URL: https://observer.com/2018/07/
Submission: On June 06 via api from CH

Summary

This website contacted 41 IPs in 8 countries across 39 domains to perform 107 HTTP transactions. The main IP is 192.0.79.33, located in San Francisco, United States and belongs to AUTOMATTIC - Automattic, Inc, US. The main domain is observer.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 25th 2019. Valid for: 3 months.
This is the only time observer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 192.0.79.33 2635 (AUTOMATTIC)
1 192.0.78.18 2635 (AUTOMATTIC)
13 192.0.77.32 2635 (AUTOMATTIC)
1 104.111.215.236 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2.18.232.15 16625 (AKAMAI-AS)
3 13.35.254.145 16509 (AMAZON-02)
1 7 2a00:1450:400... 15169 (GOOGLE)
4 192.0.76.3 2635 (AUTOMATTIC)
2 5 172.217.22.66 15169 (GOOGLE)
4 52.19.153.98 16509 (AMAZON-02)
3 99.86.1.198 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.111.215.135 16625 (AKAMAI-AS)
1 213.19.162.41 26667 (RUBICONPR...)
1 173.241.240.220 36089 (OPENX-AS1)
1 178.162.133.150 60781 (LEASEWEB-...)
2 35.203.66.107 15169 (GOOGLE)
1 185.33.223.216 29990 (ASN-APPNEXUS)
12 104.109.64.186 20940 (AKAMAI-ASN1)
1 13.35.253.13 16509 (AMAZON-02)
1 91.228.74.231 27281 (QUANTCAST)
2 104.111.214.206 16625 (AKAMAI-AS)
6 151.139.128.10 20446 (HIGHWINDS3)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 3 23.43.115.95 20940 (AKAMAI-ASN1)
1 23.96.112.53 8075 (MICROSOFT...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 2a00:1450:400... 15169 (GOOGLE)
3 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 35.190.59.101 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2600:9000:200... 16509 (AMAZON-02)
1 91.228.74.235 27281 (QUANTCAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.190.40.172 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
3 3 54.171.6.140 16509 (AMAZON-02)
2 2 147.75.102.200 54825 (PACKET)
2 54.247.84.76 16509 (AMAZON-02)
2 2 34.250.10.37 16509 (AMAZON-02)
1 2600:9000:200... 16509 (AMAZON-02)
1 162.208.117.11 11403 (NYINTERNET)
1 34.205.213.1 14618 (AMAZON-AES)
2 3 173.241.240.143 36089 (OPENX-AS1)
107 41
Apex Domain
Subdomains
Transfer
17 wp.com
s0.wp.com
s2.wp.com
stats.wp.com
pixel.wp.com
229 KB
15 skimresources.com
s.skimresources.com
p.skimresources.com
r.skimresources.com
t.skimresources.com
x.skimresources.com
32 KB
12 typekit.net
use.typekit.net
p.typekit.net
345 KB
8 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
81 KB
7 google-analytics.com
www.google-analytics.com
39 KB
5 justuno.com
cdn.justuno.com
my.justuno.com
analytics.justuno.com
59 KB
4 adroll.com
s.adroll.com
d.adroll.com
29 KB
4 openx.net
observermedia-d.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
4 postrelease.com
jadserve.postrelease.com
2 KB
4 google.de
adservice.google.de
www.google.de
508 B
3 google.com
www.google.com
572 B
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 facebook.net
connect.facebook.net
78 KB
3 amazon-adsystem.com
c.amazon-adsystem.com
23 KB
3 cloudfront.net
dc8xl0ndzn2cb.cloudfront.net
3 addthis.com
s7.addthis.com
209 KB
3 observer.com
observer.com
78 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 exelator.com
loadeu.exelator.com
1 KB
2 facebook.com
www.facebook.com
527 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
6 KB
2 districtm.io
dmx.districtm.io
522 B
1 chartbeat.net
ping.chartbeat.net
168 B
1 sailthru.com
horizon.sailthru.com
274 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 consensu.org
api.skimlinks.mgr.consensu.org
635 B
1 googlesyndication.com
tpc.googlesyndication.com
1 quantcount.com
rules.quantcount.com
339 B
1 pressboard.ca
adserver.pressboard.ca
500 B
1 addthisedge.com
m.addthisedge.com
2 KB
1 sail-horizon.com
ak.sail-horizon.com
4 KB
1 adnxs.com
ib.adnxs.com
1 KB
1 sonobi.com
apex.go.sonobi.com
689 B
1 rubiconproject.com
fastlane.rubiconproject.com
2 KB
1 casalemedia.com
as-sec.casalemedia.com
901 B
1 googletagmanager.com
www.googletagmanager.com
33 KB
1 googletagservices.com
www.googletagservices.com
10 KB
1 ntv.io
s.ntv.io
78 KB
1 wordpress.com
r-login.wordpress.com
67 B
107 39
Domain Requested by
11 use.typekit.net observer.com
use.typekit.net
8 s0.wp.com observer.com
securepubads.g.doubleclick.net
7 www.google-analytics.com 1 redirects observer.com
www.google-analytics.com
5 s2.wp.com observer.com
4 r.skimresources.com 1 redirects observer.com
s.skimresources.com
4 p.skimresources.com observer.com
4 jadserve.postrelease.com s.ntv.io
observer.com
3 x.skimresources.com 3 redirects
3 pixel.wp.com observer.com
3 www.google.de observer.com
3 www.google.com 3 redirects
3 stats.g.doubleclick.net 3 redirects
3 sb.scorecardresearch.com 1 redirects observer.com
3 connect.facebook.net observer.com
connect.facebook.net
3 c.amazon-adsystem.com s2.wp.com
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 dc8xl0ndzn2cb.cloudfront.net observer.com
3 s7.addthis.com observer.com
s7.addthis.com
3 observer.com 1 redirects s2.wp.com
2 cm.g.doubleclick.net 2 redirects
2 eu-u.openx.net 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 d.adroll.com s.adroll.com
observer.com
2 loadeu.exelator.com 2 redirects
2 t.skimresources.com s.skimresources.com
2 www.facebook.com observer.com
2 my.justuno.com cdn.justuno.com
s2.wp.com
2 cdn.justuno.com observer.com
cdn.justuno.com
2 s.skimresources.com www.googletagmanager.com
s.skimresources.com
2 s.adroll.com www.googletagmanager.com
s.adroll.com
2 dmx.districtm.io s2.wp.com
observer.com
1 us-u.openx.net
1 ping.chartbeat.net
1 horizon.sailthru.com
1 static.chartbeat.com observer.com
1 api.skimlinks.mgr.consensu.org s.skimresources.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com observer.com
1 rules.quantcount.com secure.quantserve.com
1 p.typekit.net observer.com
1 analytics.justuno.com s2.wp.com
1 adserver.pressboard.ca observer.com
1 secure.quantserve.com www.googletagmanager.com
1 m.addthisedge.com s7.addthis.com
1 ak.sail-horizon.com observer.com
1 ib.adnxs.com s2.wp.com
1 apex.go.sonobi.com s2.wp.com
1 observermedia-d.openx.net s2.wp.com
1 fastlane.rubiconproject.com s2.wp.com
1 as-sec.casalemedia.com s2.wp.com
1 www.googletagmanager.com observer.com
1 adservice.google.de www.googletagservices.com
1 stats.wp.com observer.com
1 www.googletagservices.com observer.com
1 s.ntv.io observer.com
1 r-login.wordpress.com observer.com
107 56
Subject Issuer Validity Valid
observer.com
Let's Encrypt Authority X3
2019-05-25 -
2019-08-23
3 months crt.sh
*.wordpress.com
COMODO RSA Domain Validation Secure Server CA
2018-09-06 -
2020-09-05
2 years crt.sh
*.wp.com
Go Daddy Secure Certificate Authority - G2
2018-04-10 -
2020-05-11
2 years crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA
2018-06-12 -
2019-12-11
a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-05-14 -
2019-08-06
3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2019-06-06 -
2020-09-04
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2018-10-08 -
2019-10-09
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-05-14 -
2019-08-06
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh
*.postrelease.com
Amazon
2019-05-15 -
2020-06-15
a year crt.sh
c.amazon-adsystem.com
Amazon
2018-12-18 -
2019-11-21
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2019-05-08 -
2020-03-09
10 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.openx.net
DigiCert ECC Secure Server CA
2019-02-08 -
2020-05-12
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2019-02-01 -
2021-02-04
2 years crt.sh
dmx.districtm.io
Let's Encrypt Authority X3
2019-06-05 -
2019-09-03
3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2018-07-20 -
2020-01-03
a year crt.sh
ak.sail-horizon.com
Amazon
2019-03-06 -
2020-04-06
a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2018-10-16 -
2019-10-21
a year crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA
2018-12-19 -
2020-03-19
a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA
2018-09-13 -
2020-10-07
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-04-22 -
2019-07-21
3 months crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA
2018-11-28 -
2019-12-26
a year crt.sh
*.pressboard.ca
Go Daddy Secure Certificate Authority - G2
2019-03-17 -
2020-03-17
a year crt.sh
justuno.com
CloudFlare Inc ECC CA-2
2019-04-16 -
2020-04-16
a year crt.sh
www.google.de
Google Internet Authority G3
2019-05-14 -
2019-08-06
3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3
2019-05-14 -
2019-08-06
3 months crt.sh
api.skimlinks.mgr.consensu.org
DigiCert SHA2 Secure Server CA
2018-08-15 -
2019-10-23
a year crt.sh
*.chartbeat.com
Gandi Standard SSL CA 2
2019-04-10 -
2020-04-10
a year crt.sh
*.sailthru.com
Gandi Standard SSL CA 2
2017-09-13 -
2019-09-20
2 years crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2018-12-20 -
2020-01-01
a year crt.sh

