclatchy-newsobserver.zeustechnology.com
1	hbopenbid.pubmatic.com	mcclatchy-newsobserver.zeustechnology.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	ib.adnxs.com	mcclatchy-newsobserver.zeustechnology.com
1	adservice.google.com	imasdk.googleapis.com
1	cf-images.us-east-1.prod.boltdns.net	www.newsobserver.com
1	s0.2mdn.net	imasdk.googleapis.com
1	srv-2021-01-23-12.pixel.parsely.com	www.newsobserver.com
1	servicer.mgid.com	jsc.mgid.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	context.iris.tv	ovp.iris.tv
1	geo.rlcdn.com	ats.rlcdn.com
1	pixel.quantserve.com	www.newsobserver.com
1	connect.scroll.com	static.scroll.com
1	cdn.parsely.com	www.newsobserver.com
1	www.google.de	www.newsobserver.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cd.connatix.com	1 redirects
1	assets.bounceexchange.com	tag.wknd.ai
1	js-sec.indexww.com	mcclatchy-newsobserver.zeustechnology.com
1	analytics-check.publishersite.xyz	mcclatchy-newsobserver.zeustechnology.com
1	rules.quantcount.com	edge.quantserve.com
1	tags.crwdcntrl.net	www.newsobserver.com
1	static.chartbeat.com	media2.newsobserver.com
1	web.facebook.com	1 redirects
1	dyv1bugovvq1g.cloudfront.net	www.newsobserver.com
1	d15kdpgjg3unno.cloudfront.net	www.newsobserver.com
1	ats.rlcdn.com	www.newsobserver.com
1	jsc.mgid.com	www.newsobserver.com
1	static.scroll.com	www.newsobserver.com
1	depart.trinitymedia.ai	vd.trinitymedia.ai
1	www.thestate.com	www.newsobserver.com
1	s.ntv.io	www.newsobserver.com
1	edge.quantserve.com	media2.newsobserver.com
1	lasteventf-tm.everesttech.net	media2.newsobserver.com
1	tag.wknd.ai	media2.newsobserver.com
1	www.sacbee.com	www.newsobserver.com
1	ad.crwdcntrl.net	www.newsobserver.com
1	mcclatchy-newsobserver.zeustechnology.com	www.newsobserver.com
1	mboxedge37.tt.omtrdc.net	www.newsobserver.com
1	www.gstatic.com	www.google.com
1	www.heraldsun.com	www.newsobserver.com
1	vd.trinitymedia.ai	trinitymedia.ai
1	mcclatchy.demdex.net	media2.newsobserver.com
1	mcclatchy.tt.omtrdc.net	www.newsobserver.com
232	113

This site contains links to these domains. Also see Links.

Domain
account.newsobserver.com
support.newsobserver.com
www.facebook.com
instagram.com
twitter.com
photostore.newsobserver.com
t.news.newsobserver.com
markets.financialcontent.com
kidstownnc.com
games.newsobserver.com
artsnownc.com
www.triangletoday.com
www.legacy.com
placead.mcclatchy.com
triangle.adperfect.com
placead2.newsobserver.com
jobs.newsobserver.com
www.legalnotice.org
www.linkedin.com
www.pinterest.com
www.reddit.com
www.mcclatchyreprints.com
www.bbc.com
www.nytimes.com
www.bloomberg.com
www.statnews.com
policies.google.com
www.nbcnews.com
www.gisaid.org
bit.ly
www.mgid.com
newsobserver.com
www.youtube.com
mcciservices.newscyclecloud.com
www.mcclatchy.com
k12nie.com
classifieds.newsobserver.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
www.mcclatchydc.com DigiCert SHA2 Secure Server CA	`2019-12-21` - `2021-03-21`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
trinitymedia.ai Sectigo ECC Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
iris.tv Amazon	`2020-10-10` - `2021-11-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
vd.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
*.zeustechnology.com Amazon	`2020-06-13` - `2021-07-13`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
tag.wknd.ai R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-01-06` - `2021-04-20`	3 months	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-04` - `2021-04-03`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
depart.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-28` - `2021-12-28`	a year	crt.sh
*.scroll.com R3	`2021-01-03` - `2021-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
ats.rlcdn.com GTS CA 1D2	`2021-01-12` - `2021-04-12`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
www.everestjs.net DigiCert SHA2 Secure Server CA	`2020-09-25` - `2021-09-30`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
publishersite.xyz Amazon	`2020-03-03` - `2021-04-03`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D2	`2020-12-24` - `2021-03-24`	3 months	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.api.brightcove.com Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
geo.rlcdn.com GTS CA 1D2	`2020-12-28` - `2021-03-28`	3 months	crt.sh
queue.amazonaws.com Amazon	`2020-12-04` - `2021-12-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2020-07-29` - `2021-09-27`	a year	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-11-27` - `2021-02-25`	3 months	crt.sh
brightcove.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-28` - `2021-04-20`	7 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
ids.cdnwidget.com GTS CA 1D2	`2020-12-06` - `2021-03-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
e.cdnwidget.com GTS CA 1D2	`2020-12-18` - `2021-03-18`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.tmogul.com Amazon	`2020-08-14` - `2021-09-13`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Frame ID: DA8AEEE23CF609CD9D6EB454CD49C387
Requests: 216 HTTP requests in this frame

Frame: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: 89F24E4C568F9A34B66731C8BF8E1EEE
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Frame ID: 880D8FFF0B071C96B3B8DF07BC0850BD
Requests: 2 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&sCampaignID=2900000552&FAB=false&playerId=b419e851e7e9ff6f954b73b1bfaa42ce&isLegacyBrowser=false&version=20210122_3b4bed0cbc39c4eb37f04f72d0bc107aa377f668&useCFCDN=0&ts=1611403436101&tsServer=1611403435873&FABOnly=0
Frame ID: 3C3A644D0AB5C1BFC414F55991EB89D4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%26origin%3Dhttps%253A%252F%252Fwww.newsobserver.com%252Ff1d2486539b1324%26relation%3Dparent.parent&container_width=728&height=100&href=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&locale=en_US&numposts=10&sdk=joey&version=v3.2&width
Frame ID: 926725DB810466E5C8312186F5967ED3
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/94027/connatix.playspace.dc.js
Frame ID: B3A41A256D3CE87330D72CE5B40E38B0
Requests: 2 HTTP requests in this frame

Frame: https://sb.scorecardresearch.com/beacon.js
Frame ID: 43C6686CD9A28D0ABC2C3A0A893C9885
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EAC8091DC670426F872F4B9D46DC722A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.435.0_en.html
Frame ID: 4160BB9469E43177CEE20D0CD8257C52
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1611403439797509627476
Frame ID: 3EA82236F9780F705C8AB76A9235D7E9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: EE9CF06B786765ADC3F6B721ED356832
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/14221371079760943072
Frame ID: B5D4A6986F15BD03D5C490A445F3B217
Requests: 1 HTTP requests in this frame

Frame: https://4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: CE9DBCCCF736850C0248592B3DACEFD4
Requests: 1 HTTP requests in this frame

Frame: https://www.everestjs.net/static/pixel_details.html
Frame ID: 12F5EB748A26493E3F12CE0929C23369
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.newsobserver.com
Frame ID: 40F77229D036817CF15F754E2B315CFA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 3E6D8F33E6C02E9654C8E8A6CD78C624
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG47... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1... HTTP 307
https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hs... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

232
Requests

99 %
HTTPS

32 %
IPv6

70
Domains

113
Subdomains

92
IPs

11
Countries

3367 kB
Transfer

9847 kB
Size

68
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://account.newsobserver.com/static/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://account.newsobserver.com/static/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: http://support.newsobserver.com/#navlink=subnav
Title: Support

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsandobserver/#navlink=subnav
Title: Facebook

Search URL Search Domain Scan URL

URL: http://instagram.com/newsobserver/#navlink=subnav
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/newsobserver/#navlink=subnav
Title: Twitter

Search URL Search Domain Scan URL

URL: http://photostore.newsobserver.com/mycapture/index.asp#navlink=subnav
Title: Buy Photos

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://markets.financialcontent.com/mi.newsob/markets/#navlink=subnav
Title: Stocks Center

Search URL Search Domain Scan URL

URL: http://kidstownnc.com/#navlink=subnav
Title: Family

Search URL Search Domain Scan URL

URL: http://games.newsobserver.com/?arkpromo=site_subnav
Title: Games and Puzzles

Search URL Search Domain Scan URL

URL: http://artsnownc.com/#navlink=subnav
Title: ArtsNow

Search URL Search Domain Scan URL

URL: http://games.newsobserver.com/#navlink=subnav
Title: Games

Search URL Search Domain Scan URL

URL: http://www.triangletoday.com/#navlink=subnav
Title: Nightlife

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/newsobserver/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placead.mcclatchy.com/obits/raleigh/home/listItems.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: http://triangle.adperfect.com/?catid=198#navlink=subnav
Title: Apartments

Search URL Search Domain Scan URL

URL: http://triangle.adperfect.com/?catid=201#navlink=subnav
Title: Cars

Search URL Search Domain Scan URL

URL: http://triangle.adperfect.com/?catid=197#navlink=subnav
Title: Homes

Search URL Search Domain Scan URL

URL: http://triangle.adperfect.com/?catid=191#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: http://placead2.newsobserver.com/#navlink=subnav
Title: Obits/In Memoriams

Search URL Search Domain Scan URL

URL: https://jobs.newsobserver.com/#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: http://www.legalnotice.org/pl/newsobserver/landing1.aspx#navlink=subnav
Title: Legals

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Labcorp+is+studying+COVID-19+mutations.+Can+it+improve+US+tracking+of+the+virus%3F&url=https://www.newsobserver.com/news/coronavirus/article248661625.html
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.newsobserver.com/news/coronavirus/article248661625.html
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.newsobserver.com/news/coronavirus/article248661625.html&title=Labcorp%20is%20studying%20COVID-19%20mutations.%20Can%20it%20improve%20US%20tracking%20of%20the%20virus?
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://www.newsobserver.com/news/coronavirus/article248661625.html&description=Labcorp%20is%20studying%20COVID-19%20mutations.%20Can%20it%20improve%20US%20tracking%20of%20the%20virus?&media=https://www.thestate.com/latest-news/hi0fj1/picture241477646/alternates/LANDSCAPE_1140/COL_drivethroughtestingcovi%20(5)
Title:

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.newsobserver.com/news/coronavirus/article248661625.html
Title:

Search URL Search Domain Scan URL

URL: https://www.mcclatchyreprints.com/
Title: ORDER REPRINT →

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sacbee.com%2Fnews%2Fcoronavirus%2Farticle248160930.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.sacbee.com%2Fnews%2Fcoronavirus%2Farticle248160930.html&text=What%20to%20know%20about%20the%20new%20COVID-19%20variant%20in%201%20minute

Search URL Search Domain Scan URL

URL: https://www.bbc.com/news/health-55534727#:~:text=The%20South%20African%20variant%20carries%20a%20mutation%20called%20E484K%2C%20among%20others.&text=Dr%20Simon%20Clarke%2C%20who%20is,spike%20protein%20which%20are%20concerning.%22
Title: South Africa

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2020/12/30/health/coronavirus-mutant-colorado.html
Title: California

Search URL Search Domain Scan URL

URL: https://www.bloomberg.com/news/articles/2021-01-20/south-african-study-into-new-virus-strain-raises-vaccine-fears
Title: compromise the effectiveness of vaccines

Search URL Search Domain Scan URL

URL: https://www.statnews.com/2020/12/31/with-limited-surveillance-of-covid-19-variant-its-deja-vu-all-over-again/
Title: slower than some other countries

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2020/12/22/opinion/coronavirus-uk-strain.html
Title: “flying blind”

Search URL Search Domain Scan URL

URL: https://account.newsobserver.com/subscribe/create?param=f3JBD0A=&offer=NmEfaxcUb3lSCUJAfRJIckc7eXBBdjVHdQlBG15QPgoUG0hQeHNFCkdAb29STx0HLisVS1BIbxExdUtLAAxBdD1DeHpJGw8%3D&cid=ros_cta_.99mo-1mo-15.99_202101
Title: CLAIM OFFER

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.nbcnews.com/health/health-news/u-k-variant-spreads-u-s-scientists-warn-country-isn-n1253467
Title: NBC News previously reported

Search URL Search Domain Scan URL

URL: https://www.gisaid.org/
Title: GISAID Initiative

Search URL Search Domain Scan URL

URL: http://bit.ly/newsinnovate
Title: bit.ly/newsinnovate

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3944304/i/57369807/0/pp/1/1?h=t3RxIkBzqaB6WnJutyHEXtR8akKufDy7mRdJ128T5JmaxfIx_6ElYWooqCNGa3ex&rid=1339b853-5d73-11eb-88dd-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Two+UNC+basketball+coaches+got+COVID+vaccine+ahead+of+schedule.+Here%E2%80%99s+how.&url=https://www.newsobserver.com/sports/college/acc/unc/article248700870.html
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.newsobserver.com/sports/college/acc/unc/article248700870.html
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.newsobserver.com/sports/college/acc/unc/article248700870.html&title=Two%20UNC%20basketball%20coaches%20got%20COVID%20vaccine%20ahead%20of%20schedule.%20Here%E2%80%99s%20how.
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://www.newsobserver.com/sports/college/acc/unc/article248700870.html&description=Two%20UNC%20basketball%20coaches%20got%20COVID%20vaccine%20ahead%20of%20schedule.%20Here%E2%80%99s%20how.&media=https://www.newsobserver.com/wps/build/images/undefined/facebook.jpg
Title:

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.newsobserver.com/sports/college/acc/unc/article248700870.html
Title:

Search URL Search Domain Scan URL

URL: https://newsobserver.com/mobile
Title: Raleigh News & Observer App

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsandobserver
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/newsobserver
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/newsobservertube
Title:

Search URL Search Domain Scan URL

URL: https://account.newsobserver.com/static/subscribe/#navlink=mi_footer
Title: Start a Subscription

Search URL Search Domain Scan URL

URL: https://mcciservices.newscyclecloud.com/cgi-bin/cmo_mcc-c-cmdb-est-01.sh/custservice/web/login.html?siteid=RAL#navlink=mi_footer
Title: Vacation Hold

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-observer/#navlink=mi_footer
Title: About Us

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://k12nie.com/?p=newsobserver/#navlink=mi_footer
Title: News in Education

Search URL Search Domain Scan URL

URL: http://www.legalnotice.org/pl/newsobserver/landing1.aspx#navlink=mi_footer
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://classifieds.newsobserver.com/#navlink=mi_footer
Title: Place a Classified

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61?_ud=b65eec63-c187-4937-bb72-0e17b5ce372c&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://cm.everesttech.net/cm/dd?d_uuid=21260440396695657883880154063120879705 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAwQrAAAAFL2dh-H

Request Chain 71

https://js.matheranalytics.com/s/ma12095/74930332/sp.js?cb=1554 HTTP 301
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js

Request Chain 76

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/news/coronavirus/article248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&rp=&ts=compact&rnd=1611403436395 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/news/coronavirus/article248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&rp=&ts=compact&rnd=1611403436395&ja=1

Request Chain 97

https://web.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%26origin%3Dhttps%253A%252F%252Fwww.newsobserver.com%252Ff1d2486539b1324%26relation%3Dparent.parent&container_width=728&height=100&href=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&locale=en_US&numposts=10&sdk=joey&version=v3.2&width= HTTP 302
https://www.facebook.com/v3.2/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%26origin%3Dhttps%253A%252F%252Fwww.newsobserver.com%252Ff1d2486539b1324%26relation%3Dparent.parent&container_width=728&height=100&href=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&locale=en_US&numposts=10&sdk=joey&version=v3.2&width&_rdc=1&_rdr HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%26origin%3Dhttps%253A%252F%252Fwww.newsobserver.com%252Ff1d2486539b1324%26relation%3Dparent.parent&container_width=728&height=100&href=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&locale=en_US&numposts=10&sdk=joey&version=v3.2&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%26origin%3Dhttps%253A%252F%252Fwww.newsobserver.com%252Ff1d2486539b1324%26relation%3Dparent.parent&container_width=728&height=100&href=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&locale=en_US&numposts=10&sdk=joey&version=v3.2&width

Request Chain 117

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/94027/connatix.playspace.dc.js

Request Chain 142

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1611403438676&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Labcorp%20gets%20CDC%20contract%20to%20study%20COVID%20variants%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1611403438676&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Labcorp%20gets%20CDC%20contract%20to%20study%20COVID%20variants%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8&c9=&cs_ak_ss=1

Request Chain 175

https://mcclatchy-d.openx.net/w/1.0/arj?auid=541167014&aus=970x250,728x90,970x90&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&res=1600x1200x24&tz=-60&nocache=1611403439674&us_privacy=1--- HTTP 302
https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014&aus=970x250,728x90,970x90&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&res=1600x1200x24&tz=-60&nocache=1611403439674&us_privacy=1---

Request Chain 189

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 190

https://x.bidswitch.net/sync?dsp_id=303&user_id=l0nXmBZUgM34 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l0nXmBZUgM34 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=f2187d77-2f94-40b1-8b59-3d6aa61a112b&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

Request Chain 191

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=VuMlkazyNtUMRD0q0GD6&pi=mgid&tc=1

Request Chain 193

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=bba85c90-f21f-4e98-a598-1bd06d7fc244&ttl=1613995440

Request Chain 194

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=88575084-65d0-5217-b14a-7ae0d1466a50&ssp=mgid&expires=30&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=f2187d77-2f94-40b1-8b59-3d6aa61a112b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDBuWG1CWlVnTTM0&muidn=l0nXmBZUgM34 HTTP 302
https://cm.mgid.com/google?muidn=l0nXmBZUgM34&google_ula={guid},5&google_gid=CAESECBEwUuv0bdIxqOFV_cyYWE&google_cver=1

Request Chain 211

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDnq7jUeBABGAEoATIIRCa0hO01vLpA1fzu7AU HTTP 301
https://tpc.googlesyndication.com/simgad/14221371079760943072

Request Chain 222

https://pixel.everesttech.net/7996/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26optout%3D__EFOPTOUT__%26throttleCookie%3D__EFSYNC__%26time%3D__EFTIME__ HTTP 302
https://www.everestjs.net/static/pixel_details.html

Request Chain 230

https://cm.everesttech.net/cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WUF3UXJBQUFBRkwyZGgtSA HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEFemD4NmK31tQ3UxQdGlKWk&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

232 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z45...
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 113ms
112ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:52 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d2fe7272a5e62a1728d21af343f1f05a01611403432; expires=Mon, 22-Feb-21 12:03:52 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=04ce4081e3314a892add45e5ff1a6da40a5cd858-1611403432; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 61615fba683e7363-CPH
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 07d0ba288600007363740a6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request article248661625.html Show response
www.newsobserver.com/news/coronavirus/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_...
https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhf...