This page contains 2 frames:

Primary Page: https://observer.com/2018/07/
Frame ID: B2D07A1C6F65A5651F9DE07954654524
Requests: 105 HTTP requests in this frame

Frame: https://p.skimresources.com/?provider_id=627234f536309d9c793806cf73cca813&skim_mapping=true
Frame ID: F6260189AF7343B8182B95FB67AF6166
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://observer.com/2018/07 HTTP 301
    https://observer.com/2018/07/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i

Overall confidence: 100%
Detected patterns
  • env /pbjs/i
  • env /PREBID_TIMEOUT/i

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
  • env /^adroll_/i

Overall confidence: 100%
Detected patterns
  • env /^addthis/i

Overall confidence: 100%
Detected patterns
  • env /^_sf_(?:endpt|async_config)$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • env /^Hammer$/i

Overall confidence: 100%
Detected patterns
  • env /^quantserve$/i

Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i

Overall confidence: 100%
Detected patterns
  • env /^Typekit$/i

Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • env /^_?COMSCORE$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i

Page Statistics

107
Requests

100 %
HTTPS

26 %
IPv6

39
Domains

56
Subdomains

41
IPs

8
Countries

1358 kB
Transfer

3958 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://observer.com/2018/07 HTTP 301
    https://observer.com/2018/07/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1600511788&t=event&ni=1&_s=1&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&ul=en-us&de=UTF-8&dt=July%20%7C%202018%20%7C%20Observer&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Reading&ea=July%20%7C%202018%20%7C%20Observer&el=Baseline&ev=1&_u=aGDAAEADQ~&jid=1606453233&gjid=1995108311&cid=1086568790.1559842318&tid=UA-1212249-1&_gid=154628912.1559842318&_r=1&gtm=2wg5t25BPNP6&cd4=regular&z=815352844 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1606453233&_gid=154628912.1559842318&gjid=1995108311&_v=j76&z=815352844 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1606453233&_v=j76&z=815352844 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1606453233&_v=j76&z=815352844&slf_rd=1&random=330971300
Request Chain 54
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1126890875&uid=1086568790.1559842318&gjid=885609999&_gid=154628912.1559842318&_u=aGDAgUAjQ~&z=876163195 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1126890875&_v=j76&z=876163195 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1126890875&_v=j76&z=876163195&slf_rd=1&random=2295325107
Request Chain 59
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01DCPXHT908M0MSPE2AV1Y9DJX&persistence=1&checksum=6dfa09f6242b204e5ed06c0a77cf0a55cac0d1b40779b3157277736879afb0ca
Request Chain 90
  • https://x.skimresources.com/?provider=exelate HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0& HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1 HTTP 302
  • https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=627234f536309d9c793806cf73cca813 HTTP 302
  • https://p.skimresources.com/?provider_id=627234f536309d9c793806cf73cca813&skim_mapping=true
Request Chain 93
  • https://sb.scorecardresearch.com/b?c1=2&c2=13507040&ns__t=1559842321049&ns_c=UTF-8&cv=3.1&c8=July%20%7C%202018%20%7C%20Observer&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=13507040&ns__t=1559842321049&ns_c=UTF-8&cv=3.1&c8=July%20%7C%202018%20%7C%20Observer&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&c9=
Request Chain 95
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=e6f4eaebb9e9b66407e5b794e7fe27f6 HTTP 302
  • https://p.skimresources.com/?provider_id=e6f4eaebb9e9b66407e5b794e7fe27f6&skim_mapping=true
Request Chain 103
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-1212249-1&cid=1086568790.1559842318&jid=313782995&uid=1086568790.1559842318&gjid=766659107&_gid=154628912.1559842318&_u=aGjAgUAjQ~&z=911063570 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=313782995&_v=j76&z=911063570 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=313782995&_v=j76&z=911063570&slf_rd=1&random=1420402244
Request Chain 105
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=5f830632-abb5-4969-8c63-eb4c59d0ab59&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=5f830632-abb5-4969-8c63-eb4c59d0ab59&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKtehlGd9Ej7xmUpCT2rBw8&google_cver=1

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
observer.com/2018/07/
Redirect Chain
  • https://observer.com/2018/07
  • https://observer.com/2018/07/
326 KB
70 KB
Document
General
Full URL
https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9ac4113ec7495f2d89bdc82202aa9bcf6546493766810858655c94b02d9cba47
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

:method
GET
:authority
observer.com
:scheme
https
:path
/2018/07/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 06 Jun 2019 17:31:57 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=86400
vary
Accept-Encoding Cookie
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
last-modified
Thu, 06 Jun 2019 17:31:54 GMT
cache-control
max-age=300, must-revalidate
x-nananana
Batcache
content-encoding
gzip
x-ac
4.ams _dfw

Redirect headers

status
301
server
nginx
date
Thu, 06 Jun 2019 17:31:53 GMT
content-type
text/html; charset=UTF-8
location
https://observer.com/2018/07/
strict-transport-security
max-age=86400
vary
Cookie
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
x-redirect-by
WordPress
x-ac
4.ams _dfw
remote-login.php
r-login.wordpress.com/
0
67 B
Script
General
Full URL
https://r-login.wordpress.com/remote-login.php?action=js&host=observer.com&id=35584880&t=1559842314&back=https%3A%2F%2Fobserver.com%2F2018%2F07%2F
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.18 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 06 Jun 2019 17:31:57 GMT
server
nginx
content-length
0
vary
Cookie
content-type
text/javascript
/
s0.wp.com/_static/
238 KB
52 KB
Stylesheet
General
Full URL
https://s0.wp.com/_static/??-eJytUttuwyAM/aFR2q6dtodp3wLEJW7NRRia5e9HiNrdukib9hJscy42sRyiMMFn8Fm6IiIVi57lEE1wgh0SjF+ylWG+k7dphCdgeYQclTmJll3h6A2Vrl7XguyQs9QUGkonlUbJeSRYOfRLBiYkqHUXVZ4QDjpUQOAqbInm4sOFNYV97W5xjnlgrWMCZlG/DosTua9G33lzWZ4xSg/DGNIpaIZ0hiS2681OKmbI89jXi9b4zWF/oXYG34UkDwSvTNhB+i/BiUkU/iR3eULlorAhWAKRlRVOeWUhyVg0oWlutxFiRiz5XixYIeU+laY2YGchr7hoNgk1zAIofchYNfgaLP13C0HUpVQZg/+UiAMpTEvUBHWdbQ1ta+c9/WmSfictBa3oz0/clkiYVI/cTD8WJtUX97zZ75/2j9v1/fb4Bqq2d7I=?cssminify=yes
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c54ebe8869312644ac7f8a9892fe913900cf8a2dca23b5f4ba42b01561c5baed

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2019 15:01:12 GMT
server
nginx
etag
W/"5cf687b8-3b791"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Wed, 03 Jun 2020 15:01:35 GMT
/
s2.wp.com/_static/
155 KB
49 KB
Script
General
Full URL
https://s2.wp.com/_static/??-eJyFztEKwjAMBdAfsisyOnwRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFLNshhqhcQG9vdK5THO7ooO/sLGMKxeIWOkD84JFZgXW1OogQifoSNltIZJzBVoDTA2mauacN9v4Q8Iyx/WQTNPtxMAcHnun6i4965Q++GwfXxBTkPW9k=
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
3f95e6fba905257465a4f7dfedfc6500b80606e1696340a3d1fcec3678c22f74

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
last-modified
Mon, 20 May 2019 12:51:00 GMT
server
nginx
etag
W/"5ce2a2b4-26c21"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Tue, 19 May 2020 12:51:03 GMT
load.js
s.ntv.io/serve/
269 KB
78 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js?ver=1.0.0
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.236 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-215-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
17ddbd20dbb97ae3b02377b57dad4688d0d2add5eac2e801480cd9d796d3f67a

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 06 Jun 2019 17:31:57 GMT
Content-Encoding
gzip
x-amz-request-id
7F7DFFED88111A02
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
3Q64MvumJFjj/+l5hEApi1YjnbNKdAlp03oIEhIvPNBRklOJRyvhJXoBQgXkAzsmkZ5yualuqXY=
Last-Modified
Thu, 06 Jun 2019 00:49:58 GMT
Server
AmazonS3
ETag
"54b1ebb5a9250d9fa132319eef776f13"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
app.min.js
s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/assets/js/
6 KB
2 KB
Script
General
Full URL
https://s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/assets/js/app.min.js?m=1538412791h
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a52a4d4a685c0413f39b1ea0130b65f638f1d8fff040ae1275e81706f753a97a

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
server
nginx
etag
W/"5bb28ec3-1639"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Nov 2019 08:31:10 GMT
gpt.js
www.googletagservices.com/tag/js/
31 KB
10 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js?ver=1.1.0
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
42c3e0a792b572eacc9011d5ece727e2b8a0439d96ddba9e20a44d2576630a6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"188 / 398 of 1000 / last-modified: 1559837247"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10463
x-xss-protection
0
expires
Thu, 06 Jun 2019 17:31:57 GMT
/
s2.wp.com/_static/
169 KB
54 KB
Script
General
Full URL
https://s2.wp.com/_static/??-eJylzEEOgjAQBdALSYdWG3BhPEuRn0BJZ5qZBqKnhzu4f3l01O4j3MCN2oICo32txDi+optMBt2hXej9g5IZmlG+CHgWpaqY1jk4P7jeZbvRP1kq6Sd8Ne/y8jE+4xjuo88nqUM5UQ==
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6f3959f6136f3e6a3e2828d6cf45c5eebcf3642fd501122ddcfa94500675ac89

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2019 15:01:12 GMT
server
nginx
etag
W/"5cf687b8-2a57e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Wed, 03 Jun 2020 15:01:31 GMT
addthis_widget.js
s7.addthis.com/js/300/
344 KB
110 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js?ver=1
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d577d94f1675029cbc48a4a7e98f03942874723d30c7a8c6263e19a7b5d3329

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
surrogate-key
client_dist
last-modified
Tue, 21 May 2019 18:21:08 GMT
etag
"5ce44194-561fe"
vary
Accept-Encoding
x-distribution
99
cache-tag
client_dist
status
200
cache-control
public, max-age=600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-type
application/javascript
keywee.min.js
dc8xl0ndzn2cb.cloudfront.net/js/observercom/v0/
0
0
Script
General
Full URL
https://dc8xl0ndzn2cb.cloudfront.net/js/observercom/v0/keywee.min.js?ver=1.0
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.145 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-145.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

/
s0.wp.com/_static/
3 KB
2 KB
Script
General
Full URL
https://s0.wp.com/_static/??-eJx9jssOgjAQRX/IMpaA0YXxW1qYlMG+0plC+HtfcYfuzz3nwprVkKJgFJAJAzIslCHiuqVyT5axLFhUe9QdZF8dRQYTsnIpOY9KjFPBROOwQK7W0wDzL0B9gGbmA+xXvwE25GUq9eVaaXQoDVfLQyGLf+a7pw0zCr9fjdwEik/BLVx13+nTpW/1eX4AUrNfJw==
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
fe9bdb7e292ee2f3898335a25041d48fd5ec875fedeef4bcb3ffa3dd4cfefa8c

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
last-modified
Thu, 08 Nov 2018 17:26:58 GMT
server
nginx
etag
W/"5be471e2-cc5"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Nov 2019 08:31:10 GMT
/
s2.wp.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://s2.wp.com/?custom-css=1&csblog=2pjfG&cscache=6&csrev=136
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
3371ddae6ac2308fa1e620e55aa5a490735185dfb754f21ffac2da56cc7224ad

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
expires
Fri, 22 Nov 2019 08:35:57 GMT
x-ac
4.fra _dfw
x-nc
HIT fra 32
observer-logo-2015.png
s2.wp.com/wp-content/themes/vip/newyorkobserver-2014/images/
3 KB
3 KB
Image
General
Full URL
https://s2.wp.com/wp-content/themes/vip/newyorkobserver-2014/images/observer-logo-2015.png
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f27611a8ca70895cf25af274f105a26d8683e40bdd627e7e3c729cdefa47094a

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
x-ac
4.fra _dfw
last-modified
Sat, 31 Dec 2016 05:34:58 GMT
server
nginx
etag
"58674382-bbe"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3006
expires
Fri, 22 Nov 2019 08:33:35 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
2690
date
Thu, 06 Jun 2019 16:47:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Thu, 06 Jun 2019 18:47:07 GMT
wp-emoji-release.min.js
s0.wp.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1556893897h&ver=5.2.2-alpha-45379
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
server
nginx
etag
W/"5ccc50eb-3610"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Wed, 27 May 2020 14:13:05 GMT
/
s2.wp.com/_static/
156 KB
48 KB
Script
General
Full URL
https://s2.wp.com/_static/??-eJytk9tOxCAURX9Ihrk++GD8FEPhYE+5yoFO+/fSycQ0xhoV37hsFntvAr9GJoPP4DMfiCsYUUKcdgM98NWWKyza8oqeuEUDxN8KFOiFVxbSZ3HuwVXJiJF7uM4hmdARpBESO+4PZy6IINNyXQ82QqKdQ/93yFC9pPlFxAgitaFuyjaEUI1xyGBkFr1hOshCTOO0BqKXtihYJecFOWgNMv9Ux8iiasw5glch3dG7XjhXNbpY+59YbWG6eW181zuVMkoza2w1ifVAEjJj8FuVF19NkwwJthSdkKYLfnNfRGQJag+0+a51WlWtWTR6zMBIpvB1MavPf2QLcriRmfDCzrVS+uaAUBXIOpG4E1RbqyMWqo2ES4aPtV8Scm3fLNc+u6fD5bI/nh9Pp8vwDn5hyNk=
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a4b29ac286547c0674a7c2fb0ae92bd83f0dabae0555b2fe5adb7d80305bf506

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
last-modified
Fri, 15 Feb 2019 16:51:46 GMT
server
nginx
etag
W/"5c66ee22-26ebf"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Sat, 15 Feb 2020 17:14:44 GMT
w.js
stats.wp.com/
13 KB
4 KB
Script
General
Full URL
https://stats.wp.com/w.js?60
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
050c2ca74a4941fedd88349d977d960b8ab384ebb83a3c9e4b233160476ee8f1