127 KB
30 KB

1179ms
1099ms

Document
text/html

104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 75c5dc9310997577b480f34212484bbc8025704db7c0fab2e98c23bf21382ad7

Request headers

:method: GET
:authority: www.newsobserver.com
:scheme: https
:path: /news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61

Response headers

server: MI
content-type: text/html;charset=utf-8
set-cookie: ak_bmsc=EB5F17EC125FED83968BB1C19397F81B0210BB3E927B0000AB100C600FA78F0C~plpsvYrroZyPUuxDnjfLGuOPdn81rhpa9gf51e/K5QAhCNLfkdEV927TULGGukWvCtyAKQV8CBK0QddYadktHhaClIwy7wsoQdBCIuzysAYxCu3GUDhhl6d39s/DGfSsB8Ua4Z+B60LC1Wsr9GPnHBSNnakUJ5y3pmJGeoamhlbg+5UbZW8tPnlgIBwFOOm05Taq9zWb+HOffv/hOdlmjSvzxBpuKapFsox8AnjckpeiE=; expires=Sat, 23 Jan 2021 14:03:55 GMT; max-age=7200; path=/; domain=.newsobserver.com; HttpOnly
x-proxy-forwarding-type: WhiteList
x-meter: s
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: false
access-control-max-age: 86400
vary: Accept-Encoding
mi-cache: HIT
mi-cache-age: 9330
x-mi-in-market: 0
etag: W/"1f621-vBay2UCv8perY9Zp0GWkTHk4314"
x-varnish: 686831582, 314084710 316837401
surrogate-control: varnish=ESI/2.1
mi-api: WPS
x-akamai-transformed: 9 129157 0 pmb=mTOE,2
content-encoding: gzip
expires: Sat, 23 Jan 2021 12:03:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 23 Jan 2021 12:03:55 GMT
content-length: 29319

Redirect headers

date: Sat, 23 Jan 2021 12:03:53 GMT
location: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8#new_tab
cf-ray: 61615fc28ac57363-CPH
link: <https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8#new_tab>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 07d0ba2d9700007363e1230000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
server: cloudflare

GET
H2 200 core.js Show response
www.newsobserver.com/static/yozons-lib/ 48 KB
15 KB 158ms
152ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/core.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9bb40ae43cbe5d1afc97d82b113015a68de65891b6d5ea6902fda5cf3c26ce58

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 280
content-length: 15052
last-modified: Thu, 21 Jan 2021 16:34:49 GMT
server: MI
etag: W/"c1b3-5b96ba676dc40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 881075667, 282875719 286069509
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 newsobserver.js Show response
media2.newsobserver.com/misites/nao/ 2 KB
1 KB 160ms
81ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 18f9e6b96e326a7aa705c687fc8893c6b2df53acce477aefe2d0239d7b82fcb5

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 21:38:27 GMT
server: Apache
etag: "9f8-56b038eb73ac0"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1085

GET
H2 200 launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js Show response
assets.adobedtm.com/ 59 KB
17 KB 100ms
12ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 21856c91a409382f3b2eeec72e984ff71ffd7f3883c3f96c3b226793cf4db66e

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 16:49:22 GMT
server: AkamaiNetStorage
etag: "541f738fded75f1d8b5793df038eb3d3:1611161362.798777"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.newsobserver.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 17389
expires: Sat, 23 Jan 2021 13:03:55 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
4 KB 92ms
13ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ph7xrYI35GRVdqjZNZBM3g==
age: 3375
vary: Accept-Encoding
content-length: 4211
cf-request-id: 07d0ba363e000005c45b977000000001
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:11 GMT
server: cloudflare
etag: 0x8D8BD119702684C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: be615316-501e-0141-51fa-eeb6a0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61615fd06e0e05c4-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 91ms
12ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mHlk9fiiqYjvq2V+HtACPg==
age: 2984
vary: Accept-Encoding
cf-request-id: 07d0ba363d000005c4511d1000000001
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jul 2020 15:45:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 35967221-501e-000a-11f4-bdc16f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 61615fd06e0f05c4-FRA

GET
H2 200 vendor.bundle-af2280e5bf1fac00e2b0.js Show response
www.newsobserver.com/wps/build/webpack/ 395 KB
120 KB 84ms
14ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b468571983721e0e8522a0901f4a702584ec47df334a48ffc191617d1f3e21b1

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 187702
content-length: 122375
last-modified: Tue, 05 Jan 2021 22:07:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"62dbd-176d4972d30"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 518359862, 120809463 75700330
access-control-allow-origin: *
cache-control: max-age=292155
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-15539dde6db92a4565c1.js Show response
www.newsobserver.com/wps/build/webpack/ 13 KB
5 KB 156ms
86ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-header.bundle-15539dde6db92a4565c1.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 104002
content-length: 4394
last-modified: Tue, 05 Jan 2021 22:07:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"3412-176d4972d30"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 491702644, 710529991 683623052
access-control-allow-origin: *
cache-control: max-age=292140
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 10 KB
994 B 65ms
0ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52756abd619702a4516f7824a8dd53ab998c36020ffd1c9ec91069e960354f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Jan 2021 12:03:55 GMT
server: ESF
date: Sat, 23 Jan 2021 12:03:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Jan 2021 12:03:55 GMT

GET
H2 200 mi-styles.fdb8222743ac99f22f8c.css
www.newsobserver.com/wps/build/webpack/css/ 203 KB
42 KB 66ms
62ms Stylesheet
text/css 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.fdb8222743ac99f22f8c.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8bdff539920d92f5c3a121467d4cf862df0c4068df2facb2d7ca29ecb4d7fe1b

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 424687
content-length: 42760
last-modified: Tue, 05 Jan 2021 22:07:40 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"32c6b-176d49763e0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 592683560, 219261246 113596555
access-control-allow-origin: *
cache-control: max-age=170881
access-control-allow-credentials: false
mi-cache: HIT
content-type: text/css;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 guid.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 1 KB
966 B 155ms
86ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/guid.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 360289
content-length: 547
last-modified: Tue, 05 Jan 2021 22:04:08 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"505-176d49427c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 495962872, 156322749 51669200
access-control-allow-origin: *
cache-control: max-age=461080
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 35ms
35ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e597ab59c46f9b7eefacfbbc8c213b65f957ed4a5045034b0b6c8a97b56feef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jMQJ72LyrvWquj9lGcLNAA==
cross-origin-resource-policy: cross-origin
expires: Sat, 23 Jan 2021 12:07:02 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: zKGywWpYTjipVmOi8rUfNN1rBOUEeXMff8N7IyDN7WWUGlFIys7EKVImwmReEZCk9eEv4C9COxOFXjvzsZdSqw==
x-fb-trip-id: 917726464
x-fb-content-md5: eed6a54550e25fed7eca6ce0bd97793f
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 23 Jan 2021 12:03:55 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "50cca79372856673cbccc116f8683ff4"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
647 B 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f883ac1ff4bb4a60ccf481ff2f9231b07dcb0bb82c64b8c6f96f5b91e152da9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Sat, 23 Jan 2021 12:03:55 GMT

GET
H2 200 599167e4 Show response
www.newsobserver.com/akam/11/ 32 KB
11 KB 42ms
39ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/11/599167e4
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4867e7003126335286b05bb20bc1195b9b1c9ecfb49a146dc166156fc55a667d

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:07:21 GMT
etag: "417eb86628e16acf4e27046389b73a832ddb3c7ec3baa503df0f70b4b2606963"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 10425
expires: Sat, 23 Jan 2021 12:03:55 GMT

GET
H2 200 / Show response
trinitymedia.ai/player/trinity/2900000552/ 5 KB
3 KB 429ms
126ms Script
application/javascript 3.224.214.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity/2900000552/?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.224.214.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-214-149.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 22bbce02277f26562734141e60cc3726f01e623d4ea1fff35e9fc8c126c9b29c

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store
content-length: 2042

GET
H/1.1 200
OK donation-story-cta.js Show response
media.mcclatchy.com/hi/donations/ 3 KB
1 KB 197ms
37ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/hi/donations/donation-story-cta.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0f06499f55264507d5f40f5142113a715043a52025b373c305f3a125343fb073

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Oct 2020 14:52:21 GMT
Server: Apache
ETag: "d01-5b0eda12f67cb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, max-age=219
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1044

GET
H2 200 escenic_s_code.js Show response
media2.newsobserver.com/mistats/products/ 95 KB
32 KB 155ms
80ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 22:54:12 GMT
server: Apache
etag: "17b06-5b4555f9a663f"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 32672

GET
H2 200 escenic.js Show response
media2.newsobserver.com/mistats/products/ 63 KB
15 KB 161ms
87ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/products/escenic.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 92198135117fe1b0740d2e3b710d6f634379a74a7b0a8557152659636a08724c

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 18:38:09 GMT
server: Apache
etag: "fb3f-5b4ca7eed1826"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 15362

GET
H2 200 finalizestats.js Show response
media2.newsobserver.com/mistats/ 71 KB
19 KB 98ms
87ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/finalizestats.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ecd12fde65d51bd3c13094ebdb5f4570ca6a1ea6eeea58afca96c52634a5e059

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 16:46:37 GMT
server: Apache
etag: "11cc4-5b61eeb5fb911"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 18904

GET
H2 200 mi-footer.bundle-79c24024c08d7f0c7b17.js Show response
www.newsobserver.com/wps/build/webpack/ 11 KB
5 KB 111ms
100ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 109
content-length: 4197
last-modified: Tue, 05 Jan 2021 22:07:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"2d5a-176d4972d30"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 438133982, 609606117 611729332
access-control-allow-origin: *
cache-control: max-age=219488
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 iris.adaptive.js Show response
ovp.iris.tv/libs/adaptive/v2/ 123 KB
35 KB 101ms
7ms Script
application/javascript 2600:9000:206f:9c00:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba8bbfe110629e3df60cffbcd75d2ea7627f5f6e13ef3ba0354221cab7b8e097

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Dec 2020 19:34:00 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 18:43:33 GMT
server: AmazonS3
age: 3774596
etag: W/"a5f9f8a7f66429858d67ad40caa225aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yNO4p54aN9wmQjMnpKaFPqqyZn6b5iAY
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: TNJFL3m6PKzgJrqwzgEoMPCXu_wTQnv43Hj6c7g4enJUIN8ByGOoUg==

GET
H2 200 iris-context.min.js Show response
ovp.iris.tv/libs/context/ 13 KB
5 KB 101ms
6ms Script
application/javascript 2600:9000:206f:9c00:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9710dab6bb3447842cba847209148bd89fb928f55865b045105fa3aefa4fb51f

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5ZdiiNwZl43A.GuGAotRXH1LFI541fXN
content-encoding: gzip
last-modified: Thu, 18 Jun 2020 14:14:19 GMT
server: AmazonS3
age: 48027
etag: W/"1f6dcd0526f7505c7eb84fec71d5e468"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
date: Fri, 22 Jan 2021 22:43:29 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: IIFzi9B-f-eqh2sYOetTe-qS5XeoVRPSFMq-Vfbv2pFBqAiLcNQbfA==

GET
H2 200 vue.bundle-c7ea276fec8a7f119396.js Show response
www.newsobserver.com/wps/build/webpack/ 107 KB
38 KB 111ms
101ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vue.bundle-c7ea276fec8a7f119396.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d9505badaa1ef09e2237fa9094f474577f02ad805f5143afa078733f2ebfc9b8

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 113
content-length: 38898
last-modified: Tue, 05 Jan 2021 22:07:59 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1ad47-176d497ae18"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 440705843, 1016981159 1023648216
access-control-allow-origin: *
cache-control: max-age=289143
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videojs.bundle-890a2e28dc5356b380ad.js Show response
www.newsobserver.com/wps/build/webpack/ 455 KB
120 KB 122ms
112ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videojs.bundle-890a2e28dc5356b380ad.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 81521a2a12208fb21d9c38a9f8c0b3cbb12b6c617d8ccfb946f131638e4ae70f

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 495747
content-length: 121808
last-modified: Tue, 05 Jan 2021 22:07:59 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"71b1f-176d497ae18"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 441917222, 721222068 613245991
access-control-allow-origin: *
cache-control: max-age=184526
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videoStory.bundle-e65f7076b4fea8f89d30.js Show response
www.newsobserver.com/wps/build/webpack/ 208 KB
61 KB 133ms
123ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-e65f7076b4fea8f89d30.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e6f4e26e069e4c26d633463a9876b8ead09cf4b8084f3f74ae6a4834ac5ac4dd

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 112
content-length: 61554
last-modified: Tue, 05 Jan 2021 22:07:59 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"33f75-176d497ae18"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 437218533, 1016426506 1025737712
access-control-allow-origin: *
cache-control: max-age=219494
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 galleryStoryPage.bundle-3cb1175f89b7205eab7c.js Show response
www.newsobserver.com/wps/build/webpack/ 22 KB
7 KB 139ms
129ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/galleryStoryPage.bundle-3cb1175f89b7205eab7c.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 91b13322528116a01770e58684b5165aee3b6b2b21f877387074fce66f9aa8a6

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 375
content-length: 6745
last-modified: Tue, 05 Jan 2021 22:07:59 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"564e-176d497ae18"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 438098744, 1014591592 1018121351
access-control-allow-origin: *
cache-control: max-age=223989
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 footer.bundle-0f76d0f6c06ab8062a97.js Show response
www.newsobserver.com/wps/build/webpack/ 10 KB
3 KB 139ms
130ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/footer.bundle-0f76d0f6c06ab8062a97.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3b7f0353b5e7f4898ea13784cb8d09a1d07381cc6082588dfb50c3b69c7c9757

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 109
content-length: 2434
last-modified: Tue, 05 Jan 2021 22:07:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"265d-176d4972d30"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 436886623, 1023976328 1023648231
access-control-allow-origin: *
cache-control: max-age=142276
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 netdale.cc2bfe8b3680dbe52998.js Show response
www.newsobserver.com/static/yozons-lib/ 68 KB
17 KB 47ms
44ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/netdale.cc2bfe8b3680dbe52998.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 043e4c79e36e7182e52008751153ab534d62a435e1cf19862153930822de4f31

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 590
content-length: 17366
last-modified: Thu, 21 Jan 2021 16:34:47 GMT
server: MI
etag: W/"110e7-5b96ba65857c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 880198230, 282484945 286069535
access-control-allow-origin: *
cache-control: max-age=449205
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 0
710 B 188ms
89ms XHR
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=%2F7675%2Fral.site_newsobserver%2Fpropensity&sz=1x1&ref=&cookie=&c=132118599866115&tile=1&u_tz=60

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adobe.t2_3.js Show response
www.newsobserver.com/static/yozons-lib/ 145 KB
36 KB 45ms
44ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 305f81e515ab9c624b6b6d75f72f5da0630e5d2b3c8e11d14f552508e2cecc44

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 83099
content-length: 36601
last-modified: Wed, 13 Jan 2021 14:52:20 GMT
server: MI
etag: W/"2425a-5b8c949399100"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 219573125, 838483965 828906043
access-control-allow-origin: *
cache-control: max-age=263884
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 gfc.a5710ac4b546a6a19c81.js Show response
www.newsobserver.com/static/yozons-lib/ 10 KB
5 KB 55ms
53ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/gfc.a5710ac4b546a6a19c81.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 82b59f12c894f6e7a38213bb46b18ff8754219c80c70485f30445b916c0c1ba0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 590
content-length: 4672
last-modified: Thu, 21 Jan 2021 16:34:47 GMT
server: MI
etag: W/"2853-5b96ba65857c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 283524338, 882252396 883068222
access-control-allow-origin: *
cache-control: max-age=449205
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

POST
H2 200 delivery Show response
mcclatchy.tt.omtrdc.net/rest/v1/ 189 B
448 B 154ms
50ms XHR
application/json 52.51.251.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=b4dcd632ca2b400eb024d48b50ffd1ed&version=2.3.0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.251.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-251-137.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 118673acafd713670902b5ee1e579e6ae63c1d2c1c548ebe63380b9c557a6dc2

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 1845b5f8775ed4fdf672f61ecc32bb33
content-type: application/json;charset=UTF-8

GET
H2 200 common.js Show response
media2.newsobserver.com/misites/all/ 4 KB
2 KB 73ms
71ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/misites/all/common.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 13:27:05 GMT
server: Apache
etag: "ee5-59232dc43bc40"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1412

GET
H2 200 micb.js Show response
media2.newsobserver.com/mistats/ 132 KB
36 KB 42ms
41ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/micb.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 00c6e9788d5997077deec494717e5fb368dd721aefb1044f41075b1479c1c842

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 14:35:34 GMT
server: Apache
etag: "20e55-5b4db393c4afd"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 36863

GET
H2 200 pts Show response
pubads.g.doubleclick.net/subopt/ 150 B
779 B 270ms
174ms XHR
application/json 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/subopt/pts?products=newsobserver.com&type=general&extrainfo=null&u_tz=-60&v=1&cdm=www.newsobserver.com&c=86526

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

aa7b5487965f8ad73deb95b8c75fccf0aa9e42515da23be90cd1f3f91715e6ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 23 Jan 2021 12:03:56 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 51ms
51ms XHR
application/json 52.212.209.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_coop_safe=1&ts=1611403435831

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-209-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

64c0ea6138d6f71e2969d073ebbd96bb7ceb7eb3de536ed8450f27e32b5aba0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v088-02252d247.edge-irl1.demdex.com 5.80.5.20210120122710 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: fAOe/YWdQps=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 993
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 204 data Show response
pubads.g.doubleclick.net/subopt/ 0
569 B 234ms
182ms XHR
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/subopt/data?states=newsobserver.com%3Aunknown&extrainfo=null&u_tz=-60&v=1&cdm=www.newsobserver.com&c=175447

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jan 2021 12:03:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 89ec5922-1183-4866-8824-09f66181e549.json Show response
cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/ 3 KB
2 KB 29ms
14ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/89ec5922-1183-4866-8824-09f66181e549.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0827a540ffd8faac9bc0bcdcb724fdb6e0a4fb3d073d46ff9a93ea105e1613ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VEhEeWxZ9Hxrgg8t3QZJ7w==
age: 3709
vary: Accept-Encoding
content-length: 1277
cf-request-id: 07d0ba378a0000d6d92f16a000000001
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 15:58:01 GMT
server: cloudflare
etag: 0x8D84521D12CED36
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 70169d7c-701e-0034-18b3-b4774e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61615fd27e70d6d9-FRA

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
242 B 48ms
29ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d851d84e101ca32d51ff937ef2bcafd53e9f83b53694c73c7d3eb3031357b27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 61615fd2d9ee05b3-FRA
cf-request-id: 07d0ba37cb000005b3278e7000000001

GET
H2 200 geofeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
512 B 44ms
25ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4791a3ec0c07289a7f51ca6f70d7b12d875746fae8c9ddb8a145b75134e7b1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 61615fd2d9f205b3-FRA
cf-request-id: 07d0ba37cb000005b32d296000000001

GET
H2 200 identityModulev3.min.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 35 KB
11 KB 41ms
39ms XHR
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/identityModulev3.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 4216
content-length: 11142
last-modified: Tue, 05 Jan 2021 22:04:08 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"8dbb-176d49427c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 486606222, 680510558 682429024
access-control-allow-origin: *
cache-control: max-age=543732
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H/1.1 200
OK Cookie set dest5.html
mcclatchy.demdex.net/ Frame 89F2 0
0 198ms
50ms Document
text/html 52.49.92.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.demdex.net/dest5.html?d_nsid=0

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.92.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-92-20.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: mcclatchy.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=21260440396695657883880154063120879705
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 21 Jan 2021 11:34:19 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=21260440396695657883880154063120879705;Path=/;Domain=.demdex.net;Expires=Thu, 22-Jul-2021 12:03:56 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: /ZjIccTKQ2E=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
mcclatchy.sc.omtrdc.net/ 2 B
321 B 140ms
42ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=21166639990583293233821248159405189102&ts=1611403435971

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-75ffb878dc-66vs5
vary: Origin
x-c: main-1414.Id04486.M0-474
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YAwQrAAAAFL2dh-H
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=21260440396695657883880154063120879705
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAwQrAAAAFL2dh-H

42 B
915 B

61ms
60ms

Image
image/gif

52.212.209.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAwQrAAAAFL2dh-H

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-209-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v088-02252d247.edge-irl1.demdex.com 5.80.5.20210120122710 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: pEEDfHayS7M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAwQrAAAAFL2dh-H
Date: Sat, 23 Jan 2021 12:03:56 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v11/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 11:00:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:58:43 GMT
server: sffe
age: 90187
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10116
x-xss-protection: 0
expires: Sat, 22 Jan 2022 11:00:48 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
fonts.gstatic.com/s/notoserif/v9/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 12:11:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:20 GMT
server: sffe
age: 258719
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13660
x-xss-protection: 0
expires: Thu, 20 Jan 2022 12:11:56 GMT

GET
H3-Q050 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v11/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 19:53:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:50:56 GMT
server: sffe
age: 58210
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10292
x-xss-protection: 0
expires: Sat, 22 Jan 2022 19:53:46 GMT

GET
H2 200 logo.svg
www.newsobserver.com/wps/build/images/newsobserver/ 5 KB
3 KB 38ms
37ms Image
image/svg+xml 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/build/images/newsobserver/logo.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1270a862b7759b86d679ce76254e22bcd758959c10543bd38d451a9ef6c38004

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 84903
content-length: 2220
last-modified: Tue, 05 Jan 2021 22:07:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1479-176d4972d30"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 481960258, 51275247 38816014
access-control-allow-origin: *
cache-control: max-age=602277
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
333 B 33ms
33ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 61615fd37bd505b3-FRA
cf-request-id: 07d0ba3830000005b3e831f000000001

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 196 KB
59 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=55e791b06077ce856ff5f6f6a453eb74&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6ef3e56b3522649c6ca0c9222571690844385d9dda63d9d020382751339cc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: L1CuwcpWh+unLjlTJogntA==
cross-origin-resource-policy: cross-origin
expires: Sun, 23 Jan 2022 10:28:55 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60428
x-fb-rlafr: 0
x-fb-debug: 1dbUm1AH9KFs0qdlSc0k/LBWw5e0Z+4RxHh919ZTFPwX14mD/gR+5Rm21LLvJxllmJDEy3HeRmUNzEshoGXciA==
x-fb-trip-id: 917726464
x-fb-content-md5: 093ccab3fdacaca9964349f17717764c
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 23 Jan 2021 12:03:56 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d8b2209803df0dabda7f7ed4867b8633"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fontawesome-webfont.woff2
www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 38ms
37ms Font
font/woff2 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.fdb8222743ac99f22f8c.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.fdb8222743ac99f22f8c.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 230
content-length: 56780
last-modified: Tue, 05 Jan 2021 22:04:08 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"ddcc-176d49427c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 448974644, 1038863137 1046163139
access-control-allow-origin: *
cache-control: max-age=99
access-control-allow-credentials: false
mi-cache: HIT
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 trinity_inject_script.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20210122_3b4bed0cbc39c4eb37f04f72d0bc107aa377f668/ 599 KB
144 KB 91ms
31ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210122_3b4bed0cbc39c4eb37f04f72d0bc107aa377f668/trinity_inject_script.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900000552/?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: a9b75f73eb1f6d3b89fa74ddb59dea1134436331957f11f8b312cb578a3e42c9

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
last-modified: Fri, 22 Jan 2021 10:58:40 GMT
server: AmazonS3
x-amz-request-id: CE6D298AC0FC4F01
etag: "34719bcb454c426225052ecc081e3ab4"
x-hw: 1611403436.dop216.sk1.t,1611403436.cds213.sk1.hn,1611403436.cds012.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 146724
x-amz-id-2: MD9sGAA+fUyF9PT8qGgahIGQcULrt2weitedd8ObJ60YNAfBXVp/agIzt8SHvrVPKjmQYSHh4qk=

GET
H3-Q050 200 ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
fonts.gstatic.com/s/notoserif/v9/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 18 Jan 2021 23:10:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
age: 392003
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13192
x-xss-protection: 0
expires: Tue, 18 Jan 2022 23:10:33 GMT

GET
H2 200 Zach%20Eanes%20linkedin.jpg
www.heraldsun.com/latest-news/2n1767/picture222194610/alternates/FREE_480/ 15 KB
16 KB 37ms
36ms Image
image/jpeg 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/latest-news/2n1767/picture222194610/alternates/FREE_480/Zach%20Eanes%20linkedin.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b444e20f091694f3bb6c3116936cf6eb2a4201d1af3fcf6e09823ac03ba0b9e2