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
server
nginx
etag
W/"5cb5925e-4f31"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
expires
Wed, 15 Apr 2020 08:43:53 GMT
js
www.google-analytics.com/gtm/
54 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NXSTMDF&cid=1086568790.1559842318
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
0db992f97b98b4d13265f5eae3e0f6b94812561e2a266fe230b7f2ba7db3d1f7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
20762
x-xss-protection
0
expires
Thu, 06 Jun 2019 17:31:57 GMT
pubads_impl_2019053001.js
securepubads.g.doubleclick.net/gpt/
148 KB
54 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?ver=1.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
8bd06a157f6234495a2a93e0ad4166ebe82bf9d69a20831eadd196aad3f152b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 May 2019 13:05:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55383
x-xss-protection
0
expires
Thu, 06 Jun 2019 17:31:57 GMT
integrator.sync.js
adservice.google.de/adsid/
113 B
179 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=observer.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?ver=1.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
108
x-xss-protection
0
t
jadserve.postrelease.com/
1 KB
971 B
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fobserver.com%2F2018%2F07%2F
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.153.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
61574ce484f5c994a3fe99ab37455ea9e3816fc359d9262faa89d6a698d70b5e

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
server
nginx/1.12.1
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
572
expires
Mon, 1 Jan 1990 12:00:00 GMT
keywee.min.js
dc8xl0ndzn2cb.cloudfront.net/js/observercom/v0/
0
0
Script
General
Full URL
https://dc8xl0ndzn2cb.cloudfront.net/js/observercom/v0/keywee.min.js?ver=1.0
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.145 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-145.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

apstag.js
c.amazon-adsystem.com/aax2/
68 KB
20 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJylzEEOgjAQBdALSYdWG3BhPEuRn0BJZ5qZBqKnhzu4f3l01O4j3MCN2oICo32txDi+optMBt2hXej9g5IZmlG+CHgWpaqY1jk4P7jeZbvRP1kq6Sd8Ne/y8jE+4xjuo88nqUM5UQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
Server /
Resource Hash
2bcbed8ade63c6e0da313465ab20b2e2e5e5e020609551b4916431d121f46c5f

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 18:13:15 GMT
content-encoding
gzip
server
Server
age
83922
etag
fd23b0793c72e73c94f81e99274c36bd
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
OT1xngD49IgNb5uHK60kPauJGgZn0cK2fSworkV1XK3PcWbhTQSnHA==
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
keywee.min.js
dc8xl0ndzn2cb.cloudfront.net/js/observercom/v0/
0
0
Script
General
Full URL
https://dc8xl0ndzn2cb.cloudfront.net/js/observercom/v0/keywee.min.js?ver=1.0
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.145 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-145.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

gtm.js
www.googletagmanager.com/
132 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
fcf68a9e66e8b3154ab7d6f7737ba3b36622e181a9eae40031ad2a0099f3142c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
34146
x-xss-protection
0
expires
Thu, 06 Jun 2019 17:31:57 GMT
cygnus
as-sec.casalemedia.com/
24 B
901 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=200436&v=7.2&r=%7B%22id%22%3A%221ec6ddaac0b3f9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22213c22449eae0f%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A200436%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%22323ace7b806cd1%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A200436%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%2241a3fa254a2f33%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A200436%2C%22sid%22%3A%22728x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fobserver.com%2F2018%2F07%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJylzEEOgjAQBdALSYdWG3BhPEuRn0BJZ5qZBqKnhzu4f3l01O4j3MCN2oICo32txDi+optMBt2hXej9g5IZmlG+CHgWpaqY1jk4P7jeZbvRP1kq6Sd8Ne/y8jE+4xjuo88nqUM5UQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
93c8ec8639ebd563c1c3339822a0942ffc734b169937011702ecde64f89e8f37

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2019 17:31:59 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://observer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Thu, 06 Jun 2019 17:31:59 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
257 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15076&site_id=89452&zone_id=421158&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&tk_flint=pbjs_lite_v2.17.0&x_source.tid=ac251fb3-b1c4-4714-af0b-4840e35de31a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.05564379173928091
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJylzEEOgjAQBdALSYdWG3BhPEuRn0BJZ5qZBqKnhzu4f3l01O4j3MCN2oICo32txDi+optMBt2hXej9g5IZmlG+CHgWpaqY1jk4P7jeZbvRP1kq6Sd8Ne/y8jE+4xjuo88nqUM5UQ==
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
39feac0d94cfc062ba99e8acd98368cc19fc3437b519a5ea492c6da383f3da9a

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2019 17:31:57 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://observer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=9
Content-Length
257
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
observermedia-d.openx.net/w/1.0/
174 B
661 B
XHR
General
Full URL
https://observermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=ac251fb3-b1c4-4714-af0b-4840e35de31a&nocache=1559842317790&aus=728x90%2C970x66%2C970x90%2C970x250&divIds=div-gpt-ad-771860824845458250-1&auid=539233064&
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJylzEEOgjAQBdALSYdWG3BhPEuRn0BJZ5qZBqKnhzu4f3l01O4j3MCN2oICo32txDi+optMBt2hXej9g5IZmlG+CHgWpaqY1jk4P7jeZbvRP1kq6Sd8Ne/y8jE+4xjuo88nqUM5UQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
89960e4cbacfe11953e693a2fd095120ec15d5cac72ef649a656b5ed6c7e4501

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
gzip
server
OXGW/16.146.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://observer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/
85 B
689 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F1008049%2Fobserver_leaderboard_top%7C10e172c8d1580be%22%3A%22728x90%2C970x66%2C970x90%2C970x250%22%7D&ref=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&s=fb05d544-32d2-46db-b915-3632a1465d83&pv=eceb8963-90de-48fb-a157-4fb8ad9f898c&vp=desktop&lib_name=prebid&lib_v=2.17.0&us=5&ius=0&
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJylzEEOgjAQBdALSYdWG3BhPEuRn0BJZ5qZBqKnhzu4f3l01O4j3MCN2oICo32txDi+optMBt2hXej9g5IZmlG+CHgWpaqY1jk4P7jeZbvRP1kq6Sd8Ne/y8jE+4xjuo88nqUM5UQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
6f6c97f202cd914c0e075b15edb68f7d98b6dbc49e2a1965b723a2c25424ed63
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2019 17:31:57 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://observer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
105
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/
0
272 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJylzEEOgjAQBdALSYdWG3BhPEuRn0BJZ5qZBqKnhzu4f3l01O4j3MCN2oICo32txDi+optMBt2hXej9g5IZmlG+CHgWpaqY1jk4P7jeZbvRP1kq6Sd8Ne/y8jE+4xjuo88nqUM5UQ==
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.203.66.107 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
107.66.203.35.bc.googleusercontent.com
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://observer.com
Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx/1.13.12
access-control-allow-origin
https://observer.com
vary
origin
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJylzEEOgjAQBdALSYdWG3BhPEuRn0BJZ5qZBqKnhzu4f3l01O4j3MCN2oICo32txDi+optMBt2hXej9g5IZmlG+CHgWpaqY1jk4P7jeZbvRP1kq6Sd8Ne/y8jE+4xjuo88nqUM5UQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.216 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
83b7697b9838f9bd2456a63b6b0c49ef2bfe61687b8f79408a31443b542a8f8d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2019 17:31:59 GMT
X-Proxy-Origin
83.97.23.27; 83.97.23.27; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid
a0aa2f5a-1164-4182-9e5d-fcb3a89cfbd2
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://observer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
aje3scp.js
use.typekit.net/
21 KB
8 KB
Script
General
Full URL
https://use.typekit.net/aje3scp.js
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e8ecac0d9588460760098de931844572de4b73b8033bdd76340f3f9701b05500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Thu, 06 Jun 2019 17:31:58 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
7681
search-ffffff.svg
s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/images/
2 KB
1 KB
Image
General
Full URL
https://s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/images/search-ffffff.svg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87

Request headers

Referer
https://s0.wp.com/_static/??-eJytUttuwyAM/aFR2q6dtodp3wLEJW7NRRia5e9HiNrdukib9hJscy42sRyiMMFn8Fm6IiIVi57lEE1wgh0SjF+ylWG+k7dphCdgeYQclTmJll3h6A2Vrl7XguyQs9QUGkonlUbJeSRYOfRLBiYkqHUXVZ4QDjpUQOAqbInm4sOFNYV97W5xjnlgrWMCZlG/DosTua9G33lzWZ4xSg/DGNIpaIZ0hiS2681OKmbI89jXi9b4zWF/oXYG34UkDwSvTNhB+i/BiUkU/iR3eULlorAhWAKRlRVOeWUhyVg0oWlutxFiRiz5XixYIeU+laY2YGchr7hoNgk1zAIofchYNfgaLP13C0HUpVQZg/+UiAMpTEvUBHWdbQ1ta+c9/WmSfictBa3oz0/clkiYVI/cTD8WJtUX97zZ75/2j9v1/fb4Bqq2d7I=?cssminify=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
last-modified
Sat, 31 Dec 2016 05:34:58 GMT
server
nginx
access-control-allow-origin
*
etag
W/"58674382-960"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Nov 2019 08:34:11 GMT
observer-logo-white-2015.png
s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/images/
3 KB
3 KB
Image
General
Full URL
https://s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/images/observer-logo-white-2015.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0

Request headers

Referer
https://s0.wp.com/_static/??-eJytUttuwyAM/aFR2q6dtodp3wLEJW7NRRia5e9HiNrdukib9hJscy42sRyiMMFn8Fm6IiIVi57lEE1wgh0SjF+ylWG+k7dphCdgeYQclTmJll3h6A2Vrl7XguyQs9QUGkonlUbJeSRYOfRLBiYkqHUXVZ4QDjpUQOAqbInm4sOFNYV97W5xjnlgrWMCZlG/DosTua9G33lzWZ4xSg/DGNIpaIZ0hiS2681OKmbI89jXi9b4zWF/oXYG34UkDwSvTNhB+i/BiUkU/iR3eULlorAhWAKRlRVOeWUhyVg0oWlutxFiRiz5XixYIeU+laY2YGchr7hoNgk1zAIofchYNfgaLP13C0HUpVQZg/+UiAMpTEvUBHWdbQ1ta+c9/WmSfictBa3oz0/clkiYVI/cTD8WJtUX97zZ75/2j9v1/fb4Bqq2d7I=?cssminify=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
x-ac
4.fra _dfw
last-modified
Mon, 16 May 2016 00:22:53 GMT
server
nginx
etag
"573912dd-b7d"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2941
expires
Fri, 22 Nov 2019 08:31:11 GMT
chevron-down.svg
s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/images/
532 B
439 B
Image
General
Full URL
https://s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/images/chevron-down.svg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
91c0f0aed60f954037936f8c34547d91047c638179470b0b1fef25721df97aa8

Request headers

Referer
https://s0.wp.com/_static/??-eJytUttuwyAM/aFR2q6dtodp3wLEJW7NRRia5e9HiNrdukib9hJscy42sRyiMMFn8Fm6IiIVi57lEE1wgh0SjF+ylWG+k7dphCdgeYQclTmJll3h6A2Vrl7XguyQs9QUGkonlUbJeSRYOfRLBiYkqHUXVZ4QDjpUQOAqbInm4sOFNYV97W5xjnlgrWMCZlG/DosTua9G33lzWZ4xSg/DGNIpaIZ0hiS2681OKmbI89jXi9b4zWF/oXYG34UkDwSvTNhB+i/BiUkU/iR3eULlorAhWAKRlRVOeWUhyVg0oWlutxFiRiz5XixYIeU+laY2YGchr7hoNgk1zAIofchYNfgaLP13C0HUpVQZg/+UiAMpTEvUBHWdbQ1ta+c9/WmSfictBa3oz0/clkiYVI/cTD8WJtUX97zZ75/2j9v1/fb4Bqq2d7I=?cssminify=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 06 Jun 2019 17:31:57 GMT
content-encoding
gzip
last-modified
Sat, 31 Dec 2016 05:34:58 GMT
server
nginx
access-control-allow-origin
*
etag
W/"58674382-214"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Nov 2019 08:35:27 GMT
bid
c.amazon-adsystem.com/e/dtb/
47 B
374 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&pubid=076b6f38-c5e1-40ef-8e28-908bb89612b2&u=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&pid=135634927631559842317881&cb=4045411340891559842317884&ws=1600x1200&v=7.31.02&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-771860824845458250-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F1008049%2Fobserver_leaderboard_top%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
Server /
Resource Hash
eb6c0b5f18a5f24ad6f6b253e4ebea4918c28ffba3cc988c6014791c5bfe177c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:57 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
server
Server
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://observer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
47
x-amz-cf-id
reDOrOIngQAGhUpeQ7vZBGc0Qr2muzBpyvgL9jUvaJY91kRxf3R2Dw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Wed, 05 Jun 2019 20:13:23 GMT
content-encoding
gzip
last-modified
Fri, 24 Aug 2018 07:13:51 GMT
server
AmazonS3
age
76715
status
200
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
public, max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-id
l-zH29lWtdHuHTFsiVG-BX8nAuJ14iTy4_mKPG4jGA9mNKum5mcVXw==
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
fontello.woff2
s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/assets/fonts/fontello/
3 KB
4 KB
Font
General
Full URL
https://s0.wp.com/wp-content/themes/vip/newyorkobserver-2014/assets/fonts/fontello/fontello.woff2?91438482
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9219db678bab692540d08b247bab4301b7585a79c5ed5cd299145be887af7f99

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://s0.wp.com/_static/??-eJytUttuwyAM/aFR2q6dtodp3wLEJW7NRRia5e9HiNrdukib9hJscy42sRyiMMFn8Fm6IiIVi57lEE1wgh0SjF+ylWG+k7dphCdgeYQclTmJll3h6A2Vrl7XguyQs9QUGkonlUbJeSRYOfRLBiYkqHUXVZ4QDjpUQOAqbInm4sOFNYV97W5xjnlgrWMCZlG/DosTua9G33lzWZ4xSg/DGNIpaIZ0hiS2681OKmbI89jXi9b4zWF/oXYG34UkDwSvTNhB+i/BiUkU/iR3eULlorAhWAKRlRVOeWUhyVg0oWlutxFiRiz5XixYIeU+laY2YGchr7hoNgk1zAIofchYNfgaLP13C0HUpVQZg/+UiAMpTEvUBHWdbQ1ta+c9/WmSfictBa3oz0/clkiYVI/cTD8WJtUX97zZ75/2j9v1/fb4Bqq2d7I=?cssminify=yes
Origin
https://observer.com

Response headers

x-nc
HIT ams 32
date
Thu, 06 Jun 2019 17:31:59 GMT
x-ac
4.5am _dfw
last-modified
Sat, 31 Dec 2016 05:48:44 GMT
server
nginx
access-control-allow-origin
*
etag
"586746bc-dd0"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3536
expires
Tue, 04 Feb 2020 07:55:34 GMT
v1.js
ak.sail-horizon.com/horizon/
11 KB
4 KB
Script
General
Full URL
https://ak.sail-horizon.com/horizon/v1.js
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
69e5292f668f84e22c5e5dc31733b12634b74e2d6b01f436f9db84acfda0a34e

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:30:30 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2019 15:13:56 GMT
server
Apache
age
87
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=600; must-revalidate
accept-ranges
bytes
content-length
3606
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
EiJRU5rzeBaHbFZAS0RwWEPWwzo3CkD35uwJebzs591wmQ3gWcW75Q==
/
observer.com/wp-json/wp/v2/
174 KB
8 KB
XHR
General
Full URL
https://observer.com/wp-json/wp/v2/
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJyFztEKwjAMBdAfsisyOnwRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFLNshhqhcQG9vdK5THO7ooO/sLGMKxeIWOkD84JFZgXW1OogQifoSNltIZJzBVoDTA2mauacN9v4Q8Iyx/WQTNPtxMAcHnun6i4965Q++GwfXxBTkPW9k=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.79.33 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
037769e7f632592e9c091ec44660c257ffa42d6edbd8233789789b358399634a
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://observer.com/2018/07/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nananana
Batcache
date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding, Cookie
access-control-allow-headers
Authorization, Content-Type
allow
GET
last-modified
Thu, 06 Jun 2019 17:30:00 GMT
server
nginx
strict-transport-security
max-age=86400
content-type
application/json; charset=UTF-8
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
cache-control
max-age=182, must-revalidate
x-ac
4.ams _dfw
x-robots-tag
noindex
link
<https://observer.com/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
_ate.track.config_resp
m.addthisedge.com/live/boost/ra-526fe9ee7831a6ff/
4 KB
2 KB
Script
General
Full URL
https://m.addthisedge.com/live/boost/ra-526fe9ee7831a6ff/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
b4ea21ae88404e2556fb6b52781e55191c5302d1b3949dfeb909fb517159eaef