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 169308
content-length: 15765
last-modified: Wed, 19 Jun 2019 23:44:33 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "34cf37877d8a81d6ea33b3185c92661a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 28645485, 182194371 157330948
access-control-allow-origin: *
cache-control: max-age=225405
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/ 331 KB
130 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab2ee6c6698b57f2f3c79839a574a6808197ac57b7fbc6295b1be3ab8a4d279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 11:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3013
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132786
x-xss-protection: 0
last-modified: Sun, 17 Jan 2021 15:08:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jan 2022 11:13:43 GMT

POST
H2 200 delivery Show response
mboxedge37.tt.omtrdc.net/rest/v1/ 5 KB
2 KB 64ms
61ms XHR
application/json 52.51.251.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=b4dcd632ca2b400eb024d48b50ffd1ed&version=2.3.0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.251.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-251-137.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7ee9033ba8689aa7859945f54f2ffd1ef8da42cb41cdad4f1517db1b25e3e95c

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: f4ea658c32b887a3d5d36f73ca4422a0
content-type: application/json;charset=UTF-8

GET
H2 200 main.js Show response
mcclatchy-newsobserver.zeustechnology.com/ 199 KB
53 KB 151ms
43ms Script
application/javascript 65.9.67.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.cc2bfe8b3680dbe52998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23425925f24f35a94cde3e8e7664fd092258cfda4f60c0e3ea14d0fbbb93c38

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: E9uktLWQE.OpKfK_RJnWepc_9WSdl.ck
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 19:50:01 GMT
server: AmazonS3
age: 34129
etag: W/"6238c662edf036d0e87e6cded8531153"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
date: Sat, 23 Jan 2021 02:35:08 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: cxYi0na75G9r38svwEUZvumnIIPsa5ulwGX2bN38DDcboea3tutshw==

GET
H2 200 callback=mi.ads.extractPid Show response
ad.crwdcntrl.net/5/c=7436/pe=y/ 82 B
290 B 49ms
47ms Script
application/javascript 34.245.253.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=7436/pe=y/callback=mi.ads.extractPid
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.245.253.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-253-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:56 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.212
content-type: application/javascript;charset=UTF-8
content-length: 82
expires: 0

GET
H2 200 loader.js Show response
contributor.google.com/scripts/7df76a16abfcab18/ 104 KB
36 KB 198ms
174ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7df76a16abfcab18/loader.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b36d1f37d32f378aac86f30e5ba1994445779a7bfc31726f88e794a0cba83e28

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ei8r01OWj7JnjHpL5bsrzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-Ei8r01OWj7JnjHpL5bsrzg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=86400
content-security-policy: script-src 'report-sample' 'nonce-Ei8r01OWj7JnjHpL5bsrzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-Ei8r01OWj7JnjHpL5bsrzg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 23 Jan 2021 12:03:56 GMT

GET
H2 200 RAL_VACCINE08-010721-EDH.JPG
www.newsobserver.com/latest-news/okcrv4/picture248612240/alternates/LANDSCAPE_1140/ 138 KB
139 KB 78ms
73ms Image
image/jpeg 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/okcrv4/picture248612240/alternates/LANDSCAPE_1140/RAL_VACCINE08-010721-EDH.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a2ee12b1a5d8bb3acf687521fddb303860ccfcf298d44ade935166db8b4868df

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5649
content-length: 141588
last-modified: Tue, 19 Jan 2021 21:10:27 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "3e7f0bd10f796b1cbd78762bb2e3b4fa"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 273363583 273291720
access-control-allow-origin: *
cache-control: max-age=379684
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 AP20325649472956.jpg
www.sacbee.com/latest-news/n97gnl/picture247400945/alternates/LANDSCAPE_480/ 17 KB
18 KB 85ms
79ms Image
image/jpeg 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sacbee.com/latest-news/n97gnl/picture247400945/alternates/LANDSCAPE_480/AP20325649472956.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dd8d6f6954d7d4048c8d2c3bfe60c9e22b91e59a95861873e7d0dd620b96281f

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 996
content-length: 17567
last-modified: Fri, 27 Nov 2020 17:06:34 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "2128cf769eb4f9905aff13963bf50ac6"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 581777101 592188815
access-control-allow-origin: *
cache-control: max-age=225602
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 Virus_Outbreak_California_Secret_Data_98673.jpg
www.mcclatchy-wires.com/incoming/rh8i2v/picture248688095/alternates/LANDSCAPE_480/ 14 KB
14 KB 84ms
79ms Image
image/jpeg 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/rh8i2v/picture248688095/alternates/LANDSCAPE_480/Virus_Outbreak_California_Secret_Data_98673.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 51984d5109122f7e506365f6c48884ebae1d299f977f67c05b3ba86ff3d0e9f8

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 749
content-length: 13948
last-modified: Fri, 22 Jan 2021 06:03:02 GMT
server: MI
x-proxy-forwarding-type: WhiteList
etag: "ef3691fa81bc0e6ee741796e305e2295"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 893206416, 301227287 304650418
access-control-allow-origin: *
cache-control: max-age=542188
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 011921_PFRIDAY_VAX_GOV_TEL_07.JPG
www.newsobserver.com/latest-news/wkx0tb/picture248618675/alternates/LANDSCAPE_480/ 21 KB
21 KB 80ms
75ms Image
image/jpeg 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/wkx0tb/picture248618675/alternates/LANDSCAPE_480/011921_PFRIDAY_VAX_GOV_TEL_07.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5599f5eb32f194248d98cdf410f1776bb7f706387deed6f028ded1e006854102

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2771
content-length: 21001
last-modified: Wed, 20 Jan 2021 00:20:09 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "a31123f2a31f52807084056643f19961"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 298666881, 890008919 888402351
access-control-allow-origin: *
cache-control: max-age=521750
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 Virus_Outbreak_France_53016.jpg
www.mcclatchy-wires.com/incoming/j79u53/picture248698570/alternates/LANDSCAPE_480/ 10 KB
10 KB 83ms
79ms Image
image/jpeg 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/j79u53/picture248698570/alternates/LANDSCAPE_480/Virus_Outbreak_France_53016.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6163904265221074501da4b4117ada658c67d3010a441644ad8a9d56ad4c6345

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2710
content-length: 10060
last-modified: Fri, 22 Jan 2021 19:07:49 GMT
server: MI
x-proxy-forwarding-type: WhiteList
etag: "7c835b5884359d395f3a645d842a6da5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 309628652 307208462
access-control-allow-origin: *
cache-control: max-age=557369
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 20190627_wakeupandread_CAT_081.jpg
www.newsobserver.com/latest-news/ms9n2w/picture232031697/alternates/LANDSCAPE_480/ 28 KB
29 KB 81ms
77ms Image
image/jpeg 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/ms9n2w/picture232031697/alternates/LANDSCAPE_480/20190627_wakeupandread_CAT_081.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 78367dd3b9b481797be97f0a636fdf07acfd4a05f052bf1f51acf1eca6e3145c

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 898
content-length: 28960
last-modified: Thu, 27 Jun 2019 19:19:08 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "b7df974d26a932d5b039d694ccde7249"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 301592297 304923443
access-control-allow-origin: *
cache-control: max-age=559169
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 IMG_CGfront.JPG_17_1_937S7405.JPG
www.newsobserver.com/latest-news/sdp145/picture245265920/alternates/LANDSCAPE_480/ 21 KB
21 KB 81ms
77ms Image
image/jpeg 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/sdp145/picture245265920/alternates/LANDSCAPE_480/IMG_CGfront.JPG_17_1_937S7405.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41a16c21a72d97b0cc141145555336ba7715180c442f30f9190ada811d9dd375

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 323044
content-length: 21464
last-modified: Wed, 26 Aug 2020 15:52:43 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "a0f134cf1b88b6f6be094bfe4391f9a1"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 1011445076, 306025167 234523511
access-control-allow-origin: *
cache-control: max-age=249306
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 i.js Show response
tag.wknd.ai/3581/ 10 KB
3 KB 245ms
156ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3581/i.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d57d271f5ac0dc5213615fc5e63460e7a37c52d6d39b498a49adb08a1414e6a3

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:55 GMT
content-encoding: gzip
server: fasthttp
age: 1
etag: c3836c97837a7a
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public, max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 3174

GET
H/1.1 200
OK zone-swap.js Show response
media.mcclatchy.com/labs/skins/ 2 KB
1 KB 51ms
50ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/labs/skins/zone-swap.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1d07b3b3f6352860caa9027c4510579c66544ac6d6cf503bf2d03cc6652dacc8

Request headers

Origin: https://www.newsobserver.com
Referer: https://media.mcclatchy.com/hi/donations/donation-story-cta.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Oct 2020 14:03:51 GMT
Server: Apache
ETag: "7ae-5b1ca3c041cc1"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, max-age=1101
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 839

GET
H/1.1 200
OK tracking.js Show response
media.mcclatchy.com/labs/ 719 B
758 B 91ms
37ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/labs/tracking.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7bf3d2bedb459534063a0d240a6947c60f3dfafc557b59d1da49f1a439bcbf0f

Request headers

Origin: https://www.newsobserver.com
Referer: https://media.mcclatchy.com/hi/donations/donation-story-cta.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Aug 2020 19:48:30 GMT
Server: Apache
ETag: "2cf-5acdbb48ca3ca"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, max-age=1113
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 347

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
69 KB 25ms
20ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 2448385
vary: Accept-Encoding
content-length: 69711
cf-request-id: 07d0ba3952000005c47e057000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b5a3eed9-c01e-0069-3a3b-db874a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61615fd54afe05c4-FRA
expires: Sun, 31 Jan 2021 12:03:56 GMT

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
211 B 95ms
18ms XHR
text/plain 151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=69AE6A42768C78BC-2AA70307DFC1F72C&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=21166639990583293233821248159405189102&_les_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1611403436.469966,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-cph20640-CPH

GET
H2

200

sp.br.js Show response
js.matheranalytics.com/static/2_2_18-e/
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930332/sp.js?cb=1554
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js

78 KB
25 KB

40ms
40ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.250.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 02:23:17 GMT
content-encoding: br
last-modified: Sat, 20 Apr 2019 20:43:13 GMT
server: nginx
age: 121239
etag: "93626701087aa6ff39ccd5278fb9fd3b"
vary: Accept-Encoding
x-cache: HIT Sat, 20 Apr 2019 22:39:14 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public, max-age=269200
alt-svc: clear
content-length: 25418

Redirect headers

date: Sat, 23 Jan 2021 12:03:56 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 5-gc-euw1-10925

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/finalizestats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2664
date: Sat, 23 Jan 2021 11:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 23 Jan 2021 13:19:32 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ 23 KB
9 KB 12ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/finalizestats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 30 Jan 2021 12:03:56 GMT

GET
H2 200 mi_content_tracker.js Show response
media2.newsobserver.com/mistats/ 4 KB
2 KB 65ms
63ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/mi_content_tracker.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
last-modified: Wed, 04 Jun 2014 15:41:43 GMT
server: Apache
etag: "11ff-4fb047712bbc0"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1432

GET
H2 200 pageBottom.fcebd116d6e473fb7e4e.js Show response
www.newsobserver.com/static/yozons-lib/ 1 KB
993 B 64ms
63ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/pageBottom.fcebd116d6e473fb7e4e.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 864af8b07fd00259b4afdfc49035a2276e9d4bb4817a29bb9cf515807255186f

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 589
content-length: 618
last-modified: Thu, 21 Jan 2021 16:34:47 GMT
server: MI
etag: W/"47a-5b96ba65857c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 880914204 876209859
access-control-allow-origin: *
cache-control: max-age=449093
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/news/coronavirus/article248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D889...
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/news/coronavirus/article248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D889...

44 B
336 B

95ms
95ms

Image
image/gif

3.248.38.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/news/coronavirus/article248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&rp=&ts=compact&rnd=1611403436395&ja=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.38.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-38-24.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:56 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:56 GMT
server: nginx
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/news/coronavirus/article248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&rp=&ts=compact&rnd=1611403436395&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 moment.min.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 41 KB
14 KB 61ms
60ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/moment.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 409343
content-length: 14306
last-modified: Tue, 05 Jan 2021 22:04:08 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"a337-176d49427c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 482074913, 775522349 682231657
access-control-allow-origin: *
cache-control: max-age=401713
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 348 KB
102 KB 115ms
48ms Script
application/x-javascript 23.210.250.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6a9e70f1ba0fd44afd288e1afdca294c1fb2e2200a3f54601e43d574b26b7dca

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:56 GMT
Content-Encoding: gzip
x-amz-request-id: D7066C48CFB8218C
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 8Tmh3wcniXp9M0DTctrJ/WWUcwFkQs/QOvzK098teuJT7fclXu4aXEr4Oj+dAdRAGa7ULdqhxRY=
Last-Modified: Wed, 20 Jan 2021 14:01:56 GMT
Server: AmazonS3
ETag: "81d5d4298981945cd6053e264ffb6a91"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 316 KB
109 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-e65f7076b4fea8f89d30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75b2fac03bbc05658beeb0baf6a3a6a8777ee657bde86ef5b15cecf7ebeb2d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111259
x-xss-protection: 0
expires: Sat, 23 Jan 2021 12:03:56 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 COL_drivethroughtestingcovi%20(5)
www.thestate.com/latest-news/hi0fj1/picture241477646/alternates/FREE_768/ 39 KB
40 KB 60ms
57ms Image
image/jpeg 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thestate.com/latest-news/hi0fj1/picture241477646/alternates/FREE_768/COL_drivethroughtestingcovi%20(5)
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ab102ff825ad3d810e1acd3ae9377ffdb8af397890f33b3fb2df1eef5dbe8804

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 142410
content-length: 40340
last-modified: Tue, 24 Mar 2020 21:58:17 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "7dd685b0eab5ed1fcc28b53141e73b67"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 310684537 206092806
access-control-allow-origin: *
cache-control: max-age=604724
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

POST
H2 200 collect
depart.trinitymedia.ai/api/ 0
220 B 125ms
32ms Other
text/plain 35.157.168.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210122_3b4bed0cbc39c4eb37f04f72d0bc107aa377f668/trinity_inject_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.168.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-168-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 23 Jan 2021 12:03:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H3-Q050 200 css2
fonts.googleapis.com/ Frame 880D 5 KB
1 KB 44ms
29ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210122_3b4bed0cbc39c4eb37f04f72d0bc107aa377f668/trinity_inject_script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ba83576248901fd4ffd5bdde2833366330fc3cecc0434c66042712695337a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Jan 2021 11:45:40 GMT
server: ESF
date: Sat, 23 Jan 2021 12:03:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Jan 2021 12:03:56 GMT

GET
BLOB 200
OK ec59f2cb-3886-4f84-9a06-6ca9e4b163cc
https://www.newsobserver.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/ec59f2cb-3886-4f84-9a06-6ca9e4b163cc
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 86ms
85ms XHR
application/json 52.212.209.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_mid=21166639990583293233821248159405189102&d_coop_safe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=mcid%0121166639990583293233821248159405189102&ts=1611403436776

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-209-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5c0f26e958f6f7308842d061cc9c46c4e350ddf6f76151af42f1da570d45b3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v088-0fce26cd3.edge-irl1.demdex.com 5.80.5.20210120122710 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: iHE9fctcR3w=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 992
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 s42737018508132 Show response
mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/ 2 KB
3 KB 74ms
73ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/s42737018508132

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

185e8aab2e6aa96bfcbb3f85ef7a494292ece134f732456059033384927c6da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-aam-tid: +IwoHUzpQEc=
date: Sat, 23 Jan 2021 12:03:56 GMT
x-content-type-options: nosniff
x-c: main-1414.Id04486.M0-474
p3p: CP="This is not a P3P policy"
content-length: 2501
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v088-032b5775d.edge-irl1.demdex.com 5.80.5.20210120122710 7ms (+1ms)
pragma: no-cache
last-modified: Sun, 24 Jan 2021 12:03:56 GMT
server: jag
xserver: anedge-75ffb878dc-lvxwg
etag: 3460462530550333440-4621893931089628407
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Fri, 22 Jan 2021 12:03:56 GMT

POST
H2 200 audio.php
trinitymedia.ai/player/ Frame 3C3A 0
0 161ms
160ms Document
text/html 3.224.214.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&sCampaignID=2900000552&FAB=false&playerId=b419e851e7e9ff6f954b73b1bfaa42ce&isLegacyBrowser=false&version=20210122_3b4bed0cbc39c4eb37f04f72d0bc107aa377f668&useCFCDN=0&ts=1611403436101&tsServer=1611403435873&FABOnly=0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.224.214.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-214-149.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

:method: POST
:authority: trinitymedia.ai
:scheme: https
:path: /player/audio.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&sCampaignID=2900000552&FAB=false&playerId=b419e851e7e9ff6f954b73b1bfaa42ce&isLegacyBrowser=false&version=20210122_3b4bed0cbc39c4eb37f04f72d0bc107aa377f668&useCFCDN=0&ts=1611403436101&tsServer=1611403435873&FABOnly=0
content-length: 5526
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.newsobserver.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AWSALBCORS=amu5m/ge++TJkTkhspHC/YAsLGBsD0xnfh9JxPxEUo/mRGXlTKQUid7aWmmTVTQjyG5EZb2A28ZdO58o3W1nY0e/yt08YL+ygbfS1oLdlP/OBd6oC4t+lzpn2BJ3; AUID=eb2f21ce-6d3c-4138-8d5f-9a4d0dc35d33
Upgrade-Insecure-Requests: 1
Origin: https://www.newsobserver.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-type: text/html; charset=UTF-8
content-length: 10014
set-cookie: AWSALB=zoLE873HhyEsM+Q+J/XxlCWv3snARWqBgTDCMScdc3XDFaRgbnKNZQLJHiBBXw3lFaOf4Mnfaw1M3b2nN9UTh5CgHa2T5x/N8zjtWPia4Pwcz0c22h6f3wc3LtDV; Expires=Sat, 30 Jan 2021 12:03:56 GMT; Path=/ AWSALBCORS=zoLE873HhyEsM+Q+J/XxlCWv3snARWqBgTDCMScdc3XDFaRgbnKNZQLJHiBBXw3lFaOf4Mnfaw1M3b2nN9UTh5CgHa2T5x/N8zjtWPia4Pwcz0c22h6f3wc3LtDV; Expires=Sat, 30 Jan 2021 12:03:56 GMT; Path=/; SameSite=None; Secure
server: Apache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 118ms
19ms Script
application/javascript 199.232.198.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 89f555437822d8ce86a52b409ce45cce077a2653f047f2b4c79ef52eb98a9ccd

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
age: 65640
x-guploader-uploadid: ABg5-Uxo3wrcAHecxLmUViy3D6JuHkFKR9MJ1ICbLZ9BuNlmpgMgH6MTyB-oBz0zaNLo2sCX0YbmIUYtJr9wnrR7zlA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6481
x-served-by: cache-cph20626-CPH
last-modified: Wed, 02 Dec 2020 17:49:10 GMT
server: UploadServer
x-timer: S1611403437.972854,VS0,VE0
etag: "3432e8d2c468c4485947c2893a297556"
vary: Origin
x-goog-hash: crc32c=CTsFlA==, md5=NDLo0sRoxEhZR8KJOil1Vg==
x-goog-generation: 1606931350096968
via: 1.1 varnish
expires: Thu, 03 Dec 2020 17:49:11 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6481
accept-ranges: bytes
content-type: application/javascript
x-scrolljs: 3
x-cache-hits: 2011

GET
H2 200 performance.668256826920358bddb5.js Show response
www.newsobserver.com/static/yozons-lib/ 4 KB
2 KB 89ms
85ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/performance.668256826920358bddb5.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a0c960de3d4662390366cefceb19a039c03c079da32e9623668470bf16879aa3

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 588
content-length: 1416
last-modified: Thu, 21 Jan 2021 16:34:47 GMT
server: MI
etag: W/"f76-5b96ba65857c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 876603111, 283627545 282419976
access-control-allow-origin: *
cache-control: max-age=449208
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 parsely.98985427f54cbd6b8fb6.js Show response
www.newsobserver.com/static/yozons-lib/ 1 KB
951 B 90ms
86ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/parsely.98985427f54cbd6b8fb6.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fbe31b083e694e72260d9bbda5bd86a472eadb20cc3660b34536fa1db3027263

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 588
content-length: 569
last-modified: Thu, 21 Jan 2021 16:34:47 GMT
server: MI
etag: W/"4af-5b96ba65857c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 876603109, 281176773 287314741
access-control-allow-origin: *
cache-control: max-age=449161
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 newsobserver.com.1035175.js Show response
jsc.mgid.com/n/e/ 240 KB
66 KB 139ms
44ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.cc2bfe8b3680dbe52998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63be8c8283c678f2ad29079a56fafc0a8fcf6dc735686617ab05a75bed8a783

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 76
cf-polished: origSize=245799
last-modified: Tue, 19 Jan 2021 13:04:24 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B6BF78CFE64EB644
x-amz-id-2: PpOGZZMVgt4sqAD3TtvvmBUBhgDHYph2UCe//BOiBFcd2jx1rLy2grVe6SqPQwQhzhkCnDyU74w=
cf-bgj: minify
server: cloudflare
etag: W/"df180ff03ab8db31c179494ffbbde1ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 07d0ba3bb3000010effa9cc000000001
cf-ray: 61615fd91a3c10ef-CPH
expires: Sat, 23 Jan 2021 15:03:56 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 182 KB
60 KB 309ms
203ms Script
application/javascript 35.244.220.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.cc2bfe8b3680dbe52998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.220.155 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 155.220.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:57 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uziy5psmKLcN_nTl8ucab9QbQC_zLDXAZNRGtrV40R3eNJZ91q5FKw_Ifx_LCjIh4XI0oqf1zPc5prkElYs3hn9MaFfEA
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 60625
last-modified: Fri, 22 Jan 2021 08:44:43 GMT
server: UploadServer
etag: "cd29a4c3533e427f1b5c357933c3c1ec"
x-goog-hash: crc32c=NT+O6A==, md5=zSmkw1M+Qn8bXDV5M8PB7A==
x-goog-generation: 1611305083757651
cache-control: no-transform
x-goog-stored-content-length: 60625
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 23 Jan 2022 12:03:57 GMT

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 47 KB
12 KB 103ms
13ms Script
application/javascript 2600:9000:2104:5200:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5200:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d696b1c7d3a849147466eaa17a7423455f801192e2c3f92c29fa031e38d000a6

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 18:37:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 20:07:06 GMT
server: AmazonS3
age: 62806
etag: W/"ef03275095dd99f897af4bbe10a89120"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
cache-control: max-age=84600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: d_EElNj_ZXypVPFr67E-IB4v5CqCr20hvuHX1zIpWlkXDGS6NSBRXw==

GET
H2 200 article248661625.html.js Show response
dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/news/coronavirus/ 277 B
485 B 434ms
344ms Script
application/json 2600:9000:2104:9a00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/news/coronavirus/article248661625.html.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:9a00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 431ade77132529e8336951761cf2a6dc3da4b99229c459e7ee41ebeb7ed3168b

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
content-encoding: gzip
last-modified: Fri, 22 Jan 2021 00:36:11 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "cd19150ac8185bfc0c67c49f53696543"
x-cache: RefreshHit from cloudfront
content-type: application/json; charset=utf-8
via: 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront)
cache-control: max-age=300
accept-ranges: bytes
content-length: 112
x-amz-cf-id: crDjP6dFog6rb9peTFMb1X9YBmUAbUlEglliiH3NgZy9Od8vCJjbWQ==

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 90 KB
21 KB 119ms
32ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.cc2bfe8b3680dbe52998.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5d2f393a2965a96b71af46573ff7a2cb935b1ba0f2f16366d02c1ef428dea91

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:56 GMT
Content-Encoding: gzip
Age: 3075
X-Cache: HIT
Connection: keep-alive
Content-Length: 20945
x-amz-id-2: eZT9mfJ//2Nsqko7fFGdIczK+yOIJgkZZIVEsVrlQ9SdHygRzEAp9evboAhgy7C4vB7B91A/bGk=
X-Served-By: cache-hhn4028-HHN
Last-Modified: Sat, 23 Jan 2021 11:00:11 GMT
Server: AmazonS3
X-Timer: S1611403437.978220,VS0,VE0
ETag: "4e80480f6aae53a6848b2905c10afeb5"
x-amz-request-id: 1B047599BBAD7943
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 8

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame 9267
Redirect Chain

https://web.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserve...
https://www.facebook.com/v3.2/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver...
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%...

0
0

162ms
158ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%26origin%3Dhttps%253A%252F%252Fwww.newsobserver.com%252Ff1d2486539b1324%26relation%3Dparent.parent&container_width=728&height=100&href=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&locale=en_US&numposts=10&sdk=joey&version=v3.2&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=55e791b06077ce856ff5f6f6a453eb74&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%26origin%3Dhttps%253A%252F%252Fwww.newsobserver.com%252Ff1d2486539b1324%26relation%3Dparent.parent&container_width=728&height=100&href=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&locale=en_US&numposts=10&sdk=joey&version=v3.2&width
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: NsynTfigJg17Eehs/7TQyTsVwg63TIFcG7iHIZrA6kBa12gj/P900jUBpQcY0xghxOPHCWoH7KQN5jYYN7RcHw==
date: Sat, 23 Jan 2021 12:03:57 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cc56c772db684%26domain%3Dwww.newsobserver.com%26origin%3Dhttps%253A%252F%252Fwww.newsobserver.com%252Ff1d2486539b1324%26relation%3Dparent.parent&container_width=728&height=100&href=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&locale=en_US&numposts=10&sdk=joey&version=v3.2&width
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: juf1yVBorlgf534e139FO7hCsUVQWuUIJAno/dHFiOejlPJ+hOAvaLVWQIGvGLFDBBUGZtK+QuX+kLvRI4oRyw==
content-length: 0
date: Sat, 23 Jan 2021 12:03:57 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK st.v3.js Show response
www.everestjs.net/static/ 25 KB
8 KB 189ms
34ms Script
application/x-javascript 104.111.234.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/st.v3.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-92.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ee4bf8f0d6bc02cb36fa7e98ef438cd3a33c74212e2171188feb895a0ee3c524

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jan 2021 07:57:17 GMT
Server: Apache
ETag: "1423866d2-65e3-5b89b413d074c"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=53404
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7458
Expires: Sun, 24 Jan 2021 02:54:01 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 50ms
48ms Script
application/x-javascript 2600:9000:2190:6000:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:6000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 11:41:14 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 03:23:55 GMT
server: nginx
age: 1362
etag: W/"5f866f4b-8e0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: MCCWUMEWAkiHlD5ilEi5kANNqQZXjD_OoQihhQdv0OIoMMlWu6wVjA==
expires: Sat, 23 Jan 2021 13:41:14 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/7447/ 42 KB
14 KB 96ms
89ms Script
text/javascript 13.224.102.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/7447/lt.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.cc2bfe8b3680dbe52998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c0f6642ca827ff51cb2d295b316bd5afd79952321ff23ac9abf6becae6df3b7

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 22 Jan 2021 15:12:02 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 15:33:16 GMT
server: AmazonS3
age: 75115
etag: W/"2b01648bcaaf7ffbc8fd0bcfef2992cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vbqv7awvOykxbMKr8tZUI3oSw3r6h-4CtRdt0DviXlH6HlwBKkRiuQ==

GET
H3-Q050 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v11/ Frame 880D 10 KB
10 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 11:00:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:58:43 GMT
server: sffe
age: 90188
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10116
x-xss-protection: 0
expires: Sat, 22 Jan 2022 11:00:48 GMT

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ 1 KB
1 KB 109ms
29ms Script
application/x-javascript 2600:9000:2104:c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 11:31:13 GMT
content-encoding: gzip
last-modified: Mon, 26 Mar 2018 17:43:26 GMT
server: AmazonS3
age: 1969
etag: W/"eeeb10fbb8e6fc7fff11277347add08a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: g1j1uKItWEZAk0Oi8dj1hx0rlCBkeu9SPQj85w3nFKP1NlXjb3Msug==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
394 B 78ms
44ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=274292090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8&dh=newsobserver.com&ul=en-us&de=UTF-8&dt=Story%3A248661625%7CLabcorp%20is%20studying%20COVID-19%20mutations.%20Can%20it%20improve%20US%20tracking%20of%20the%20virus%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=1936071084&gjid=1464030568&cid=405618529.1611403437&tid=UA-48279682-1&_gid=895835239.1611403437&_r=1&_slc=1&cd1=NAO&cd2=News%20and%20Observer&cd3=Story&cd4=News%7C%7C%7C%7C&cd5=Unregistered&cd6=Coronavirus&cd8=Zachery%20Eanes&cd9=2021%2F01%2F21&cd10=2021%2F01%2F21%20H18&cd14=%23new_tab&cd15=%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8&cg1=News%20and%20Observer&cg2=Coronavirus&z=969245773

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 76ms
44ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=274292090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8&dh=newsobserver.com&ul=en-us&de=UTF-8&dt=Story%3A248661625%7CLabcorp%20is%20studying%20COVID-19%20mutations.%20Can%20it%20improve%20US%20tracking%20of%20the%20virus%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=527320920&gjid=1552554390&cid=405618529.1611403437&tid=UA-48280268-1&_gid=895835239.1611403437&_r=1&_slc=1&cd1=NAO&cd2=News%20and%20Observer&cd3=Story&cd4=News%7C%7C%7C%7C&cd5=Unregistered&cd6=Coronavirus&cd8=Zachery%20Eanes&cd9=2021%2F01%2F21&cd10=2021%2F01%2F21%20H18&cd14=%23new_tab&cd15=%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8&cg1=News%20and%20Observer&cg2=Coronavirus&z=1964775750

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 checksub Show response
contributor.google.com/scripts/7df76a16abfcab18:D:6e0e24bc1d03a6c9/ 392 B
1 KB 90ms
74ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7df76a16abfcab18:D:6e0e24bc1d03a6c9/checksub

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.h7Al-YQ32S8.es5.O/d=1/ct=zgms/rs=AJlcJMyaTQLKR6KI0hwoy17U28OtazTYcA/m=contributor

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07ee8c3f28252288042536e599b3a794fd2750bd7b996f05b1300e36994fd9e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R/yiLIgJ93xYxAdHakKmow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-R/yiLIgJ93xYxAdHakKmow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-R/yiLIgJ93xYxAdHakKmow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-R/yiLIgJ93xYxAdHakKmow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I Show response
fundingchoicesmessages.google.com/f/ 79 KB
30 KB 83ms
80ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/gfc.a5710ac4b546a6a19c81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

430254089ebe22f9c97fa0b34b908cdadd7bafb464fece5425c0cc3fa7726c0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U7di8IBfW9U7SGHbEer+hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-U7di8IBfW9U7SGHbEer+hA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-U7di8IBfW9U7SGHbEer+hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-U7di8IBfW9U7SGHbEer+hA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/ 84 KB
13 KB 13ms
11ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61ca98b7cf1605903efe0b6d46e33e2a30fad4df3a99b637134a92f78fd986c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Jan 2021 12:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AAibTtKo+i5nOcHwmlqtnw==
age: 1866
vary: Accept-Encoding
content-length: 13247
cf-request-id: 07d0ba3c850000d6d9fbaf3000000001
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 16:00:20 GMT
server: cloudflare
etag: 0x8D8452223A2FF4E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7d6d724b-901e-00b6-5d0e-b4d61e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61615fda6cabd6d9-FRA

GET
H2 200 1405 Show response
analytics-check.publishersite.xyz/check/ 26 B
391 B 414ms
308ms XHR
application/json 65.9.73.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-check.publishersite.xyz/check/1405
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0464b6125d6f9f3dc1dbe6ef7f1203ea4d60d28141fd98fef1e15004f265ec2e

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:57 GMT
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: d75fb386-ae4f-4254-96d2-d519ff18cf69
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-600c10ad-79fd7eb45e08bec714d47a5d;Sampled=0
x-amz-apigw-id: ZmeLIFX5IAMFXrw=
content-length: 26
x-amz-cf-id: kn96xS7dEva-xrCEflAr3Sb0Hikz-c-yfdg9vHUltled4iewL0a-ig==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 115 KB
37 KB 122ms
72ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: ca5302f20a69cb2fe08a2429cf7268a2d5152d49608b0a954646553c70fd8afd

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:57 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:39 GMT
server: nginx
etag: W/"5ff6ed97-1cb87"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 24 Jan 2021 12:03:57 GMT

GET
H/1.1 200
OK 185522-118148292826456.js Show response
js-sec.indexww.com/ht/p/ 84 KB
26 KB 40ms
37ms Script
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a1bc519de7aeb90c4d8dc7c8dfe2e3d4db4c2447844bc3d57a62eccefcee6987

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:57 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Jan 2021 12:00:31 GMT
Server: Apache
ETag: "90435d-14f94-5b9900d374424"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3502
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 26257
Expires: Sat, 23 Jan 2021 13:02:19 GMT

GET
H/1.1 200
OK userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 135ms
33ms Script
text/javascript 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:56:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300709-1d57-5b232e7ce6dc7"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=27065
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 2419
Expires: Sat, 23 Jan 2021 19:35:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 92ms
91ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

0bf6133aa8386cf54be44a1f354b700f2409be40b5b981469154cdf4e8ffa57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "762 / 291 of 1000 / last-modified: 1611357242"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18907
x-xss-protection: 0
expires: Sat, 23 Jan 2021 12:03:57 GMT

GET
H2 200 ijs_all_modules_cjs_min_ac816a7913cd82f0864893a97a5ce5c5.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 563 KB
137 KB 119ms
27ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_ac816a7913cd82f0864893a97a5ce5c5.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3581/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2e826d9af287405ebd0dfd43fbd58f3ee502970bb3590771dbef0440d216806b

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 16:02:14 GMT
content-encoding: gzip
age: 158503
x-guploader-uploadid: ABg5-UwPreHNw8KDPX446uY-UUwU1EbNb-r8srKsujU0roRMGUU5bBwOyWIqdEsFxiSl-rEOSo1uQkphe4fv8Oyh55s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 140035
last-modified: Thu, 21 Jan 2021 16:02:02 GMT
server: UploadServer
etag: "41e802c5a3a97d00e636d83710a15d7a"
vary: Accept-Encoding
x-goog-hash: crc32c=oFNUdg==, md5=QegCxaOpfQDmNtg3EKFdeg==
x-goog-generation: 1611244922279980
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 140035
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 21 Jan 2022 16:02:14 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
1 KB 464ms
175ms Script
text/javascript 52.203.172.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&ntv_0=8&ntv_1=4&ntv_2=0&ntv_3=6&ntv_4=6&ntv_5=9&ntv_6=,&ntv_7=7&ntv_8=7&ntv_9=5&ntv_10=5&ntv_11=6&ntv_12=3&ntv_13=,&ntv_14=8&ntv_15=4&ntv_16=4&ntv_17=3&ntv_18=5&ntv_19=2&ntv_utf8Encode=function(){return%20unescape(encodeURIComponent(this))}&ntv_utf8Decode=function(){try{return%20decodeURIComponent(escape(this))}catch(e){return%20this}}&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.172.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 57f2a33d73e7e94767f1e25a58cc3d1808841458a93ac4b435b458ad18586867

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:57 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 919
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK 6219064173001 Show response
edge.api.brightcove.com/playback/v1/accounts/5502557042001/videos/ 8 KB
9 KB 37ms
35ms Fetch
application/json 65.9.84.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5502557042001/videos/6219064173001
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-e65f7076b4fea8f89d30.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.191 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fd137326b89532fdf83d7c325094afadf197beca5fb6e3a1db3ac8ef291a626f

Request headers

Accept: application/json;pk=BCpkADawqM020Jtoc4xRwXmpxWzo0vaPRYEnr4ybyVRuxzGu3CRt7xji0A9FO0iEhrJVxf5LHvbkuA_ndlpr1A6wOz2MN5pD6wASLzaIUo3C8FF0zHoGMkkhGd107QVtHEqRNY8U96JKaPba
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:57 GMT
Powered-From: eu-central-1a
Bcov-Request-Id: d00be2f9-c123-499e-af89-63cb420370c1
Age: 77
Policy-Key-Accountid: 5502557042001
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 7835
Via: 1.1 varnish, 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
X-Served-By: cache-ams21023-AMS
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM020Jtoc4xRwXmpxWzo0vaPRYEnr4ybyVRuxzGu3CRt7xji0A9FO0iEhrJVxf5LHvbkuA_ndlpr1A6wOz2MN5pD6wASLzaIUo3C8FF0zHoGMkkhGd107QVtHEqRNY8U96JKaPba
X-Timer: S1611403437.477976,VS0,VE1
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: V4zG6LdWXFo93rU67GEnWKuaoDvl09QvIfpJJ7OmaqvL554YbCmXDg==
X-Cache-Hits: 1

OPTIONS
H/1.1 200
Unknown Error 6219064173001
edge.api.brightcove.com/playback/v1/accounts/5502557042001/videos/ Frame 0
0 59ms
58ms Other 65.9.84.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5502557042001/videos/6219064173001
Protocol: HTTP/1.1
Server: 65.9.84.191 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.newsobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Sat, 23 Jan 2021 12:03:57 GMT
Via: 1.1 varnish, 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
X-Served-By: cache-ams21082-AMS
X-Cache-Hits: 0
X-Timer: S1611403437.412036,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: h_nceamyS5eW5E9zXBIfUh0sUCsrRIjhT4bCo-W9ILAIgFyH6-pKwQ==

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/94027/ Frame B3A4
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/94027/connatix.playspace.dc.js

1 MB
255 KB

79ms
32ms

Script
application/javascript

151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/94027/connatix.playspace.dc.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5cfbe1d1b6f89830e67a0b09f213d0cb22ca3a1a8995aea9fa3006216cc146a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Gh9.mGrPJ6_FqHj_UE5ulZQu2hxe9qH.
via: 1.1 varnish, 1.1 varnish
etag: "42e9a658a92aa5e8652d7fd1c27a04b1"
age: 86683
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: gzip
content-length: 261151
x-served-by: cache-dca17740-DCA, cache-fra19123-FRA
last-modified: Fri, 22 Jan 2021 11:24:38 GMT
x-timer: S1611403438.081759,VS0,VE0
date: Sat, 23 Jan 2021 12:03:58 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 8717

Redirect headers

date: Sat, 23 Jan 2021 12:03:57 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-fra19123-FRA
x-cache: HIT
location: https://cds.connatix.com/p/94027/connatix.playspace.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1611403438.674216,VS0,VE0
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 129ms
57ms Script
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.cc2bfe8b3680dbe52998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:01:26 GMT
content-encoding: gzip
server: Server
age: 150
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 362b298821815168614ba932732916eb.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id: Vshq77TalYq8dVnhcZ2Z6YX-OTJhpfppWYgnkiCvfI7nG2WHwVAEtQ==

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 43C6 1 KB
1 KB 40ms
38ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sun, 24 Jan 2021 12:03:57 GMT

POST
H2 200 pixel_599167e4 Show response
www.newsobserver.com/akam/11/ 0
610 B 41ms
41ms XHR
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/11/pixel_599167e4
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/akam/11/599167e4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:57 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Sat, 23 Jan 2021 12:03:57 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-48279682-1&cid=405618529.1611403437&jid=1936071084&gjid=1464030568&_gid=895835239.1611403437&_u=YFDAAAAACAAAAC~&z=991574590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 23 Jan 2021 12:03:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 435ms
107ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&page=Labcorp%20gets%20CDC%20contract%20to%20study%20COVID%20variants%20%7C%20Raleigh%20News%20%26%20Observer&sec=Coronavirus&prem=1&ptype=Story&auth=Zachery%20Eanes&artpubt=1611270000&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&tid=774c669c-2d71-4b05-a279-8b2eb6ab313f&pid=6bffdacf-1e1e-4c7a-ac0f-8e39784d7696&dtm=1611403437999&qnm=_matherq&vp=1600x1200&ds=1600x7201&tofa=1611403438&vid=1&duid=fe5a29908c9885d6&fp=606422418&cid=ma12095&mrk=74930332&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJOZXdzfHx8fCJdXX0sImlkZW50aXR5Ijp7InBheXdhbGxVc2VySWQiOiJ0Z3QyOmM4N2E2MmYyZjE1NWI5OTk4OTJkNGU1YzE0YTFkOWJlIn0sInBlcmYiOnsic3RhcnQiOiIxNjExNDAzNDMzMTY4IiwicmVkaXJDbnQiOiIwIiwibmF2VHlwZSI6ImxpbmsiLCJoZWFwVSI6IjIyLjMwNDY1Nm1iIiwiaGVhcFQiOiIyNi43MzE5MDhtYiIsImZldGNoUyI6IjkxNCIsImRvbWFpblMiOiI5MTUiLCJkb21haW5FIjoiOTE3IiwiY29ublMiOiI5MTciLCJjb25uRSI6Ijk5MyIsInNzbFMiOiI5MzQiLCJyZXF1UyI6Ijk5MyIsInJlc3BTIjoiMjA5MyIsInJlc3BFIjoiMjExNSIsImRvbUxvYWQiOiIyMzE0IiwiZG9tSW50ZXIiOiIzMzM0IiwiZG9tTG9hZFMiOiIzNjk5IiwiZG9tTG9hZEUiOiIzNzM5In0sImtleXdvcmRzIjpbInZhcmlhbnQiLCJlbmdsYW5kIiwiY29yb25hdmlydXMiLCJsYXBjb3JwIiwiQ0RDIiwibXV0YXRpb25zIl19
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-41-31.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:58 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
254 B 73ms
32ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-48279682-1&cid=405618529.1611403437&jid=1936071084&_u=YFDAAAAACAAAAC~&z=142559176

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 71ms
29ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-48279682-1&cid=405618529.1611403437&jid=1936071084&_u=YFDAAAAACAAAAC~&z=142559176

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 pdp.gif
www.newsobserver.com/static/yozons-lib/ 316 B
316 B 55ms
49ms Image
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX25hb18yMTE2NjYzOTk5MDU4MzI5MzIzMzgyMTI0ODE1OTQwNTE4OTEwMl8xNjExNDAzNDM2MTgzIiwiZG9tSW50ZXJhY3RpdmUiOjMzMzQsInJlcXVlc3RTdGFydCI6OTk0LCJ6ZXVzUmVxdWVzdGVkIjozMDkxfQ==
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 06a67cc9ad753acc29fe18dcc67f6efa5ffe7757598a96ee8926635265b03574

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 316
expires: Sat, 23 Jan 2021 12:03:58 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/newsobserver.com/ 63 KB
23 KB 149ms
44ms Script
application/x-javascript 65.9.69.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/newsobserver.com/p.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/parsely.98985427f54cbd6b8fb6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c664bd4b6cf1dba327178e01b9d42668cace42a35112dbc5d8651f277f6027cf

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Fri, 22 Jan 2021 18:00:37 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 00:29:57 GMT
server: nginx
age: 64962
etag: W/"5e853205-fb30"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Cr99VftwmxHGvx0-syJJ80ocQQi0NNJvgqiDRqdeRp2Ywf4WnaOKtg==
expires: Sat, 23 Jan 2021 18:00:37 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 109ms
107ms Image
image/gif 52.4.26.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsobserver.com&p=%2Farticle248661625.html&u=2cNUHc22AsDwnljr&d=newsobserver.com&g=62447&g0=Coronavirus%2CNormal-Paywalled&g1=Zachery%20Eanes&n=1&f=00001&c=0&x=0&m=0&y=7201&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4947&t=BlpFfj6cklHDp3lnxB4u-i_BbLtFb&V=121&i=Labcorp%20gets%20CDC%20contract%20to%20study%20COVID%20variants%20%7C%20Raleigh%20News%20%26%20Observer&tz=-60&sn=1&sv=CCFoWgBr_KZGCKfnlYBEygxlCw62PX&sd=1&im=06630efe&_
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.26.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-26-179.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 check Show response
connect.scroll.com/embed/ 0
230 B 260ms
168ms XHR
application/json 35.201.100.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.scroll.com/embed/check