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
gzip
surrogate-key
ra-526fe9ee7831a6ff
server
Jetty(9.4.8.v20180619)
etag
-1165693796--gzip
vary
Accept-Encoding
cache-tag
ra-526fe9ee7831a6ff
status
200
cache-control
public, max-age=57, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
1374
quant.js
secure.quantserve.com/
12 KB
6 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.231 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 06 Jun 2019 17:31:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06-Jun-2019 17:31:59 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Thu, 13 Jun 2019 17:31:59 GMT
roundtrip.js
s.adroll.com/j/
32 KB
11 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8aa2d4a076b1df43e751a2dca70d57a2c6098758addfc7c13e7076337564e0fd

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
0KvjO0PSxb_aRPpEctl8rXy5kbeLg3Al
Content-Encoding
gzip
x-amz-request-id
40FE85C4C9F6C9C5
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Thu, 06 Jun 2019 17:32:01 GMT
Connection
keep-alive
Content-Length
10323
x-amz-id-2
Z8FRLCjiCrNv7ODKvm7cBkksOER9yFd0ycpcEz249zelF0yMhhYNe/DHwMNNVexdwcX0h9wznlc=
Last-Modified
Wed, 29 May 2019 15:13:20 GMT
Server
AmazonS3
ETag
"089df3afc0b2c1dede17edfaf42eee33"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
85704X1538064.skimlinks.js
s.skimresources.com/js/
54 KB
20 KB
Script
General
Full URL
https://s.skimresources.com/js/85704X1538064.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfd6eaf5317878dfbb216bc427baf0657cdabf4181f3c9b4d7153b6f0719c771

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2019 10:59:24 GMT
server
AmazonS3
x-amz-request-id
805CE52E6583AE66
etag
"eb6efdd2baeed96cb078faec451206ac"
x-hw
1559842318.cds060.lo4.hc,1559842318.cds081.lo4.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
20593
x-amz-id-2
umDIsgoANIgk3Pmr6faFQQjIF6P+PUNy7ptx2bNGnNo+s9cTiEciYFY6QfKeN70R5mkfdGIDt/Q=
fbevents.js
connect.facebook.net/en_US/
54 KB
17 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16245
x-xss-protection
0
pragma
public
x-fb-debug
V9e8HZ+lf3MgY3kmHIhS2IcSzJnhf+fKffmdAUo7zAgg9t5fpQBF/6x+/UGgmBAXYpZ9czRkT24tQvS+OW35Gw==
date
Thu, 06 Jun 2019 17:31:57 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-43-115-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 06 Jun 2019 17:32:01 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Fri, 07 Jun 2019 17:32:01 GMT
embedder
adserver.pressboard.ca/v2/
15 B
500 B
Script
General
Full URL
https://adserver.pressboard.ca/v2/embedder?media=133934
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.112.53 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-blu-011.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7c256ffc1f9d77958ae2d403c487b5ef5dfeac21df8340606aede0074961b9b3

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2019 17:32:00 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
Content-Length
135
Expires
0
vck.js
cdn.justuno.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.justuno.com/vck.js
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf93abb4c3efb91a3dc24fc92fd58ad72342ba145b5732c812a1f26d934ce82b

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
EDD2DA4AA9AE446A
x-edge-location
frankfurtDE
cf-polished
origSize=3057
x-cache
HIT
status
200
x-age
175341
content-type
application/javascript
x-amz-id-2
ukzAsF4ua3rTpy7tCa6SOzjYUBSAmToeqr+/mb/Kfdp8ZgndomZpYNXavUp82hei93dUy/Deozo=
last-modified
Fri, 01 Feb 2019 15:56:41 GMT
server
cloudflare
etag
W/"a701f3226d1af43fc4640c3ea2510a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
.sWfgudj6EjRzt_IRoG2GN9uYkXqqTE0
expires
Fri, 14 Jun 2019 17:31:58 GMT
cache-control
public, max-age=691200
x-edge-ip
195.181.170.15
cf-ray
4e2c1f77afbec2f9-FRA
cf-bgj
minify
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1600511788&t=event&ni=1&_s=1&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&ul=en-us&de=UTF-8&dt=July%20%7C%202018%20%7C%20Observer&sd=24-bit&s...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1606453233&_gid=154628912.1559842318&gjid=1995108311&_v=j76&z=815352844
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1606453233&_v=j76&z=815352844
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1606453233&_v=j76&z=815352844&slf_rd=1&random=330971300
42 B
110 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1606453233&_v=j76&z=815352844&slf_rd=1&random=330971300
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:31:58 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:31:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1606453233&_v=j76&z=815352844&slf_rd=1&random=330971300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
930 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 16:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2876
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
856
x-xss-protection
0
expires
Thu, 06 Jun 2019 17:44:02 GMT
g.gif
pixel.wp.com/
50 B
116 B
Image
General
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.297489061247286
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 06 Jun 2019 17:31:58 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?blog=35584880&v=wpcom&tz=-4&user_id=0&subd=nyoobserver&host=observer.com&ref=&fcp=4902&rand=0.8559483861952197
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 06 Jun 2019 17:31:58 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1BNmNJfGhxNCVxUDExYmtib2E%2FSzdEJm0lUEtbdFU0fFk4cHZvcUFrZT90Tn4yQm1%2BR3NyNTdhX19bakUtN0M3czczb0lDUzljfm9FWXpxUGZXLUZQSFlONnpDU3NKdVEufitzfH5dJU5xSzhJbTVPK21sRz8zbFtBSlhYcjNlcW5obXFlclRSSEdOSF1Td01bbWtONk1wdG9ORGJlTk9sYkVOUzllbmFyTlQ4YVRxVkgsdU92NlduRSx3R1NWNVN1b1dmWzhOeHImVnFLWW5RaElnOX5uXSZlJWZwOC5RY3ZDV1BQcjFQTjU2dGthSw%3D%3D&v=wpcom-no-pv&rand=0.19367166172637096
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 06 Jun 2019 17:31:58 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
trk.gif
jadserve.postrelease.com/
43 B
340 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=34b5e2fe-c21d-40d1-ae3f-2601816df3e4&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=DU75XAA&ntv_at=303,302&ntv_a=AAAAAAAAAA-KkQA&ord=1559842318008&ntv_dpl=1011,1028,1029,1001,1019,1007&ntv_it
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.153.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx/1.12.1
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
collect
www.google-analytics.com/
35 B
129 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:31:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://observer.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1126890875&uid=1086568790.1559842318&gjid=885609999&_gid=154628912.1559842318&_u=...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1126890875&_v=j76&z=876163195
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1126890875&_v=j76&z=876163195&slf_rd=1&random=2295325107
42 B
110 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1126890875&_v=j76&z=876163195&slf_rd=1&random=2295325107
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:31:58 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:31:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=1126890875&_v=j76&z=876163195&slf_rd=1&random=2295325107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
832096553515722
connect.facebook.net/signals/config/
228 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/832096553515722?v=2.8.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
def05e32c3c44327ae78591cdad77b8b972e700b96177951ba04f0a53b58c435
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
61413
x-xss-protection
0
pragma
public
x-fb-debug
KN09A1CEZKtRAkrYLeutr+tYCee70KmaUVO7LX6JNF5NFxoTIZy9Cjwc4QLj+1enbGb37J7nvUNmKJcnh0BiIQ==
date
Thu, 06 Jun 2019 17:31:58 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
account_version_check.html
my.justuno.com/ajax/
36 B
398 B
Script
General
Full URL
https://my.justuno.com/ajax/account_version_check.html?id=EC21726A-4CA7-444C-8019-9E07BDE7FB26
Requested by
Host: cdn.justuno.com
URL: https://cdn.justuno.com/vck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aefdb80dc36afbeeae8a49fe40f35f23ef2e0e170d1447c1231c17984ffcb2ae