Requested by

Host: static.scroll.com
URL: https://static.scroll.com/js/scroll.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.100.179 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

179.100.201.35.bc.googleusercontent.com

Software

Jetty(9.4.30.v20200611) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https: http:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
via: 1.1 google
server: Jetty(9.4.30.v20200611)
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
content-security-policy: frame-ancestors https: http:;
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202101191641/ 191 KB
58 KB 35ms
32ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202101191641/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80d0ab91122473a56997d9d1c98271852ec7ffb3ad0a8c0c3cc0c7020268c435

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:58 GMT
Content-Encoding: gzip
Age: 851
X-Cache: HIT
Connection: keep-alive
Content-Length: 58310
x-amz-id-2: H0ddfTTmtGr6vbRp8jwkDy+MeJTeYtGlDam4hFjMbzn3nBwECpHQMhMqkGCKYblBL930pNcGo1c=
X-Served-By: cache-hhn4028-HHN
Last-Modified: Tue, 19 Jan 2021 21:59:30 GMT
Server: AmazonS3
X-Timer: S1611403438.195945,VS0,VE0
ETag: "90af6c31a1a14e782b0e6458652b39ae"
x-amz-request-id: 8793BC7BDCAD6D7C
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1192

GET
H3-Q050 200 css
fonts.googleapis.com/ 22 KB
1 KB 17ms
14ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Jan 2021 11:20:06 GMT
server: ESF
date: Sat, 23 Jan 2021 12:03:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Jan 2021 12:03:58 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
572 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Jan 2021 11:55:46 GMT
server: ESF
date: Sat, 23 Jan 2021 12:03:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Jan 2021 12:03:58 GMT

GET
H2 200 pixel;r=583659927;labels=NAO;rf=0;uht=2;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D889...
pixel.quantserve.com/ 35 B
371 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=583659927;labels=NAO;rf=0;uht=2;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab;fpan=1;fpa=P0-1356890090-1611403438373;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=newsobserver.com;je=0;sr=1600x1200x24;dst=1;et=1611403438372;tzo=-60;ogl=site_name.Raleigh%20News%20%26%20Observer%2Ctype.article%2Ctitle.Labcorp%20is%20studying%20COVID-19%20mutations%252E%20Can%20it%20improve%20US%20tracking%20of%20the%20virus%3F%2Curl.https%3A%2F%2Fwww%252Enewsobserver%252Ecom%2Fnews%2Fcoronavirus%2Farticle248661625%252Ehtml%2Cdescription.North%20Carolina-based%20Labcorp%20hopes%20to%20improve%20the%20United%20States%E2%80%99%20ability%20to%20trac%2Cimage.https%3A%2F%2Fwww%252Ethestate%252Ecom%2Flatest-news%2Fhi0fj1%2Fpicture241477646%2Falternates%2FLANDSCAP

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 / Show response
geo.rlcdn.com/ 123 B
349 B 163ms
126ms Fetch
application/json 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.rlcdn.com/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 5d2224ca29d8b6f9b56bff863843287704ffbbc80c9db432229b19e8c803054c

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
content-encoding: gzip
etag: W/"7b-Of9lGuGNqyN/OETvdyNe5EiL6jk"
server: Google Frontend
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 25e1dcdfa58f010bd05f71016ae2e6d8
cache-control: private
content-length: 134

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
4 KB 17ms
16ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Jan 2021 12:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NgHQTHCGWwGmNE0ie37G8A==
age: 2448152
vary: Accept-Encoding
content-length: 3248
cf-request-id: 07d0ba41650000d6d90b353000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1b064c31-e01e-007e-293b-db4729000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61615fe23c79d6d9-FRA
expires: Sun, 31 Jan 2021 12:03:58 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 61 KB
15 KB 25ms
24ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Jan 2021 12:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ebGLXbyX4UjJx8DgFc7F7g==
age: 2448152
vary: Accept-Encoding
content-length: 14901
cf-request-id: 07d0ba41650000d6d960083000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:17 GMT
server: cloudflare
etag: 0x8D84A3B55B1B344
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 85576d5e-101e-0164-583b-db2e13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61615fe23c7cd6d9-FRA
expires: Sun, 31 Jan 2021 12:03:58 GMT

POST
H3-Q050 204 AGSKWxUgvkFXoiT2ueUZgYvwaxTsF6YwPPKI13sE1RJU9DYh-IBDPRJxUscAQ3yRlVjelf4UgaxzDcx9keC6_ENn Show response
fundingchoicesmessages.google.com/l/ 0
336 B 101ms
58ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUgvkFXoiT2ueUZgYvwaxTsF6YwPPKI13sE1RJU9DYh-IBDPRJxUscAQ3yRlVjelf4UgaxzDcx9keC6_ENn?pvid=134DBDC6-9428-4C53-906B-73EB3733D5E9&anonid=BB31E40F-C743-4C94-975A-F0083198A0A7

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.wiKGf8R0BWM.es5.O/d=1/ct=zgms/rs=AJlcJMw0R1y-2Wj6DLTBS2ypEYtg-D5RoA/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uzExQ/cYXUcbzpRjVx4BRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uzExQ/cYXUcbzpRjVx4BRA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-uzExQ/cYXUcbzpRjVx4BRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uzExQ/cYXUcbzpRjVx4BRA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUgvkFXoiT2ueUZgYvwaxTsF6YwPPKI13sE1RJU9DYh-IBDPRJxUscAQ3yRlVjelf4UgaxzDcx9keC6_ENn Show response
fundingchoicesmessages.google.com/l/ 0
809 B 63ms
21ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AX9sjMSLBwVvlq8nUe00Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-AX9sjMSLBwVvlq8nUe00Gw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-AX9sjMSLBwVvlq8nUe00Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-AX9sjMSLBwVvlq8nUe00Gw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUgvkFXoiT2ueUZgYvwaxTsF6YwPPKI13sE1RJU9DYh-IBDPRJxUscAQ3yRlVjelf4UgaxzDcx9keC6_ENn Show response
fundingchoicesmessages.google.com/l/ 0
338 B 34ms
33ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KShkP+2CUWJI9yWj+hyqcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KShkP+2CUWJI9yWj+hyqcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-KShkP+2CUWJI9yWj+hyqcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KShkP+2CUWJI9yWj+hyqcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxVdzm_G--j7BAothJU5Tvwm-cs1_TZMu8Dj8yPEOk5a2mf8r4l2DTUxRQtpkfiQWorzI7RZ3NFkQ7Ju7Geh Show response
fundingchoicesmessages.google.com/f/ 77 KB
30 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVdzm_G--j7BAothJU5Tvwm-cs1_TZMu8Dj8yPEOk5a2mf8r4l2DTUxRQtpkfiQWorzI7RZ3NFkQ7Ju7Geh?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjExNDAzNDM4LDU0MDAwMDAwMF0sIjEzNERCREM2LTk0MjgtNEM1My05MDZCLTczRUIzNzMzRDVFOSIsIkJCMzFFNDBGLUM3NDMtNEM5NC05NzVBLUYwMDgzMTk4QTBBNyIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb45be15a19e87505b82735f88234a6543c1706e202d73fb43d1c011374cc463

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2BbNBCvpGAjn8ug+XHRvVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2BbNBCvpGAjn8ug+XHRvVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-2BbNBCvpGAjn8ug+XHRvVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2BbNBCvpGAjn8ug+XHRvVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video_info Show response
context.iris.tv/ 243 B
584 B 136ms
41ms XHR
application/json 13.224.102.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5502557042001&platform_id=6219064173001
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-104.zrh50.r.cloudfront.net
Software: Zer01ne /
Resource Hash: 2827309242926f6f8b9379dbd5a44cbb243b3adeb6274ceb1692264788173f6a

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:02:41 GMT
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
server: Zer01ne
age: 77
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop: ZRH50-C1
x-robots-tag: noindex, follow
x-amz-cf-id: Es0t2ZuwSx428N6uaunWQzueHkUk4zVTVYd_U1zPeLqloue-utTGYw==

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 438ms
112ms XHR
text/xml 52.46.131.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.46.131.209 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: db7441741bf568b12ca703882c58b6d0a05841defeca77fdbce0c21977a75c0a

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 23 Jan 2021 12:03:59 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 40e89e63-f6e6-5ab2-8763-c6e5e40961cf
Content-Length: 378
Content-Type: text/xml

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 43C6
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1611403438676&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Labcorp%20gets%20CDC%20contract%20to%20study%20COVID%20variants%20%7C%20Raleigh%20News%20%26%20Ob...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1611403438676&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Labcorp%20gets%20CDC%20contract%20to%20study%20COVID%20variants%20%7C%20Raleigh%20News%20%26%20O...

0
528 B

35ms
34ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1611403438676&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Labcorp%20gets%20CDC%20contract%20to%20study%20COVID%20variants%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8&c9=&cs_ak_ss=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 12:03:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1611403438676&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Labcorp%20gets%20CDC%20contract%20to%20study%20COVID%20variants%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sat, 23 Jan 2021 12:03:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 109ms
108ms Image
image/gif 52.203.172.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4517786&ntv_pl=775563
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.172.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 112ms
110ms Image
image/gif 52.203.172.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=606f58d8-daa5-4afe-8c6b-3308d1dfd053&ntv_fl=7uDOAz88QViW5FhnhWWSVVJWfUVJQ-uiLvAjC-KTaIVju4Rleyqs6PO89VW79Rrp&ntv_ht=rRAMYAA&ntv_at=303,302&ntv_a=AAAAAAAAAA-8EQA&ord=1611403438717&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.172.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 112ms
111ms Image
image/gif 52.203.172.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=606f58d8-daa5-4afe-8c6b-3308d1dfd053&ntv_fl=7uDOAz88QViW5FhnhWWSVVJWfUVJQ-uiLvAjC-KTaIVju4Rleyqs6PO89VW79Rrp&ntv_ht=rRAMYAA&ntv_at=323&ntv_a=AAAAAAAAAA-8EQA&ntv_jtr=5&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.172.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 110ms
109ms Image
image/gif 52.203.172.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=606f58d8-daa5-4afe-8c6b-3308d1dfd053&ntv_fl=7uDOAz88QViW5FhnhWWSVVJWfUVJQ-uiLvAjC-KTaIVju4Rleyqs6PO89VW79Rrp&ntv_ht=rRAMYAA&ntv_at=808&ntv_a=AAAAAAAAAAi9ULA&ntv_sat=15&ord=1611403438721&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.172.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 113ms
111ms Image
image/gif 52.203.172.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=775563&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.172.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 112ms
33ms XHR
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 12929
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
date: Sat, 23 Jan 2021 12:02:41 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: APuv3afwsMMBIGaKzK4GyfpNa8NNx29yontWkELpWZ6csat1s-YdIA==

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
201 B 57ms
53ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
547 B 53ms
51ms XHR
application/json 99.80.71.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185522
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.71.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-71-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b066411fa8c7e8b54b9104aef3713a41c92d831633b7535fe437c70386789a99

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 22 Feb 2021 12:03:58 GMT

GET
H3-Q050 200 pubads_impl_2021012001.js Show response
securepubads.g.doubleclick.net/gpt/ 273 KB
97 KB 126ms
65ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069859

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

d82439f1cc267511ad24334015165ee5a382a7e6ba8164d6de02404664be324a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Jan 2021 09:39:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98873
x-xss-protection: 0
expires: Sat, 23 Jan 2021 12:03:58 GMT

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 57 B
406 B 453ms
148ms XHR
application/json 35.190.95.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_ac816a7913cd82f0864893a97a5ce5c5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.95.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.95.190.35.bc.googleusercontent.com
Software: /
Resource Hash: a5685eccf0e32f2c9569081bce0bc3222fa3ce9c063ea99b333bd2bd75611ebb

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 12:03:59 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 100 B
449 B 369ms
165ms XHR
application/json 130.211.9.87
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_ac816a7913cd82f0864893a97a5ce5c5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.9.87 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 87.9.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 73f5c59e32e405fd7bb3d104ee914074eaac46f35f673aad31abe13076013f34

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 12:03:59 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 57 B
406 B 450ms
149ms XHR
application/json 35.186.214.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_ac816a7913cd82f0864893a97a5ce5c5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.214.121 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: f22e3229c1ef7cd156f0914fba15d711eae0b9ff778b605b513deb28a90fc0ba

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 12:03:59 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 15:35:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 160105
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 21 Jan 2022 15:35:33 GMT

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame EAC8 0
0 137ms
63ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_218=22978-YAwQrAAAAFL2dh-H&KRTB&23194-YAwQrAAAAFL2dh-H&KRTB&23209-YAwQrAAAAFL2dh-H&KRTB&23244-YAwQrAAAAFL2dh-H; PugT=1611403437; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=160446
Expires: Mon, 25 Jan 2021 08:38:05 GMT
Date: Sat, 23 Jan 2021 12:03:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 1 Show response
servicer.mgid.com/1035175/ 990 B
1 KB 77ms
73ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1035175/1?w=728&h=340&cols=1&pv=5&cbuster=1611403438942780209975&uniqId=0e390&uspString=1---&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html&lu=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&pageView=1&pvid=1772f212b5e9474a3f8&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd97087328fa882aa0237107600dfb3bcb4d2eabe0d5089f1fb190d21743c0a

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61615fe59ce010ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d0ba437e000010ef6a061000000001

GET
H/1.1 200
OK /
srv-2021-01-23-12.pixel.parsely.com/plogger/ 43 B
229 B 453ms
107ms Image
image/gif 3.213.50.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2021-01-23-12.pixel.parsely.com/plogger/?rand=1611403439021&plid=59422676&idsite=newsobserver.com&url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&sref=&sts=1611403438997&slts=0&title=Labcorp+gets+CDC+contract+to+study+COVID+variants+%7C+Raleigh+News+%26+Observer&date=Sat+Jan+23+2021+13%3A03%3A59+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=30765591&u=pid%3Dcbd11418aac13e872f5ec6ffb73fc1b3
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.50.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:03:59 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/94027/ 105 KB
15 KB 45ms
44ms Stylesheet
text/css 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/94027/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 82cc27ebdaae2e3aeef095244fd93e5173c2d5d17a323772c7f9be324cf4d5f7

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hiBVy.4bc2Cn7..U8AAHe2vpEdX5dxSg
via: 1.1 varnish, 1.1 varnish
etag: "af406418ac77fe193326fb61bd0f58b4"
age: 86686
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: gzip
content-length: 15365
x-served-by: cache-dca17722-DCA, cache-fra19123-FRA
last-modified: Fri, 22 Jan 2021 11:24:38 GMT
x-timer: S1611403439.207379,VS0,VE0
date: Sat, 23 Jan 2021 12:03:59 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 8444

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557042001/b823c3ee-fad8-4b8c-90aa-8ca672bbddf7/10s/ 6 KB
7 KB 20ms
19ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557042001/b823c3ee-fad8-4b8c-90aa-8ca672bbddf7/10s/master.m3u8?fastly_token=NjAzMGZlMzlfYTRkOTY1Nzg2NzU2NGRhYTZiYTY0YTc5MDUxYTg3YWEyOTliMTVmMTY2ZTEyNWYyM2JlZmZlMzNlZWMzNjM1Ng%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-e65f7076b4fea8f89d30.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 34cbd74d41de3452efb5ea8edc8efcf94e39284d538069df8bf2af4797cde544

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:59 GMT
via: 1.1 varnish
age: 19030
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-hhn4033-HHN
x-device-group: desktop-chrome
x-timer: S1611403439.241799,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 112ms
111ms Image
image/gif 52.4.26.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsobserver.com&p=%2Farticle248661625.html&u=2cNUHc22AsDwnljr&d=newsobserver.com&g=62447&g0=Coronavirus%2CNormal-Paywalled&g1=Zachery%20Eanes&n=1&f=00001&c=0.02&x=0&m=0&y=7239&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=4947&t=BlpFfj6cklHDp3lnxB4u-i_BbLtFb&V=121&tz=-60&_acct=anon&sn=2&sv=CCFoWgBr_KZGCKfnlYBEygxlCw62PX&sd=1&im=06630efe&_
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.26.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-26-179.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
BLOB 200
OK 81b258bb-3871-4d3c-a7a7-7a952f07ac65
https://www.newsobserver.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/81b258bb-3871-4d3c-a7a7-7a952f07ac65
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557042001/b823c3ee-fad8-4b8c-90aa-8ca672bbddf7/851c5829-f006-484f-a0ce-7a78aea67c34/10s/ 3 KB
3 KB 166ms
165ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557042001/b823c3ee-fad8-4b8c-90aa-8ca672bbddf7/851c5829-f006-484f-a0ce-7a78aea67c34/10s/rendition.m3u8?fastly_token=NjAzMGI0MzFfNDc0NzFhNDI2NTlkZThlNTJjM2ZjZDk3ZjgyZWJkOTE5NjcwNzE2NGYxMjkyMDc2N2RiZDUyOGVlZWYwZGJhOA%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-e65f7076b4fea8f89d30.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 71fd497e6c097314e1e11f413cf9d68fa62e7eaa7954405cd5d2e65a03ab303d

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:59 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 3265
x-served-by: cache-hhn4033-HHN
x-device-group: desktop-chrome
x-timer: S1611403439.476951,VS0,VE160
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 IrisUpNext.css
ovp.iris.tv/libs/adaptive/styles/v2/ 14 KB
14 KB 13ms
12ms Stylesheet
text/css 2600:9000:206f:9c00:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/v2/IrisUpNext.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: wvkxUhCS82NPYaTWHesnpN1q5vhFHa5Q
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified: Mon, 11 Feb 2019 19:50:18 GMT
server: AmazonS3
age: 3680700
etag: "840c928a4f9a6d6ee5ca76af8031b7ea"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, must-revalidate
date: Fri, 11 Dec 2020 21:38:59 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 14368
x-amz-cf-id: AJ3_PrPu9MPtXbYhUND1YCOT2MS_0EQR8aa9AUPiHpLvJmrQtC8YZQ==

GET
H2 200 IrisButtons.css
ovp.iris.tv/libs/adaptive/styles/ 6 KB
6 KB 27ms
12ms Stylesheet
text/css 2600:9000:206f:9c00:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/IrisButtons.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Dec 2020 21:58:45 GMT
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified: Thu, 10 Dec 2020 21:56:44 GMT
server: AmazonS3
age: 3765915
etag: "e54832afd18f0ed157b8160ac7e4a9d2"
x-cache: Hit from cloudfront
x-amz-version-id: CcqFDVhLmj7fMBiS5W3t1iFW3PtkExjg
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: text/css
content-length: 6053
x-amz-cf-id: zN56o0rhHU0L2GVgN_iMTTUd7TLnraYij0RLd24qSgW6pRn-TF5V6w==

GET
H3-Q050 200 bridge3.435.0_en.html
imasdk.googleapis.com/js/core/ Frame 4160 0
0 7ms
6ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.435.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.435.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192723
date: Tue, 19 Jan 2021 21:36:27 GMT
expires: Wed, 19 Jan 2022 21:36:27 GMT
last-modified: Tue, 19 Jan 2021 21:30:48 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 311252
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
10 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:81a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Sat, 23 Jan 2021 12:03:59 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5502557042001/b823c3ee-fad8-4b8c-90aa-8ca672bbddf7/54653d13-7d59-4afa-8262-cf7b04ff5d0e/1280x720/match/ 230 KB
231 KB 116ms
35ms Image
image/jpeg 65.9.82.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5502557042001/b823c3ee-fad8-4b8c-90aa-8ca672bbddf7/54653d13-7d59-4afa-8262-cf7b04ff5d0e/1280x720/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.82.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: 9135fdb75e5459c7d3c878afb88824cfe8d4801fb378ddb09830aaabd5f8dc25

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 01:26:40 GMT
Via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 211039
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: EAbJEr4RBV5qtiMI2TVdi8TlQurfGZTzEUFLVcvRTvWmC8HvMNU0yA==
Expires: Fri, 21 Jan 2022 01:26:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 47ms
42ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsobserver.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jan 2021 12:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

POST
H3-Q050 204 AGSKWxUgvkFXoiT2ueUZgYvwaxTsF6YwPPKI13sE1RJU9DYh-IBDPRJxUscAQ3yRlVjelf4UgaxzDcx9keC6_ENn Show response
fundingchoicesmessages.google.com/l/ 0
358 B 25ms
24ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qf0TMQ0C0KYWE6aP995/Lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-qf0TMQ0C0KYWE6aP995/Lw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:03:59 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-qf0TMQ0C0KYWE6aP995/Lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-qf0TMQ0C0KYWE6aP995/Lw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
715 B 67ms
66ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 12:03:59 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.36:80
AN-X-Request-Uuid: 8c92b08f-e2bc-4575-a4df-97859304c149
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
150 B 111ms
46ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=103&profileId=184&cb=82138358703
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Sat, 23 Jan 2021 12:03:59 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
416 B 113ms
112ms XHR
text/javascript 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=210842&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A25093878%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22577299%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22577300%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22577301%22%7D%2C%22id%22%3A%223%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22bba85c90-f21f-4e98-a598-1bd06d7fc244%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-01-23T12%3A03%3A58%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 369a895eed90d7206b42100169e782041d5461803a96448b84dacfc7df043867

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:59 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.newsobserver.com
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 10
expires: Sat, 23 Jan 2021 12:03:59 GMT

GET
H2

200

arj Show response
mcclatchy-d.openx.net/w/1.0/
Redirect Chain

https://mcclatchy-d.openx.net/w/1.0/arj?auid=541167014&aus=970x250,728x90,970x90&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac...
https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014&aus=970x250,728x90,970x90&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html...

190 B
373 B

147ms
144ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014&aus=970x250,728x90,970x90&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&res=1600x1200x24&tz=-60&nocache=1611403439674&us_privacy=1---
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: bbc37a2be881006b66a7045a29d441ee695c45c7c6f70db129b16738afff45da

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:59 GMT
content-encoding: gzip
server: OXGW/16.200.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newsobserver.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 177
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 23 Jan 2021 12:03:59 GMT
via: 1.1 google
server: OXGW/16.200.0
location: https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014&aus=970x250,728x90,970x90&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&res=1600x1200x24&tz=-60&nocache=1611403439674&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 204ms
94ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Sat, 23 Jan 2021 12:03:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 257 B
2 KB 240ms
95ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80324&tk_flint=custom&slots=1&size_id=2&alt_size_ids=55%2C57&zone_id=493154&rp_floor=0.01&us_privacy=1---
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3839b45c2234e9c32b4c3bd619bf2d57f8f261e75b286a2d915fa789c1981287

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 12:03:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 257
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
374 B 79ms
74ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&pid=lA29tChjYXicp&cb=0&ws=1600x1200&v=7.58.01&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F7675%2FRAL.site_newsobserver%2FNews%22%7D%5D&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:59 GMT
via: 1.1 362b298821815168614ba932732916eb.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: naIGNn_Bvtkm7qPXEyi96uuG1ezsBO6zHEJbzcoYp2Cf60UDdjyybQ==

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 19:56:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 58044
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 22 Jan 2022 19:56:35 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
672 B 87ms
73ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1611403439791106991935
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c192ec382ada1d39cfeddad960ff5054658703f0c0f03d2ce708b98844c13390

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6dc884d5-0376-4596-bfdb-2308a8b7fb38
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61615feadd8610ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d0ba46c6000010ef419ac000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 3EA8 19 B
319 B 82ms
73ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1611403439797509627476
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:03:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: df26467f-f6af-492f-aae3-f24431f5383a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61615feadd8810ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d0ba46c5000010ef5d3d0000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp
s-img.mgid.com/g/3944304/492x277/0x0x758x505/ 19 KB
19 KB 33ms
28ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944304/492x277/0x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp?v=1611403439-jw1XzR9aFlOPo7LBG4JykLoeKUYHUBLzQJgwj0gJkF4
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b24555211c2b44bfc9d83befefeb792fb7af40988f8a5ac3483177f44bec544

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:59 GMT
cf-cache-status: HIT
x-mg-request-uuid: 18cc288a-b44e-478f-a417-fb21f557366b
age: 7287994
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18994
cf-request-id: 07d0ba46c5000010ef3eb10000000001
last-modified: Mon, 05 Oct 2020 11:32:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61615feadd8910ef-CPH

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame B3A4 147 B
459 B 501ms
123ms XHR
multipart/form-data 3.140.46.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=94027
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.46.189 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: 999ef24fa00df5faa1987431dd09b928ff763f170e9b5f100a46ba4315fc2397

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 23 Jan 2021 12:04:00 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.newsobserver.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 151

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557042001/b823c3ee-fad8-4b8c-90aa-8ca672bbddf7/eeb0d797-6a15-45dd-886b-978ee11041ec/10s/ 3 KB
3 KB 14ms
13ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557042001/b823c3ee-fad8-4b8c-90aa-8ca672bbddf7/eeb0d797-6a15-45dd-886b-978ee11041ec/10s/rendition.m3u8?fastly_token=NjAzMGI0MzFfZTA1NGEyZmQwMTM4YjhmMGY1OGZmMDJiOGM3NGI5MDA3ZGU1ZGFlMDdjYjgwYWI1OGQzNjIwZTRkNGVjNjM5Mw%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-e65f7076b4fea8f89d30.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 14f1dda13ace6c11613648fee7dfa6279f6bf2b2c0852b59b86219766e85ec39

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:59 GMT
via: 1.1 varnish
age: 705857
x-powered-by: BC
x-cache: HIT
content-length: 3258
x-served-by: cache-hhn4033-HHN
x-device-group: desktop-chrome
x-timer: S1611403440.848976,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

POST
H2 204 events
bidder.criteo.com/csm/ 0
150 B 38ms
36ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Sat, 23 Jan 2021 12:03:59 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 26ms
24ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:59 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 18 Jan 2022 12:03:59 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 27ms
25ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:03:59 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 18 Jan 2022 12:03:59 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
318 B 139ms
69ms XHR
text/plain 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=210842&u=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 12:04:00 GMT
Server: Apache
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sat, 23 Jan 2021 12:04:00 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame EE9C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

113ms
38ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1611403439791106991935
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KK9O03Q3-1L-CS5A; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu/Q5+nJKR+svD2qDwuqE0LMXkn5Qlyqng06zAJbpC9zOvGMF3Jx/AX1DKVYI/iiF8/WWQzTX+vLxkA/aUD0yeAzZMcw2JwqaeyeKw/LSOkKrQ==; ses2=; vis2=80324^1; audit=1|hLZGFuTafB1uA/+h7FXSyRSNte0ann5GaY8+iCPW+RhcBTk1WyWpeM4KiyMOkcceVoYYKZGgNQ1o2B05UvZjLwBWcLulhnhW0A+VO7RH1E0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Sat, 23 Jan 2021 12:04:00 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sat, 23 Jan 2021 12:04:00 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l0nXmBZUgM34
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l0nXmBZUgM34
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=f2187d77-2f94-40b1-8b59-3d6aa61a112b&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

68 B
263 B

155ms
35ms

Image
image/png

18.193.131.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=f2187d77-2f94-40b1-8b59-3d6aa61a112b&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.131.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:00 GMT
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=f2187d77-2f94-40b1-8b59-3d6aa61a112b&seat_user_id=&seat_key= &gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date: Sat, 23 Jan 2021 12:04:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=VuMlkazyNtUMRD0q0GD6&pi=mgid&tc=1

43 B
377 B

94ms
85ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=VuMlkazyNtUMRD0q0GD6&pi=mgid&tc=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: e9b28d7e-420c-4bb1-a89f-634dd3ec6d3a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61615fee0b4010ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d0ba48c6000010ef2494d000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=VuMlkazyNtUMRD0q0GD6&pi=mgid&tc=1
pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT, Sat, 23 Jan 2021 12:04:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
623 B 131ms
78ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l0nXmBZUgM34
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61615fed49fc1d06-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d0ba484a00001d0660005000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=bba85c90-f21f-4e98-a598-1bd06d7fc244&ttl=1613995440

43 B
370 B

79ms
78ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=bba85c90-f21f-4e98-a598-1bd06d7fc244&ttl=1613995440
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 2efcbc22-bc18-4268-aaa4-92ddc9085815
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61615fed7a5b10ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d0ba486e000010ef54144000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=bba85c90-f21f-4e98-a598-1bd06d7fc244&ttl=1613995440
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
https://x.bidswitch.net/sync?dsp_id=429&user_id=88575084-65d0-5217-b14a-7ae0d1466a50&ssp=mgid&expires=30&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=f2187d77-2f94-40b1-8b59-3d6aa61a112b&gdpr=&gdpr_consent=&us_privacy=

43 B
440 B

78ms
77ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=f2187d77-2f94-40b1-8b59-3d6aa61a112b&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 41d726f3-7303-4e26-874b-40b120043f50
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61615fefbdde10ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d0ba49d3000010ef539fe000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=f2187d77-2f94-40b1-8b59-3d6aa61a112b&gdpr=&gdpr_consent=&us_privacy=
date: Sat, 23 Jan 2021 12:04:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDBuWG1CWlVnTTM0&muidn=l0nXmBZUgM34
https://cm.mgid.com/google?muidn=l0nXmBZUgM34&google_ula={guid},5&google_gid=CAESECBEwUuv0bdIxqOFV_cyYWE&google_cver=1

0
222 B

81ms
81ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l0nXmBZUgM34&google_ula={guid},5&google_gid=CAESECBEwUuv0bdIxqOFV_cyYWE&google_cver=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61615fed5a1d10ef-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d0ba4855000010efa083e000000001

Redirect headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l0nXmBZUgM34&google_ula={guid},5&google_gid=CAESECBEwUuv0bdIxqOFV_cyYWE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 131ms
78ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l0nXmBZUgM34
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61615fed4fa110b1-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 07d0ba484a000010b1bc218000000001

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
172 B 260ms
172ms XHR
application/json 130.211.47.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=86afd97a1c45277390aa082df3293783&SCH1=&GCS1=170040147&GCS2=YWM2YWMzY2MtY2UwYy00ZTNiLTkwNmEtZGMyZDdjYTc5NDc4LmxvY2FsLDMwNWE5OTliLTQyNTgtNDJkZC04M2RiLTNlZmNlMWQ4NTk2MS5sb2NhbA==&pe=false&wsid=&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22loadID%22%3A%22YCaNP1bkxuvwzvQ%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A15%2C%22IDStageStart%22%3A16%2C%22obsReqpage%22%3A647%2C%22obsReqdata%22%3A761%2C%22obsReqview%22%3A762%2C%22netComplete%22%3A1337%2C%22IDStagePrefire%22%3A1338%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_ac816a7913cd82f0864893a97a5ce5c5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.47.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Sat, 23 Jan 2021 12:04:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-type: application/json

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 76 KB
20 KB 514ms
514ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4414422787043662&correlator=732188497736391&output=ldjh&impl=fifs&adsid=NT&eid=21068601%2C21068773%2C21069726%2C21069828%2C21069840%2C21069859&vrg=2021012001&ptt=17&us_privacy=1---&guci=1.1.0.4.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210123&iu_parts=7675%2CRAL.site_newsobserver%2CNews&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C970x250%7C728x90%7C970x90&ists=2&prev_scp=slot%3D1%26zeus_rendercount%3D1%7Catf%3Dy%26pkg%3Dd%26slot%3D2%26optimera%3DC0%2CD4%2CE1%2CIA1%2CIA2%2CA%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=lpid%3D%26zeus%3Dapplied%26id%3D248661625%26pl%3Dstory%26ref%3D%26sect%3Dcoronavirus%26sids%3D82751%252C10604%252C82496%252C7041%252C7043%252C10652%252C10925%252C17405%26swgt%3Dna%26top%3D%26vl%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1611403440&dt=1611403440298&dlt=1611403435482&idt=4120&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C800&adys=-12245933%2C68&adks=3612225716%2C741357479&ucis=1%7C2&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1%7C1600x280&msz=0x0%7C31x280&ga_vid=405618529.1611403437&ga_sid=1611403440&ga_hid=274292090&fws=128%2C0&ohw=0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069859

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

92b7c67449378fb64e2ce47dd155d2863fffa76358a8612bed32d0f5dcf825d6

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWVnc2Bsu4CFcxO5QodgUICJA&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWVnc2Bsu4CFcxO5QodgUICJA&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/Responsive_Logo_GpaSiriusSingleIframe.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
google-creative-id: 138317917956,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19906
x-xss-protection: 0
google-lineitem-id: 5479766553,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Sat, 23 Jan 2021 12:04:00 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 43ms
16ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 8ms
4ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
46 B 77ms
73ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1405
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:00 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
68 B 217ms
157ms Image
image/png 34.107.221.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=&warpspeed=2%5EHIykD&loadID=YCaNP1bkxuvwzvQ&version=1.5.9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.221.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.221.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:00 GMT
via: 1.1 google
alt-svc: clear
content-type: image/png

GET
H3-Q050 200 headerads1. Show response
fundingchoicesmessages.google.com/f/AGSKWxXGOvT1T5IzQditxheQWFwivJMRX9ofM11qEYzxmE3rFRyFwdQRgWEQ6hReCcL7XcShpHotv8lEwM4Wzx1sLrmdG5uk581axEOa55MJl0IqUSS9xEBMJ4tZlNqzl0A3vD1NUy6E0oj5Sn-MiCIy-yE28rLC0... 54 B
434 B 32ms
25ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXGOvT1T5IzQditxheQWFwivJMRX9ofM11qEYzxmE3rFRyFwdQRgWEQ6hReCcL7XcShpHotv8lEwM4Wzx1sLrmdG5uk581axEOa55MJl0IqUSS9xEBMJ4tZlNqzl0A3vD1NUy6E0oj5Sn-MiCIy-yE28rLC01xxDJcZSuvHUQhYxuaD1UWLbJR56j58p5bzg98VAhE_9So2xrjRkbt0GMpaI63Lsg8SaFkOtHg7aySJLWE=/__advert_label./advertisements-/ad_config./advert01./headerads1.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.yW3PWOWZNAc.es5.O/d=1/ct=zgms/rs=AJlcJMwp5MJIq8Y1Qwp2ZOi91TsLqfacNw/m=detection

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83ecce03f80b9c4b06b2f02d3481d9af1b9707ee9a8d9bbbd37cf40c75e0ab87

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eZ8GJlL/IlK3gm1ItdHcPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-eZ8GJlL/IlK3gm1ItdHcPw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-eZ8GJlL/IlK3gm1ItdHcPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-eZ8GJlL/IlK3gm1ItdHcPw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
376 B 18ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 19:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Feb 2021 19:53:46 GMT

POST
H3-Q050 204 AGSKWxXMtZF_Iqs8uIkF-9Bm2wpKh2EL-vVWtwyWXxBI6ShAhgZ97S8BDcDrDAHmo3PnF4DkW42pf4MV2pHw3akbb1SPfoVf0riaffr_1skc-RiyubfhSMwfpezagrUd2xXZkQDlByC8fcmlrBdLFA0ytm6wh_AlMZ6WFE2VsHkAOKziRJ9ny8oquxTXWw== Show response
fundingchoicesmessages.google.com/l/ 0
359 B 22ms
21ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXMtZF_Iqs8uIkF-9Bm2wpKh2EL-vVWtwyWXxBI6ShAhgZ97S8BDcDrDAHmo3PnF4DkW42pf4MV2pHw3akbb1SPfoVf0riaffr_1skc-RiyubfhSMwfpezagrUd2xXZkQDlByC8fcmlrBdLFA0ytm6wh_AlMZ6WFE2VsHkAOKziRJ9ny8oquxTXWw==

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7qgpzE5zJFnWWc50uRXN6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-7qgpzE5zJFnWWc50uRXN6g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:04:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-7qgpzE5zJFnWWc50uRXN6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-7qgpzE5zJFnWWc50uRXN6g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXMtZF_Iqs8uIkF-9Bm2wpKh2EL-vVWtwyWXxBI6ShAhgZ97S8BDcDrDAHmo3PnF4DkW42pf4MV2pHw3akbb1SPfoVf0riaffr_1skc-RiyubfhSMwfpezagrUd2xXZkQDlByC8fcmlrBdLFA0ytm6wh_AlMZ6WFE2VsHkAOKziRJ9ny8oquxTXWw== Show response
fundingchoicesmessages.google.com/l/ 0
334 B 26ms
26ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2UvSy7tK20VxQ6kFCp7oyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2UvSy7tK20VxQ6kFCp7oyA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:04:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-2UvSy7tK20VxQ6kFCp7oyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2UvSy7tK20VxQ6kFCp7oyA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXMtZF_Iqs8uIkF-9Bm2wpKh2EL-vVWtwyWXxBI6ShAhgZ97S8BDcDrDAHmo3PnF4DkW42pf4MV2pHw3akbb1SPfoVf0riaffr_1skc-RiyubfhSMwfpezagrUd2xXZkQDlByC8fcmlrBdLFA0ytm6wh_AlMZ6WFE2VsHkAOKziRJ9ny8oquxTXWw== Show response
fundingchoicesmessages.google.com/l/ 0
769 B 23ms
22ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VSusur2PF1x3AmZX1EUtHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-VSusur2PF1x3AmZX1EUtHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:04:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-VSusur2PF1x3AmZX1EUtHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-VSusur2PF1x3AmZX1EUtHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxUB8V5-97MxtdqYkSx8SLA2p9xKf1OVigSdBB9-xcLyNst14JzhgVSCAdgiKI7BQBKVj5wMlifNyw4H3NXYX2anhleQcRtZ6tGIXaDCdjuglI9gT6inuXthTBkURnVlhCqZ2CfW5h8ViE1IYrheiHMikoH7sj1vcee8D_T-JRG4iuU4HSlBngSA9A== Show response
fundingchoicesmessages.google.com/f/ 60 KB
23 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUB8V5-97MxtdqYkSx8SLA2p9xKf1OVigSdBB9-xcLyNst14JzhgVSCAdgiKI7BQBKVj5wMlifNyw4H3NXYX2anhleQcRtZ6tGIXaDCdjuglI9gT6inuXthTBkURnVlhCqZ2CfW5h8ViE1IYrheiHMikoH7sj1vcee8D_T-JRG4iuU4HSlBngSA9A==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjExNDAzNDQwLDc1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07ab71492f7cc1dc2162de9ea155c87031cd2cabb10458119a78bfa349916d62

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TNhVReZ/TxfWCpDh5FnXfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TNhVReZ/TxfWCpDh5FnXfA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-TNhVReZ/TxfWCpDh5FnXfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TNhVReZ/TxfWCpDh5FnXfA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXMtZF_Iqs8uIkF-9Bm2wpKh2EL-vVWtwyWXxBI6ShAhgZ97S8BDcDrDAHmo3PnF4DkW42pf4MV2pHw3akbb1SPfoVf0riaffr_1skc-RiyubfhSMwfpezagrUd2xXZkQDlByC8fcmlrBdLFA0ytm6wh_AlMZ6WFE2VsHkAOKziRJ9ny8oquxTXWw== Show response
fundingchoicesmessages.google.com/l/ 0
336 B 68ms
67ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qePp5AJa7wZrB58iJ7e+fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-qePp5AJa7wZrB58iJ7e+fA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:04:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-qePp5AJa7wZrB58iJ7e+fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-qePp5AJa7wZrB58iJ7e+fA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
33 B 45ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=4414422787043662&r=1x1&w=1&h=1&a=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

14221371079760943072
tpc.googlesyndication.com/simgad/ Frame B5D4
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDnq7jUeBABGAEoATIIRCa0hO01vLpA1fzu7AU
https://tpc.googlesyndication.com/simgad/14221371079760943072

43 B
206 B

12ms
11ms

Image
image/gif

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14221371079760943072

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 20:31:06 GMT
x-content-type-options: nosniff
age: 142375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
last-modified: Mon, 07 Oct 2019 22:37:26 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jan 2022 20:31:06 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 22 Jan 2021 21:38:58 GMT
x-content-type-options: nosniff
server: cafe
age: 51902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14221371079760943072
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Feb 2021 21:38:58 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319200633513"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Sat, 23 Jan 2021 12:04:00 GMT

GET
H3-Q050 200 container.html
4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame CE9D 0
0 66ms
24ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202101191641/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sat, 23 Jan 2021 12:04:00 GMT
expires: Sun, 23 Jan 2022 12:04:00 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 403 FREE.gif
www.newsobserver.com/static/img/placeholder/ 322 B
322 B 60ms
60ms Image
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/static/img/placeholder/FREE.gif?mias===QfzAzNxojIsJCLiUTMiojIzBnIsU2csFmZ6IycuJCLiMDOxYzM0MDM0ETM2EzXyATM5gTM1ADN5UTM4QjMxIDOzMjMzkjMzgTNwkTO5MjN2YTMxIzXvFmbfNXYflWbiojIpRnIsIyc1JXa2FmbvJ3bDJiOig2YiwSf4gTOwQDNzADNxEjNxojIlRmciwCN5gDM0QzMwQTMxYTM6IyckJnIsUTMzADN0MDM0ETM2EjOiMXcyJCLygDM0MDNzADNxEjNxojIzdGcisnOiQnIs0XM6IiNyIDN0QDO2YDNiwSM6IyM1UjN2cTO3QTNisnOiMHZpJye
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: eca31951a56e14c45ea30f97def4d6c588c087ddbd64acc8804a1180c0befbb4

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:01 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 322
expires: Sat, 23 Jan 2021 12:04:01 GMT

POST
H3-Q050 204 AGSKWxWTjJw_bLEVrlDvarQxYjFq2FbnIEZ-535bJ5seTS5Or6Zgrol8JwIYyTvjVBqPiwpHCGVPkyjWjEjNUjFGe0ULeVKHDmRp3zXVG9cbL7yY6ed7PAZNa5_cvHS3YlIbswRHh0L9HJ2xvr8WsGZmRyvFi0mJvJJrNMhWRkND7D2414IiDbunOCIfUg== Show response
fundingchoicesmessages.google.com/l/ 0
359 B 23ms
23ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxWTjJw_bLEVrlDvarQxYjFq2FbnIEZ-535bJ5seTS5Or6Zgrol8JwIYyTvjVBqPiwpHCGVPkyjWjEjNUjFGe0ULeVKHDmRp3zXVG9cbL7yY6ed7PAZNa5_cvHS3YlIbswRHh0L9HJ2xvr8WsGZmRyvFi0mJvJJrNMhWRkND7D2414IiDbunOCIfUg==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.Sdh1-bzmVw0.es5.O/d=1/ct=zgms/rs=AJlcJMwaOYvD3PL0x12bCb8V3jgkf3kMzA/m=cookie_refresh