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
br
cf-cache-status
HIT
p3p
CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
status
200
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 Jun 2019 10:30:33 PST
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30
cf-ray
4e2c1f77f943c2f9-FRA
access-control-allow-headers
X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires
Thu, 06 Jun 2019 17:32:28 GMT
px.gif
p.skimresources.com/
43 B
471 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=4.391860762328806
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
UploadServer /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
status
200
x-guploader-uploadid
AEnB2UqiQrLmCdHJ61K5TM4VZ4YhEKyeszNGPrvTlNMu17AnJMYdy6sxdULZ9QaMzVzT3UQ5z5YCe0FE1ipsFUc11ZcYOMtnOg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
content-length
43
x-hw
1559842318.cds060.lo4.hc,1559842318.cds101.lo4.c
last-modified
Tue, 23 Oct 2018 13:19:28 GMT
server
UploadServer
etag
"f837aa60b6fe83458f790db60d529fc9"
x-goog-hash
crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation
1540300768038458
cache-control
public, max-age=7200
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
px.gif
p.skimresources.com/
43 B
107 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=4.391860762328806
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
UploadServer /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
status
200
x-guploader-uploadid
AEnB2UqiQrLmCdHJ61K5TM4VZ4YhEKyeszNGPrvTlNMu17AnJMYdy6sxdULZ9QaMzVzT3UQ5z5YCe0FE1ipsFUc11ZcYOMtnOg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
content-length
43
x-hw
1559842318.cds060.lo4.hc,1559842318.cds101.lo4.c
last-modified
Tue, 23 Oct 2018 13:19:28 GMT
server
UploadServer
etag
"f837aa60b6fe83458f790db60d529fc9"
x-goog-hash
crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation
1540300768038458
cache-control
public, max-age=7200
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01DCPXHT908M0MSPE2AV1Y9DJX&persistence=1&checksum=6dfa09f6242b204e5ed06c0a77cf0a55cac0d1b40779b3157277736879afb0ca
0
-1 B
XHR
General
Full URL
https://r.skimresources.com/api/?xguid=01DCPXHT908M0MSPE2AV1Y9DJX&persistence=1&checksum=6dfa09f6242b204e5ed06c0a77cf0a55cac0d1b40779b3157277736879afb0ca
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
null
Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
https://observer.com
location
//r.skimresources.com/api/?xguid=01DCPXHT908M0MSPE2AV1Y9DJX&persistence=1&checksum=6dfa09f6242b204e5ed06c0a77cf0a55cac0d1b40779b3157277736879afb0ca
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
307
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193

Redirect headers

date
Thu, 06 Jun 2019 17:31:58 GMT
via
1.1 google
server
openresty/1.11.2.5
status
307
location
//r.skimresources.com/api/?xguid=01DCPXHT908M0MSPE2AV1Y9DJX&persistence=1&checksum=6dfa09f6242b204e5ed06c0a77cf0a55cac0d1b40779b3157277736879afb0ca
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://observer.com
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
inferredEvents.js
connect.facebook.net/signals/plugins/
1 KB
898 B
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
VzY4OrWMuYv0ZGCHbOHyYQ4OYDEXVnlE4f6FBFJBTKX8ee8Y7oDGT0/EA4/6pkfawcKP1OPZMF0dp5i+BHwqpA==
date
Thu, 06 Jun 2019 17:31:58 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
v1
dmx.districtm.io/b/
0
250 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.203.66.107 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
107.66.203.35.bc.googleusercontent.com
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx/1.13.12
status
204
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://observer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
origin, content-type
mwgt_4.1.js
cdn.justuno.com/
242 KB
56 KB
Script
General
Full URL
https://cdn.justuno.com/mwgt_4.1.js?v=2.36
Requested by
Host: cdn.justuno.com
URL: https://cdn.justuno.com/vck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb0a12e9b9778866e0cd98e1b2c57f5dc051a4f079b95c9cc20173924975812

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
EB75AE19D1E2E8F3
x-edge-location
frankfurtDE
cf-polished
origSize=310125
x-cache
HIT
status
200
x-age
85
content-type
application/javascript
x-amz-id-2
9As1jsS42iFutJjYuO2Kx8sKWxxWdaUuRHfsqdWnQxMEUFiM+wXtNzA21ckhUYEjllCwj4JElzQ=
last-modified
Wed, 05 Jun 2019 13:26:42 GMT
server
cloudflare
etag
W/"6a5e0c4483570cb43405a51d1a1f4400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
JnPiXMyct1NwemqT.42abGcFOWrBheRm
expires
Fri, 14 Jun 2019 19:58:38 GMT
cache-control
public, max-age=700000
x-edge-ip
185.59.220.10
cf-ray
4e2c1f783a1cc2f9-FRA
cf-bgj
minify
/
www.facebook.com/tr/
44 B
326 B
Image
General
Full URL
https://www.facebook.com/tr/?id=832096553515722&ev=PageView&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&rl=&if=false&ts=1559842318127&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1559842318126.78037251&it=1559842318034&coo=false&rqm=GET
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 06 Jun 2019 17:31:58 GMT
custom-messages.f290a2cf5c93e5f30bac.js
s7.addthis.com/static/
101 KB
25 KB
Script
General
Full URL
https://s7.addthis.com/static/custom-messages.f290a2cf5c93e5f30bac.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ede9870f2c552ff81d19d6fb484748bc214e61b200543fed50da2a894072c82

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
gzip
last-modified
Thu, 28 Feb 2019 14:32:49 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
25225
layers.53666936c94ded42f169.js
s7.addthis.com/static/
262 KB
74 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.53666936c94ded42f169.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32006b665c48d165c3c109a07122bf5e950f1ed57e179eb22b0b1e54c5bd827f

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
gzip
last-modified
Fri, 26 Apr 2019 20:25:37 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
account_config_4.1.html
my.justuno.com/ajax/
159 B
292 B
Script
General
Full URL
https://my.justuno.com/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=EC21726A-4CA7-444C-8019-9E07BDE7FB26&p=0&cm=0
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJyFztEKwjAMBdAfsisyOnwRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFLNshhqhcQG9vdK5THO7ooO/sLGMKxeIWOkD84JFZgXW1OogQifoSNltIZJzBVoDTA2mauacN9v4Q8Iyx/WQTNPtxMAcHnun6i4965Q++GwfXxBTkPW9k=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e871ebdde7a2bf214b13203c056a7d2c5a06309a7d03597ff6454d9101390460

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
p3p
CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
status
200
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 Jun 2019 10:31:58 PST
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; Charset=UTF-8
cache-control
public, max-age=30
cf-ray
4e2c1f79aee0c2f9-FRA
access-control-allow-headers
X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires
Thu, 06 Jun 2019 17:32:28 GMT
findp
analytics.justuno.com/api/session/
1 KB
646 B
Script
General
Full URL
https://analytics.justuno.com/api/session/findp?callback=jsonFindCallback&accid=EC21726A-4CA7-444C-8019-9E07BDE7FB26&genhash=5864739e0a7ca84065325ad030c758a8&device_static_hash=b96d3bdf2cf7159fc7c56d806bafaec0&userid_hash=&pageId=0bxg5d&guid=&time=68&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fobserver.com%2F2018%2F07&agent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&sw=1600&sh=1200
Requested by
Host: s2.wp.com
URL: https://s2.wp.com/_static/??-eJyFztEKwjAMBdAfsisyOnwRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFLNshhqhcQG9vdK5THO7ooO/sLGMKxeIWOkD84JFZgXW1OogQifoSNltIZJzBVoDTA2mauacN9v4Q8Iyx/WQTNPtxMAcHnun6i4965Q++GwfXxBTkPW9k=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1788 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21ea74a8e203062a9d6aa950036feb554e31a8f99b4ba2d722e0f6d82b3907f