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rCfogId64a+PCyE0YDe9Pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rCfogId64a+PCyE0YDe9Pw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:04:01 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-rCfogId64a+PCyE0YDe9Pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rCfogId64a+PCyE0YDe9Pw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxWTjJw_bLEVrlDvarQxYjFq2FbnIEZ-535bJ5seTS5Or6Zgrol8JwIYyTvjVBqPiwpHCGVPkyjWjEjNUjFGe0ULeVKHDmRp3zXVG9cbL7yY6ed7PAZNa5_cvHS3YlIbswRHh0L9HJ2xvr8WsGZmRyvFi0mJvJJrNMhWRkND7D2414IiDbunOCIfUg== Show response
fundingchoicesmessages.google.com/l/ 0
335 B 22ms
22ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R4X2C/ujwV+2T/RJA886dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-R4X2C/ujwV+2T/RJA886dg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Jan 2021 12:04:01 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-R4X2C/ujwV+2T/RJA886dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-R4X2C/ujwV+2T/RJA886dg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 403 quarantine.f992372b06f74de92f81.js
www.newsobserver.com/static/yozons-lib/ 0
0 55ms
53ms Script
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/quarantine.f992372b06f74de92f81.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:01 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 342
expires: Sat, 23 Jan 2021 12:04:01 GMT

GET
H2 200 RC5e0483c0e28e4c0ba069181f1fe66253-source.min.js Show response
assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/ba8ba219d197/ 335 B
484 B 13ms
11ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/ba8ba219d197/RC5e0483c0e28e4c0ba069181f1fe66253-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a7b7c9e4837ac992f5c545f832ddb532ef64436f7a0f2c5ef47ee57f298e0f88

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:01 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 16:49:23 GMT
server: AkamaiNetStorage
etag: "d7c2c3018149b72d295f07158063e3ef:1611161363.393002"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.newsobserver.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 216
expires: Sat, 23 Jan 2021 13:04:01 GMT

GET
H2 200 RCdb4bb460c1784184ba1cc4322bae3c78-source.min.js Show response
assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/ba8ba219d197/ 336 B
484 B 11ms
11ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/ba8ba219d197/RCdb4bb460c1784184ba1cc4322bae3c78-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 757e6a4961a3b3c31c3f65f4681e9522d4f81eb3a5055029c171ae4a26ae76d5

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:01 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 16:49:23 GMT
server: AkamaiNetStorage
etag: "d7c2c3018149b72d295f07158063e3ef:1611161363.393002"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.newsobserver.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 216
expires: Sat, 23 Jan 2021 13:04:01 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
259 B 465ms
114ms XHR
application/json 50.19.252.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.252.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: d9d998e89b1bf011b876875d1b145c3b59d426e4cf620c2ad8d728def13391f8

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:04:02 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newsobserver.com
Connection: keep-alive
Content-Length: 22

GET
H2 403 pdp.gif
www.newsobserver.com/static/yozons-lib/ 316 B
316 B 45ms
42ms Image
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX25hb18yMTE2NjYzOTk5MDU4MzI5MzIzMzgyMTI0ODE1OTQwNTE4OTEwMl8xNjExNDAzNDM2MTgzIiwiZmlyc3RBZFJlcXVlc3QiOjcxNDgsImdwdFJlcXVlc3RlZCI6NDEwMiwibG9hZEV2ZW50U3RhcnQiOjg2NDZ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 523bc8b1f3b2950f9335e5e034975a91cb51c8a55c37f602485a4909c6bb7ea5

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:01 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 316
expires: Sat, 23 Jan 2021 12:04:01 GMT

GET
H/1.1

200
OK

pixel_details.html
www.everestjs.net/static/ Frame 12F5
Redirect Chain

https://pixel.everesttech.net/7996/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26optout%3D__EFOPTOUT__%26throttleCook...
https://www.everestjs.net/static/pixel_details.html

0
0

38ms
37ms

Document
text/html

104.111.234.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/pixel_details.html
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/st.v3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-92.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: www.everestjs.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Response headers

Server: Apache
Last-Modified: Tue, 04 Oct 2011 16:14:21 GMT
ETag: "1033c9024-a6-4ae7b62583140"
Accept-Ranges: bytes
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 146
Cache-Control: max-age=71430
Expires: Sun, 24 Jan 2021 07:54:32 GMT
Date: Sat, 23 Jan 2021 12:04:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Date: Sat, 23 Jan 2021 12:04:02 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 345
Connection: keep-alive
Server: Apache
Cache-Control: no-cache
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
Set-Cookie: everest_g_v2=g_surferid~YAwQrAAAAFL2dh-H; path=/; domain=.everesttech.net; expires=Mon, 23-Jan-2023 12:04:02 GMT; samesite=none; secure everest_session_v2=YAwQsgAAAYwV4QW9; path=/; domain=.everesttech.net; samesite=none; secure
Location: https://www.everestjs.net/static/pixel_details.html#google=YAwQrAAAAFL2dh-H&gsurfer=YAwQrAAAAFL2dh-H&optout=0&throttleCookie=&time=20210123120402

GET
H2 200 syncframe
gum.criteo.com/ Frame 40F7 0
0 70ms
23ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.newsobserver.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.newsobserver.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1346
date: Sat, 23 Jan 2021 12:04:01 GMT
content-length: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 77ms
77ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021012001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069859

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

060f9677f75d4c112d047845bc37b97041e9f0d5a77eaff13dfc3b7bc05d3723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6683
x-xss-protection: 0

GET
H2 403 quarantine.f992372b06f74de92f81.js
www.newsobserver.com/static/yozons-lib/ 0
0 56ms
55ms Script
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/quarantine.f992372b06f74de92f81.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:01 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 342
expires: Sat, 23 Jan 2021 12:04:01 GMT

GET
H2 403 push.354981d144758ad52e47.js
www.newsobserver.com/static/yozons-lib/ 0
0 47ms
46ms Script
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/push.354981d144758ad52e47.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:01 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 336
expires: Sat, 23 Jan 2021 12:04:01 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069859

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 12:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Sat, 23 Jan 2021 12:04:02 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 3E6D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Fri, 22 Jan 2021 22:45:59 GMT
expires: Sat, 22 Jan 2022 22:45:59 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 47883
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK t
pixel.everesttech.net/7996/ 128 B
705 B 53ms
49ms Image
image/png 34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/7996/t?ev_ContentPage_Story=1&timestamp=1611403441865
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:04:02 GMT
Last-Modified: Mon, 28 Sep 2020 09:26:22 GMT
Server: Apache
ETag: "b3b50f-80-5b05c42750b80"
Vary: Cookie
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/
Redirect Chain

https://cm.everesttech.net/cm
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WUF3UXJBQUFBRkwyZGgtSA
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEFemD4NmK31tQ3UxQdGlKWk&google_cver=1
https://pixel.everesttech.net/1x1

128 B
691 B

73ms
49ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:04:03 GMT
Last-Modified: Mon, 28 Sep 2020 09:26:22 GMT
Server: Apache
ETag: "b3b50f-80-5b05c42750b80"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Sat, 23 Jan 2021 12:04:03 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 42ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021012001&jk=4414422787043662&bg=!qqmlqerNAAXyQKAs8jsAKQB2-DxaoK8uPZptOPFDY2PGe20tkk0FSc-dpQqT-KcSAIJ2rNMYcYm4AgAAAe5SAAAAY2gBBwoAum9gwcVTmXipV15zieSiDLs-OTKdOU4BzExI75alnsYk99MO5R6jfZbz9DePWuUXCj373pZ6tmBoa7v2irFkna5j-uDnRIlW9rJ8uVqw7MiGIQeZAAh4tsRpVoe6wDDUysOjdx7FwdmoSY4-1UQn5o81DW3j5chwxHmKMxUkz9asP6UQA0VmIKOSi6K30JZbj34L8K0eOHB-HpUTgROPSYx7k4KWaSm3aLF_1-cCyxIwcKuIw8SDBaaMOZkB1RA97Gyo2GmSQSR5UeQq-Ua0HRiHYX0pjo62X_6FXZTEci8QBQlmCMx4PRYzmFie7kfEddR1BDXU3Y5mZ36z9SEBvahf6gvqW04VbEoTSXFJmGnwQE7S9QNNs2VMC-81kfj-Aqm541M11qm7nSwEsKb6-rP1YdTHT9gnBK7CXTFL1qjyRRihogdgCkph-f43zkjMR1Z5_9hzfryd5CKpZI6g3g6WrdqO86Ay3nzzXnXxuHZ9SdPkvoHptXy02LRAqfrwEilahfUrYpjp0aYQXE5hlF89EyCw-AvXg0JouZZeEWt18-C8RfaYiyPqQHCsrTGxD4ezPm155rpYy87AGvkDnSgwoy8I6ZRtkduDl44pg_crKv42mcRZbRK7zAOg5-u8eTf6aqDlnhnyhZJ7sGpNNn9KHMF4SBZJJtFOZgOTWBjG7VB69RIx9O9F7rmbSsIwyPbLwLAgDXa6Q9usSv249eBDgkMmVKDIUgn1Yu2EDdxR1XsMDDVSIdBhEl9rbB4ZDZd8YuhoCrievSwK_PTKR7F4_zLuthaFS6qz3guOOnxeHHVRcgZgdkVTO5TDitad_YBBnl-Wx5u-4HccG_V7u0HF_fcEGU4Z9AJtMHcgVAipJ9w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 107ms
107ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_privb=0&tid=ff8a3dae-9951-4c93-a47c-c75159c38dfe&pid=6bffdacf-1e1e-4c7a-ac0f-8e39784d7696&dtm=1611403447969&qnm=_matherq&vp=1600x1200&ds=1600x7906&tofa=1611403448&vid=1&duid=4ff1c4133e6959d9&fp=606422418&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxMTQwMzQzMzE2OCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI0MS4yMzk4NTNtYiIsImhlYXBUIjoiNTcuMjA2NTAxbWIiLCJmZXRjaFMiOiI5MTQiLCJkb21haW5TIjoiOTE1IiwiZG9tYWluRSI6IjkxNyIsImNvbm5TIjoiOTE3IiwiY29ubkUiOiI5OTMiLCJzc2xTIjoiOTM0IiwicmVxdVMiOiI5OTMiLCJyZXNwUyI6IjIwOTMiLCJyZXNwRSI6IjIxMTUiLCJkb21Mb2FkIjoiMjMxNCIsImRvbUludGVyIjoiMzMzNCIsImRvbUxvYWRTIjoiMzY5OSIsImRvbUxvYWRFIjoiMzczOSIsImRvbUNtcGx0IjoiODY0NSIsImxvYWRTIjoiODY0NSIsImxvYWRFIjoiODc0NCJ9fQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-41-31.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 12:04:08 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 108ms
107ms Image
image/gif 52.4.26.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsobserver.com&p=%2Farticle248661625.html&u=2cNUHc22AsDwnljr&d=newsobserver.com&g=62447&g0=Coronavirus%2CNormal-Paywalled&g1=Zachery%20Eanes&n=1&f=00001&c=0.25&x=0&m=0&y=7906&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=4&r=&b=4947&t=BlpFfj6cklHDp3lnxB4u-i_BbLtFb&V=121&tz=-60&_acct=anon&sn=3&sv=CCFoWgBr_KZGCKfnlYBEygxlCw62PX&sd=1&im=06630efe&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.26.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-26-179.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/news/coronavirus/article248661625.html?ac_cid=DM369596&ac_bid=-781518521&_hsmi=88974744&_hsenc=p2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 12:04:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

553 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 15:36:47	Name: DSID Value: NO_DATA
.rubiconproject.com/	1970-01-19 15:37:51	Name: ses2 Value:
.rubiconproject.com/	1970-01-19 15:37:51	Name: vis2 Value: 80324^1
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu/Q5+nJKR+svD2qDwuqE0LMXkn5Qlyqng06zAJbpC9zOvGMF3Jx/AX1DKVYI/iiF8/WWQzTX+vLxkA/aUD0yeAzZMcw2JwqaeyeKw/LSOkKrQ==
.pubmatic.com/	1970-01-19 16:19:55	Name: PugT Value: 1611403439
.pubmatic.com/	1970-01-19 16:19:55	Name: KRTBCOOKIE_336 Value: 5844-749914958372290135
.pubmatic.com/	1970-01-19 16:19:55	Name: KRTBCOOKIE_377 Value: 6810-bba85c90-f21f-4e98-a598-1bd06d7fc244&KRTB&22918-bba85c90-f21f-4e98-a598-1bd06d7fc244&KRTB&23031-bba85c90-f21f-4e98-a598-1bd06d7fc244
.rubiconproject.com/	1970-01-20 00:22:19	Name: audit Value: 1\|hLZGFuTafB1uA/+h7FXSyRSNte0ann5GaY8+iCPW+RhcBTk1WyWpeM4KiyMOkcceVoYYKZGgNQ1o2B05UvZjLwBWcLulhnhW0A+VO7RH1E0=
.pubmatic.com/	1970-01-19 16:19:55	Name: KRTBCOOKIE_391 Value: 22924-394323920620508299
.pubmatic.com/	1970-01-19 16:19:55	Name: KRTBCOOKIE_80 Value: 16514-CAESEE4cuWtvSe_TsfJc1tk6jh0&KRTB&22987-CAESEE4cuWtvSe_TsfJc1tk6jh0&KRTB&23025-CAESEE4cuWtvSe_TsfJc1tk6jh0
.pubmatic.com/	1970-01-19 17:46:19	Name: DPSync3 Value: 1612569600%3A201_226_221_219
.doubleclick.net/	1970-01-20 00:58:19	Name: IDE Value: AHWqTUnT9fA-jSQ1bulnN8Z0jO4-DazaurmmfHYFcEqC9xB6E6K4QAure4jDsURt
.pubmatic.com/	1970-01-19 17:46:19	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 17:46:19	Name: KADUSERCOOKIE Value: 858D6F7C-7054-4700-9F29-D6700AE954C6
.pubmatic.com/	1970-01-19 15:38:09	Name: pi Value: 159414:2
.pubmatic.com/	1970-01-19 17:46:19	Name: PUBMDCID Value: 3
.newsobserver.com/	1970-01-19 16:19:55	Name: CUID Value: N,1611403437237:ALHGLuQAAAAPTiwxNjExNDAzNDM3MjM3laH9MFT2Rx7l63zj8NpLlmdsSfey6xNc3rQq2XT5qBPXwJqyqq7Nsrj8iKvjRy2nN408v+whI5gC7+3a0mvdKSiTwngobDUWX4sVSm7QvB/TiBZG+EFFFeuT4GRWhTEmDGbzrUNJdfb2TxKkAupp/fleTB8H6Hbmez9elriCcbhqjbaSWkR0ES+HrMuuVIIaPE6VNyMxGspmNE7rCIGKy5+Xp6miSiCopOUruihyrAVYJVu/4ecPZpkf9e/SPoIXRLnuneItP9P09Czuk/EN8ieCnO14JXrLFDTpMbKwRauWJn1j15cuUJfwkn7AM9H5QaiVjdqPPkJZIHFvKXsqJg==
trinitymedia.ai/	1970-01-19 15:46:48	Name: AWSALBCORS Value: zoLE873HhyEsM+Q+J/XxlCWv3snARWqBgTDCMScdc3XDFaRgbnKNZQLJHiBBXw3lFaOf4Mnfaw1M3b2nN9UTh5CgHa2T5x/N8zjtWPia4Pwcz0c22h6f3wc3LtDV
.demdex.net/	1970-01-19 19:55:55	Name: demdex Value: 21260440396695657883880154063120879705
.newsobserver.com/	1970-01-20 00:58:19	Name: __gads Value: ID=a082e533e141ab52:T=1611403440:S=ALNI_MZwRqRhinUSOaK_3fKVVPo875rugw
www.newsobserver.com/	1969-12-31 23:59:59	Name: GED_PLAYLIST_ACTIVITY Value: W3sidSI6IlZWS0QiLCJ0c2wiOjE2MTE0MDM0NDEsIm52IjowLCJ1cHQiOjE2MTE0MDM0MzUsImx0IjoxNjExNDAzNDM1fV0.
www.newsobserver.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1035175%22%3A%7B%22page%22%3A1%2C%22time%22%3A1611403439759%7D%7D
.newsobserver.com/	1970-01-20 01:01:12	Name: __qca Value: P0-1356890090-1611403438373
.newsobserver.com/	1970-01-19 15:36:43	Name: lotame_domain_check Value: newsobserver.com
www.newsobserver.com/	1970-01-19 15:36:45	Name: _cb_svref Value: null
.newsobserver.com/	1970-01-19 15:56:53	Name: AccessToken Value: tgt2:3fab37713c38576258d909a44c4d7ee4
.www.newsobserver.com/	1970-01-20 00:22:19	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sat+Jan+23+2021+13%3A03%3A59+GMT%2B0100+(Central+European+Standard+Time)&version=6.5.0&hosts=&landingPath=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle248661625.html%3Fac_cid%3DDM369596%26ac_bid%3D-781518521%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-81MwIrQyJuBT8Ee32uRzbPeuylyx_jK8s0qIEdVlY_8E1B6kWZwACW1MwPc8c9nhfvB5sb_qv7Y4VVZYcsDBSa0r1rPsMvotIvBmFwXwzcBZvDKR8%23new_tab&groups=C0002%3A0%2CC0001%3A1%2CC0004%3A0%2CC0003%3A0
.newsobserver.com/	1969-12-31 23:59:59	Name: s_cc Value: true
www.newsobserver.com/	1970-01-20 01:05:31	Name: _chartbeat2 Value: .1611403438074.1611403438074.1.CCFoWgBr_KZGCKfnlYBEygxlCw62PX.1
.newsobserver.com/	1970-01-19 15:36:45	Name: mi_ptid Value: bWlfYXNfbmFvXzIxMTY2NjM5OTkwNTgzMjkzMjMzODIxMjQ4MTU5NDA1MTg5MTAyXzE2MTE0MDM0MzYxODM%3D
.newsobserver.com/	1970-01-19 15:36:45	Name: _sp_ses.1b7f Value: *
www.newsobserver.com/	1970-01-20 01:05:31	Name: _cb Value: 2cNUHc22AsDwnljr
.newsobserver.com/	1970-01-19 15:36:45	Name: mboxEdgeCluster Value: 37
www.newsobserver.com/	1970-01-20 01:05:31	Name: _cb_ls Value: 1
.newsobserver.com/	1970-01-19 15:36:43	Name: _gat_mistats_ga_UA-48279682-1 Value: 1
.newsobserver.com/	1970-01-20 09:07:55	Name: _sp_id.1b7f Value: fe5a29908c9885d6.1611403438.1.1611403438.1611403438
.rubiconproject.com/	1970-01-20 00:22:19	Name: khaos Value: KK9O03Q3-1L-CS5A
.newsobserver.com/	1970-01-19 15:46:48	Name: mi_ppv Value: Oth%3A%207000px%20%3A%206sc%20%3A%2015%25
.demdex.net/	1970-01-19 19:55:55	Name: dextp Value: 771-1-1611403436312\|144230-1-1611403436413\|144231-1-1611403436514\|144232-1-1611403436614\|144233-1-1611403436716\|144234-1-1611403436866\|144235-1-1611403436967\|144236-1-1611403437071\|144237-1-1611403437174
eus.rubiconproject.com/	1970-01-19 17:46:19	Name: pux Value: 2249%3D96973%262307%3D96973%262974%3D96973%263778%3D96973%262249-DV360-Hosted%3D96973%26goog%3D96973%26brx%3D96973%26idl%3D96973%26
.pubmatic.com/	1970-01-19 16:19:55	Name: KRTBCOOKIE_153 Value: 19420-RysILUArWStcLlstEngVekV_WSpcIgEtF3jx_XWe&KRTB&22979-RysILUArWStcLlstEngVekV_WSpcIgEtF3jx_XWe
.newsobserver.com/	1970-01-20 09:07:55	Name: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18651%7CMCMID%7C21166639990583293233821248159405189102%7CMCAAMLH-1612008236%7C6%7CMCAAMB-1612008236%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1611410636s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18658%7CMCCIDH%7C-790665793%7CvVersion%7C4.4.0
.newsobserver.com/	1970-01-19 16:19:55	Name: mi_s_vnmn Value: 1613995436772%26vn%3D1
.newsobserver.com/	1970-01-20 00:58:19	Name: FCCDCF Value: [["AKsRol9Kd1CFKYykoIvRwD_Z7d9BhzwRtfNruGDPxRhQMKOKG1p0vE1ybowWQ5gM-EbbeNuufcWQsGSOd3V49kM30lL_DK6F6HbIpfUze8U7Zsg1XmFMrNGUAtsGWQDwjSvWNY3Vv3RsWsu7HqXMnjZkkYr2h_mKoQ=="],null,["[[],[],[],[],null,null,true]",1611403441136]]
.newsobserver.com/	1970-01-19 15:36:50	Name: ak_bmsc Value: EB5F17EC125FED83968BB1C19397F81B0210BB3E927B0000AB100C600FA78F0C~plRbLBh10YdTYhen3Me0HP16pvsKQP1dAegr5bJVicTGz7oUxzNYANM8KJ9yR/TjFKlayf+QjTeWtiScolEdQCc1tpMyAFsOld8L7z/grKmwMMz6rJ1GjEO8Z0FyfDlVUsU8nrnOdTcQ91gi92vsQVR40F2odnem0fGpFccc8mOkWqJR61mQWCUStq/CV4eX4mw9K8ylGy4OTknaEIM6wsDIKqSAcgcs+F6/zQOIzY5OlhNLIMF1wP5T+qFz0whW207EXGKqqYJmOdkzM8mfapA+dA+wfDeJMVOr7qK+GsBnk=
.pubmatic.com/	1970-01-19 17:46:19	Name: KTPCACOOKIE Value: YES
.newsobserver.com/	1970-01-19 15:36:45	Name: mi_gps Value: 15
.newsobserver.com/	1970-01-19 15:36:43	Name: _gat_mistats_ga_UA-48280268-1 Value: 1
.newsobserver.com/	1969-12-31 23:59:59	Name: at_check Value: true
.newsobserver.com/	1970-01-19 15:36:45	Name: mi_iv Value: true
.newsobserver.com/	1970-01-19 16:19:55	Name: aam_uuid Value: 21260440396695657883880154063120879705
.newsobserver.com/	1970-01-20 09:07:55	Name: _ga Value: GA1.2.405618529.1611403437
.trinitymedia.ai/	1970-01-20 00:22:19	Name: AUID Value: eb2f21ce-6d3c-4138-8d5f-9a4d0dc35d33
.pubmatic.com/	1970-01-19 16:19:55	Name: SPugT Value: 1611403441
.newsobserver.com/	1970-01-20 09:09:21	Name: adcloud Value: {%22_les_v%22:%22y%2Cnewsobserver.com%2C1611405236%22}
.newsobserver.com/	1970-01-20 09:10:48	Name: mbox Value: session#b4dcd632ca2b400eb024d48b50ffd1ed#1611405296\|PC#b4dcd632ca2b400eb024d48b50ffd1ed.37_0#1674648237
.newsobserver.com/	1970-01-19 16:19:55	Name: aam_segment Value: segID%3D18165999
www.newsobserver.com/	1970-01-20 00:22:19	Name: usprivacy Value: 1---
.pubmatic.com/	1970-01-19 16:19:55	Name: KRTBCOOKIE_27 Value: 16735-uid:96d2600c-10af-4c00-b06c-e52479ea8f9a&KRTB&16736-uid:96d2600c-10af-4c00-b06c-e52479ea8f9a&KRTB&23019-uid:96d2600c-10af-4c00-b06c-e52479ea8f9a&KRTB&23114-uid:96d2600c-10af-4c00-b06c-e52479ea8f9a
.newsobserver.com/	1969-12-31 23:59:59	Name: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: 1
www.newsobserver.com/	1970-01-19 15:38:09	Name: _lr_geo_location Value: DE
.pubmatic.com/	1970-01-19 16:19:55	Name: KRTBCOOKIE_218 Value: 22978-YAwQrAAAAFL2dh-H&KRTB&23194-YAwQrAAAAFL2dh-H&KRTB&23209-YAwQrAAAAFL2dh-H&KRTB&23244-YAwQrAAAAFL2dh-H
.newsobserver.com/	1970-01-19 16:19:55	Name: mi_nr Value: 1611403436771-New
.newsobserver.com/	1970-01-19 15:36:45	Name: mi_ppn Value: Story%3A248661625%7CLabcorp%20is%20studying%20COVID-19%20mutations.%20Can%20it%20improve%20US%20tracking%20of%20the%20virus%3F
.pubmatic.com/	1970-01-19 17:46:19	Name: SyncRTB3 Value: 1612656000%3A35%7C1612569600%3A13_161_7_3_8_220_21_54_56
www.newsobserver.com/	1970-01-20 00:22:19	Name: ntv_as_us_privacy Value: 1---
.newsobserver.com/	1970-01-19 15:38:09	Name: _gid Value: GA1.2.895835239.1611403437
www.newsobserver.com/news/coronavirus	1970-01-19 15:36:47	Name: liveramp_id_env_sampling_rate Value: 10

43 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VVBPZ295pqPPN90vc0r2PqTVW197v5Z4m8D-nMwF3TS2-HwLV1-WJV7CgCp3W1X0SFG477B2nV5HGsn96SmTrW3k75-36m7d_JW4lWp5Z7rFGM2W1MvfqN5-4sqcW2vQ_DL6Rl7gMW7ds_9W3TgHyGW870svs3KwkbXW2mMLtR443VPXW8g_tBp2RjRBRVsM56Z454PmcW2nYV4P5rhmRwW38-1Zf2SlrTSW1NrvRV7nZR_fN16zZFw8Vm7QW1jB72J3NJHbmW19Kd0v51k5L0W83K__33VK1J4N46WPBBmMbvqW1b3cVL1DbPBtW185vKv29Jyn8W1Wr9Vl8fWMBkW5M-dr-7JC535W1LQY9j3_BpGlVkDkWs2q3LpPW35PTFT71fRq0W87WyVs5Nk-yYW5Jkgqg3TTc5535c61(Line 13) Message: toS
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 240) Message: mistats_subdata ready
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1852) Message: mistats bx_waiting
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11325) Message: JQMIGRATE: Migrate is installed with logging active, version 3.1.0
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1852) Message: mistats bx_waiting
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 129) Message: mistats_gpscore: 15
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1852) Message: mistats bx_waiting
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1857) Message: mistats bx_init
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_target ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_propensity ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_cta_widget ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_subdata ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1822) Message: mistats request queued
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: 'ready' event is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.resize() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.mouseleave() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.hover() is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	log	URL: https://ovp.iris.tv/libs/context/iris-context.min.js(Line 1) Message: [Iris Context API] v1.0.5
console-api	log	URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js(Line 190) Message: mistats request sent
console-api	log	URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js(Line 137) Message: mistats request postback present
console-api	log	URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js(Line 138) Message: mistats request succeeded
console-api	debug	URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js(Line 2) Message: [customSSP] Registering custom bidder [object Object]
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1932) Message: mistats cb_loaded
console-api	error	URL: https://tags.crwdcntrl.net/lt/c/7447/lt.min.js(Line 1) Message: LT.JS: Client 7447 cannot run lt.min.js because it has no domains whitelisted.
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1877) Message: mistats_bx_inactive
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-e65f7076b4fea8f89d30.js(Line 5) Message: getIrisContext - Response acting
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1) Message: [IRIS.TV][Info]: * Iris Adaptive Plugin version 2.0.16 *
console-api	debug	URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js(Line 2) Message: [Zeus] CCPA string set to 1---
console-api	debug	URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1281) Message: mistats_as send
console-api	log	(Line 3) Message: Skipping WebGL fingerprinting because it is not supported in this browser
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1046) Message: mi_launchload timeout

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4b3f1f93be086e85fcdd08bdd8517203.safeframe.googlesyndication.com
ad.crwdcntrl.net
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
ams.creativecdn.com
analytics-check.publishersite.xyz
api.ipify.org
api.rlcdn.com
as-sec.casalemedia.com
assets.adobedtm.com
assets.bounceexchange.com
ats.rlcdn.com
bidder.criteo.com
c.amazon-adsystem.com
capi.connatix.com
cd.connatix.com
cdn.cookielaw.org
cdn.parsely.com
cds.connatix.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
connect.scroll.com
context.iris.tv
contributor.google.com
creativecdn.com
d15kdpgjg3unno.cloudfront.net
data.cdnbasket.net
depart.trinitymedia.ai
dpm.demdex.net
dyv1bugovvq1g.cloudfront.net
e.cdnwidget.com
edge.api.brightcove.com
edge.quantserve.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.rlcdn.com
geolocation.onetrust.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ids.cdnwidget.com
imasdk.googleapis.com
info.silobreaker.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
jsc.mgid.com
lasteventf-tm.everesttech.net
manifest.prod.boltdns.net
match.adsrvr.org
match.sharethrough.com
mboxedge37.tt.omtrdc.net
mcclatchy-d.openx.net
mcclatchy-newsobserver.zeustechnology.com
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
mcclatchy.tt.omtrdc.net
media.mcclatchy.com
media2.newsobserver.com
ovp.iris.tv
page.cdnbasket.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.everesttech.net
pixel.quantserve.com
pubads.g.doubleclick.net
rules.quantcount.com
s-img.mgid.com
s.ntv.io
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
servicer.mgid.com
sqs.us-east-1.amazonaws.com
srv-2021-01-23-12.pixel.parsely.com
static.chartbeat.com
static.criteo.net
static.scroll.com
stats.g.doubleclick.net
tag.wknd.ai
tags.crwdcntrl.net
tpc.googlesyndication.com
trinitymedia.ai
vd.trinitymedia.ai
view.cdnbasket.net
web.facebook.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.heraldsun.com
www.i.matheranalytics.com
www.mcclatchy-wires.com
www.newsobserver.com
www.sacbee.com
www.thestate.com
x.bidswitch.net
104.108.50.124
104.108.64.33
104.111.215.135
104.111.234.92
104.111.236.243
104.16.199.73
104.19.132.78
104.19.216.61
107.178.250.234
13.224.102.104
13.224.102.8
130.211.47.17
130.211.9.87
15.237.136.106
151.101.113.194
151.101.14.137
151.101.194.49
178.250.2.131
18.193.131.107
185.184.8.30
185.33.221.90
185.64.189.112
188.42.196.115
199.232.198.217
199.60.103.254
205.185.216.10
216.58.207.66
216.58.212.162
23.210.249.164
23.210.249.92
23.210.250.13
23.37.42.132
2600:9000:206f:9c00:15:d134:4e40:93a1
2600:9000:2104:5200:11:b309:9100:21
2600:9000:2104:9a00:5:82fd:2500:21
2600:9000:2104:c00:6:44e3:f8c0:93a1
2600:9000:2190:6000:18:1fcd:34e:d2a1
2606:4700:10::6814:b844
2606:4700::6810:9440
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2004
2a00:1450:4001:803::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:808::2013
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:81a::2006
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2001
2a00:1450:4001:81f::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9c
2a02:2638::1c
2a02:2638::3
2a02:26f0:10c:59b::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::539
3.140.46.189
3.213.50.82
3.224.214.149
3.248.38.24
34.107.221.36
34.120.207.148
34.120.253.250
34.245.253.34
34.246.227.69
34.98.64.218
34.98.72.95
35.157.168.64
35.186.214.121
35.190.95.58
35.201.100.179
35.244.220.155
50.19.252.36
52.203.172.63
52.212.209.68
52.4.26.179
52.46.131.209
52.49.92.20
52.51.251.137
54.194.191.134
54.198.41.31
54.93.211.166
65.9.67.103
65.9.69.60
65.9.73.61
65.9.82.50
65.9.84.191
65.9.86.127
69.173.144.141
99.80.71.186
00c6e9788d5997077deec494717e5fb368dd721aefb1044f41075b1479c1c842
043e4c79e36e7182e52008751153ab534d62a435e1cf19862153930822de4f31
0464b6125d6f9f3dc1dbe6ef7f1203ea4d60d28141fd98fef1e15004f265ec2e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1
060f9677f75d4c112d047845bc37b97041e9f0d5a77eaff13dfc3b7bc05d3723
064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0
06a67cc9ad753acc29fe18dcc67f6efa5ffe7757598a96ee8926635265b03574
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ab71492f7cc1dc2162de9ea155c87031cd2cabb10458119a78bfa349916d62
07ee8c3f28252288042536e599b3a794fd2750bd7b996f05b1300e36994fd9e1
0827a540ffd8faac9bc0bcdcb724fdb6e0a4fb3d073d46ff9a93ea105e1613ba
0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094
0bf6133aa8386cf54be44a1f354b700f2409be40b5b981469154cdf4e8ffa57e
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c0f6642ca827ff51cb2d295b316bd5afd79952321ff23ac9abf6becae6df3b7
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f06499f55264507d5f40f5142113a715043a52025b373c305f3a125343fb073
118673acafd713670902b5ee1e579e6ae63c1d2c1c548ebe63380b9c557a6dc2
1270a862b7759b86d679ce76254e22bcd758959c10543bd38d451a9ef6c38004
14f1dda13ace6c11613648fee7dfa6279f6bf2b2c0852b59b86219766e85ec39
185e8aab2e6aa96bfcbb3f85ef7a494292ece134f732456059033384927c6da1
18f9e6b96e326a7aa705c687fc8893c6b2df53acce477aefe2d0239d7b82fcb5
1d07b3b3f6352860caa9027c4510579c66544ac6d6cf503bf2d03cc6652dacc8
21856c91a409382f3b2eeec72e984ff71ffd7f3883c3f96c3b226793cf4db66e
22bbce02277f26562734141e60cc3726f01e623d4ea1fff35e9fc8c126c9b29c
2827309242926f6f8b9379dbd5a44cbb243b3adeb6274ceb1692264788173f6a
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
2ab2ee6c6698b57f2f3c79839a574a6808197ac57b7fbc6295b1be3ab8a4d279
2ba83576248901fd4ffd5bdde2833366330fc3cecc0434c66042712695337a2c
2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578
2cd97087328fa882aa0237107600dfb3bcb4d2eabe0d5089f1fb190d21743c0a
2e826d9af287405ebd0dfd43fbd58f3ee502970bb3590771dbef0440d216806b
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
305f81e515ab9c624b6b6d75f72f5da0630e5d2b3c8e11d14f552508e2cecc44
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
34cbd74d41de3452efb5ea8edc8efcf94e39284d538069df8bf2af4797cde544
369a895eed90d7206b42100169e782041d5461803a96448b84dacfc7df043867
3839b45c2234e9c32b4c3bd619bf2d57f8f261e75b286a2d915fa789c1981287
388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044
3b7f0353b5e7f4898ea13784cb8d09a1d07381cc6082588dfb50c3b69c7c9757
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb
41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254
41a16c21a72d97b0cc141145555336ba7715180c442f30f9190ada811d9dd375
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
430254089ebe22f9c97fa0b34b908cdadd7bafb464fece5425c0cc3fa7726c0d
431ade77132529e8336951761cf2a6dc3da4b99229c459e7ee41ebeb7ed3168b
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4791a3ec0c07289a7f51ca6f70d7b12d875746fae8c9ddb8a145b75134e7b1bf
4867e7003126335286b05bb20bc1195b9b1c9ecfb49a146dc166156fc55a667d
4b24555211c2b44bfc9d83befefeb792fb7af40988f8a5ac3483177f44bec544
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51984d5109122f7e506365f6c48884ebae1d299f977f67c05b3ba86ff3d0e9f8
523bc8b1f3b2950f9335e5e034975a91cb51c8a55c37f602485a4909c6bb7ea5
52756abd619702a4516f7824a8dd53ab998c36020ffd1c9ec91069e960354f3f
5599f5eb32f194248d98cdf410f1776bb7f706387deed6f028ded1e006854102
57f2a33d73e7e94767f1e25a58cc3d1808841458a93ac4b435b458ad18586867
586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab
5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454
5c0f26e958f6f7308842d061cc9c46c4e350ddf6f76151af42f1da570d45b3a3
5cfbe1d1b6f89830e67a0b09f213d0cb22ca3a1a8995aea9fa3006216cc146a0
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d2224ca29d8b6f9b56bff863843287704ffbbc80c9db432229b19e8c803054c
5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6163904265221074501da4b4117ada658c67d3010a441644ad8a9d56ad4c6345
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
61ca98b7cf1605903efe0b6d46e33e2a30fad4df3a99b637134a92f78fd986c6
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
64c0ea6138d6f71e2969d073ebbd96bb7ceb7eb3de536ed8450f27e32b5aba0f
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
6a9e70f1ba0fd44afd288e1afdca294c1fb2e2200a3f54601e43d574b26b7dca
6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862
71fd497e6c097314e1e11f413cf9d68fa62e7eaa7954405cd5d2e65a03ab303d
73f5c59e32e405fd7bb3d104ee914074eaac46f35f673aad31abe13076013f34
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
757e6a4961a3b3c31c3f65f4681e9522d4f81eb3a5055029c171ae4a26ae76d5
75b2fac03bbc05658beeb0baf6a3a6a8777ee657bde86ef5b15cecf7ebeb2d68
75c5dc9310997577b480f34212484bbc8025704db7c0fab2e98c23bf21382ad7
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78367dd3b9b481797be97f0a636fdf07acfd4a05f052bf1f51acf1eca6e3145c
7bf3d2bedb459534063a0d240a6947c60f3dfafc557b59d1da49f1a439bcbf0f
7ee9033ba8689aa7859945f54f2ffd1ef8da42cb41cdad4f1517db1b25e3e95c
80d0ab91122473a56997d9d1c98271852ec7ffb3ad0a8c0c3cc0c7020268c435
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81521a2a12208fb21d9c38a9f8c0b3cbb12b6c617d8ccfb946f131638e4ae70f
82b59f12c894f6e7a38213bb46b18ff8754219c80c70485f30445b916c0c1ba0
82cc27ebdaae2e3aeef095244fd93e5173c2d5d17a323772c7f9be324cf4d5f7
83ecce03f80b9c4b06b2f02d3481d9af1b9707ee9a8d9bbbd37cf40c75e0ab87
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702
864af8b07fd00259b4afdfc49035a2276e9d4bb4817a29bb9cf515807255186f
89f555437822d8ce86a52b409ce45cce077a2653f047f2b4c79ef52eb98a9ccd
8bdff539920d92f5c3a121467d4cf862df0c4068df2facb2d7ca29ecb4d7fe1b
8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79
8e597ab59c46f9b7eefacfbbc8c213b65f957ed4a5045034b0b6c8a97b56feef
9135fdb75e5459c7d3c878afb88824cfe8d4801fb378ddb09830aaabd5f8dc25
91b13322528116a01770e58684b5165aee3b6b2b21f877387074fce66f9aa8a6
92198135117fe1b0740d2e3b710d6f634379a74a7b0a8557152659636a08724c
92b7c67449378fb64e2ce47dd155d2863fffa76358a8612bed32d0f5dcf825d6
9710dab6bb3447842cba847209148bd89fb928f55865b045105fa3aefa4fb51f
999ef24fa00df5faa1987431dd09b928ff763f170e9b5f100a46ba4315fc2397
9bb40ae43cbe5d1afc97d82b113015a68de65891b6d5ea6902fda5cf3c26ce58
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c960de3d4662390366cefceb19a039c03c079da32e9623668470bf16879aa3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1bc519de7aeb90c4d8dc7c8dfe2e3d4db4c2447844bc3d57a62eccefcee6987
a23425925f24f35a94cde3e8e7664fd092258cfda4f60c0e3ea14d0fbbb93c38
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ee12b1a5d8bb3acf687521fddb303860ccfcf298d44ade935166db8b4868df
a5685eccf0e32f2c9569081bce0bc3222fa3ce9c063ea99b333bd2bd75611ebb
a6ef3e56b3522649c6ca0c9222571690844385d9dda63d9d020382751339cc57
a7b7c9e4837ac992f5c545f832ddb532ef64436f7a0f2c5ef47ee57f298e0f88
a9b75f73eb1f6d3b89fa74ddb59dea1134436331957f11f8b312cb578a3e42c9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b5487965f8ad73deb95b8c75fccf0aa9e42515da23be90cd1f3f91715e6ad
ab102ff825ad3d810e1acd3ae9377ffdb8af397890f33b3fb2df1eef5dbe8804
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b066411fa8c7e8b54b9104aef3713a41c92d831633b7535fe437c70386789a99
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36d1f37d32f378aac86f30e5ba1994445779a7bfc31726f88e794a0cba83e28
b444e20f091694f3bb6c3116936cf6eb2a4201d1af3fcf6e09823ac03ba0b9e2
b468571983721e0e8522a0901f4a702584ec47df334a48ffc191617d1f3e21b1
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd
b63be8c8283c678f2ad29079a56fafc0a8fcf6dc735686617ab05a75bed8a783
ba8bbfe110629e3df60cffbcd75d2ea7627f5f6e13ef3ba0354221cab7b8e097
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bbc37a2be881006b66a7045a29d441ee695c45c7c6f70db129b16738afff45da
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34
c192ec382ada1d39cfeddad960ff5054658703f0c0f03d2ce708b98844c13390
c664bd4b6cf1dba327178e01b9d42668cace42a35112dbc5d8651f277f6027cf
ca5302f20a69cb2fe08a2429cf7268a2d5152d49608b0a954646553c70fd8afd
cb45be15a19e87505b82735f88234a6543c1706e202d73fb43d1c011374cc463
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3
d57d271f5ac0dc5213615fc5e63460e7a37c52d6d39b498a49adb08a1414e6a3
d696b1c7d3a849147466eaa17a7423455f801192e2c3f92c29fa031e38d000a6
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d82439f1cc267511ad24334015165ee5a382a7e6ba8164d6de02404664be324a
d851d84e101ca32d51ff937ef2bcafd53e9f83b53694c73c7d3eb3031357b27d
d9505badaa1ef09e2237fa9094f474577f02ad805f5143afa078733f2ebfc9b8
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
d9d998e89b1bf011b876875d1b145c3b59d426e4cf620c2ad8d728def13391f8
db7441741bf568b12ca703882c58b6d0a05841defeca77fdbce0c21977a75c0a
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
dd8d6f6954d7d4048c8d2c3bfe60c9e22b91e59a95861873e7d0dd620b96281f
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e5d2f393a2965a96b71af46573ff7a2cb935b1ba0f2f16366d02c1ef428dea91
e6f4e26e069e4c26d633463a9876b8ead09cf4b8084f3f74ae6a4834ac5ac4dd
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309
eca31951a56e14c45ea30f97def4d6c588c087ddbd64acc8804a1180c0befbb4
ecd12fde65d51bd3c13094ebdb5f4570ca6a1ea6eeea58afca96c52634a5e059
ee4bf8f0d6bc02cb36fa7e98ef438cd3a33c74212e2171188feb895a0ee3c524
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22e3229c1ef7cd156f0914fba15d711eae0b9ff778b605b513deb28a90fc0ba
f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0
f883ac1ff4bb4a60ccf481ff2f9231b07dcb0bb82c64b8c6f96f5b91e152da9c
fbe31b083e694e72260d9bbda5bd86a472eadb20cc3660b34536fa1db3027263
fd137326b89532fdf83d7c325094afadf197beca5fb6e3a1db3ac8ef291a626f

www.newsobserver.com Open in urlscan Pro 104.111.236.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

232 Requests

99 %HTTPS

32 %IPv6

70 Domains

113 Subdomains

92 IPs

11 Countries

3367 kBTransfer

9847 kBSize

68 Cookies

62 Outgoing links

Page URL History

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newsobserver.com Open in urlscan Pro
104.111.236.243 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

99 %
HTTPS

32 %
IPv6

70
Domains

113
Subdomains

92
IPs

11
Countries

3367 kB
Transfer

9847 kB
Size

68
Cookies

232 HTTP transactions
3 data transactions