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
content-encoding
br
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
status
200
access-control-expose-headers
DAV, content-length, Allow
cf-ray
4e2c1f79cf61c2f9-FRA
access-control-allow-headers
X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept
/
www.facebook.com/tr/
44 B
201 B
Image
General
Full URL
https://www.facebook.com/tr/?id=832096553515722&ev=Microdata&dl=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&rl=&if=false&ts=1559842318631&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22July%20%7C%202018%20%7C%20Observer%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22(no%20title)%22%2C%22og%3Asite_name%22%3A%22Observer%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fsecure.gravatar.com%2Fblavatar%2Fdac0f3722a48a53be75eb06c0c4f5119%3Fs%3D200%26ts%3D1559842314%22%2C%22og%3Aimage%3Awidth%22%3A%22200%22%2C%22og%3Aimage%3Aheight%22%3A%22200%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A70%2C%22w%22%3A1445%7D%2C%22properties%22%3A%7B%22name%22%3A%22https%3A%2F%2Fobserver.com%2F%22%2C%22logo%22%3A%22https%3A%2F%2Fs2.wp.com%2Fwp-content%2Fthemes%2Fvip%2Fnewyorkobserver-2014%2Fimages%2Fobserver-logo-2015.png%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Observer%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fs2.wp.com%2Fwp-content%2Fthemes%2Fvip%2Fnewyorkobserver-2014%2Fimages%2Fobserver-logo-2015.png%22%2C%22height%22%3A60%2C%22width%22%3A428%7D%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fplus.google.com%2F%2BNewYorkObserver%22%2C%22https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FObserver_Media%22%2C%22https%3A%2F%2Fwww.facebook.com%2Fobserver%22%2C%22https%3A%2F%2Ftwitter.com%2Fobserver%22%2C%22https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fobserver.com%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fobserver%2F%22%5D%2C%22url%22%3A%22https%3A%2F%2Fobserver.com%22%7D%5D&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1559842318630.583293773&it=1559842318034&coo=false&es=automatic&rqm=GET
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 06 Jun 2019 17:31:58 GMT
/
r.skimresources.com/api/
144 B
455 B
XHR
General
Full URL
https://r.skimresources.com/api/?xguid=01DCPXHT908M0MSPE2AV1Y9DJX&persistence=1&checksum=6dfa09f6242b204e5ed06c0a77cf0a55cac0d1b40779b3157277736879afb0ca
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
ad32ea5a6407e8680cffc26f2fb99c8860bdb82a7d00408af5568deb153c2b85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 06 Jun 2019 17:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://observer.com
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google
l
use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/
48 KB
48 KB
Font
General
Full URL
https://use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fc2fd5c838b7ca0b9b4782d491f4f2c30f3c204555b938193de6c444e986f88c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"35854115598b498337b54407e917c89302567143"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
49136
l
use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/
47 KB
47 KB
Font
General
Full URL
https://use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
27bdaf82545dfb613a59abadd7541c75e10f6079d40e323cddc1f6458aea04d8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"7ee5b9745d2bfbf7fbd1003475c322edca1b945a"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
48200
l
use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/
49 KB
49 KB
Font
General
Full URL
https://use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
66abacd1c4fb7a0c4016652a8505a2a7acb38e188da28cf5c775c1b429b5a67b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"104531377dba1811f0b2ec84b839da6c31b2b217"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
50140
l
use.typekit.net/af/aae429/00000000000000003b9aefbe/27/
48 KB
48 KB
Font
General
Full URL
https://use.typekit.net/af/aae429/00000000000000003b9aefbe/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5a307caf60ee3a1d46e212d733e8dbcc7baa9a2331741c8b3de3a38214d9fe4f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"715c26d24eef7532869b2b1b4be2e14201c57f11"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
48760
l
use.typekit.net/af/32f92a/000000000000000000014869/27/
24 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/32f92a/000000000000000000014869/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3584fd2be46903422c3b90e679fd3229c7f3d6e0e7f24ee195ef12ece881a367

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"bc8d3f34fdd925935b386d7d02fcd391829e765d"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24072
l
use.typekit.net/af/fb816c/00000000000000000001486a/27/
24 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/fb816c/00000000000000000001486a/27/l?subset_id=2&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dca9cf635ff484602e743fccbf3e6f1a331cf2a3649358c04f6451d928ecc3b4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"4811d56687700111c23456201ade3a5e1cde04bc"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24480
l
use.typekit.net/af/9e56a2/00000000000000000001486d/27/
24 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/9e56a2/00000000000000000001486d/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
609518806e39d0910ccfd5808096f1ccd074c3bf9f7575ef6bd9ebf42d19190b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"71084abd075001c97238dc7ef4190837f0cff585"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24792
l
use.typekit.net/af/c0faa1/00000000000000000001486e/27/
24 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/c0faa1/00000000000000000001486e/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4fa528417205e3df93b8d837f56e5faeef7b92c678baef71822e6e3d04f0d2a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"561ff30e465e5019436c40fb0d75e4a68da87823"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24572
l
use.typekit.net/af/0d4c7b/00000000000000000001486c/27/
24 KB
25 KB
Font
General
Full URL
https://use.typekit.net/af/0d4c7b/00000000000000000001486c/27/l?subset_id=2&fvd=i6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
54e1c0d3790394c5bd9bbe681d7458106e03452fc444a5a8999a72fa307fd5f5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"a96919878314ec616c1d45aadb42f488385c54d0"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24888
l
use.typekit.net/af/370322/00000000000000000001486b/27/
23 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/370322/00000000000000000001486b/27/l?subset_id=2&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aje3scp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
97e6b7ae3879a8d4f3a1ea18888daffdfa39f56a5497e126369af274a55b9ab5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:58 GMT
server
nginx
access-control-allow-origin
*
etag
"f7ba9a0492159692d1f6cc8a9be3a36c81ab8641"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24020
p.gif
p.typekit.net/
35 B
202 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=aje3scp&ht=tk&h=observer.com&f=139.175.176.25136.1997.1998.1999.2000.2017.2018&a=1001914&js=1.19.2&app=typekit&e=js&_=1559842319021
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:59 GMT
last-modified
Mon, 04 Feb 2019 20:25:20 GMT
server
nginx
access-control-allow-origin
*
etag
"5c589fb0-23"
content-type
image/gif
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
35
expires
Tue, 07 May 2019 18:30:39 GMT
trk.gif
jadserve.postrelease.com/
43 B
410 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=34b5e2fe-c21d-40d1-ae3f-2601816df3e4&ntv_a=AAAAAAAAAA-KkQA&ntv_ht=DU75XAA&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ord=-1742718353&ntv_it
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.153.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:31:59 GMT
server
nginx/1.12.1
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
rules-p-8e-8kU1qcT19Y.js
rules.quantcount.com/
3 B
339 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-8e-8kU1qcT19Y.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:5c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 03:56:01 GMT
via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:13:47 GMT
server
AmazonS3
age
52354
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3
x-amz-cf-id
swbSTeMoKzIkAeQAQd_2gDbJR2B8iDVGBszEbAufdTIY4Olj_4mODw==
pixel;r=659520428;rf=0;a=p-8e-8kU1qcT19Y;url=https%3A%2F%2Fobserver.com%2F2018%2F07%2F;fpan=1;fpa=P0-1490245293-1559842319393;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24...
pixel.quantserve.com/
35 B
479 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=659520428;rf=0;a=p-8e-8kU1qcT19Y;url=https%3A%2F%2Fobserver.com%2F2018%2F07%2F;fpan=1;fpa=P0-1490245293-1559842319393;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1559842319393;tzo=0;ogl=title.(no%20title)%2Csite_name.Observer%2Cimage.https%3A%2F%2Fsecure%252Egravatar%252Ecom%2Fblavatar%2Fdac0f3722a48a53be75eb06c0c4f5119%3Fs%3D200%26ts%3D1%2Cimage%3Awidth.200%2Cimage%3Aheight.200%2Clocale.en_US
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.235 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2019 17:31:59 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
1 KB
612 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=370611362917660&correlator=24174030395986&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062453%2C21062724%2C21063016%2C21063636&vrg=2019053001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190606&iu_parts=1008049%2Cobserver_leaderboard_top%2Cobserver_1x1_c%2Cobserver_1x1_d%2Cobserver_1x1_e&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x66%7C970x90%7C970x250%2C1x1%2C1x1%2C1x1&ists=7&prev_scp=amznbid%3D2%26amznp%3D2%7C%7C%7C&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1559842314&dt=1559842319434&dlt=1559842317432&idt=272&frm=20&biw=1585&bih=1200&oid=3&adxs=429%2C0%2C0%2C0&adys=125%2C0%2C0%2C0&adks=2596627448%2C3719617435%2C4203381274%2C380153255&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&dssz=81&icsg=169869312&mso=1073741824&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x130%7C0x0%7C0x0%7C0x0&msz=1585x130%7C0x0%7C0x0%7C0x-1&blev=1&bisch=1&ga_vid=1218578462.1559842319&ga_sid=1559842319&ga_hid=1600511788&fws=4%2C128%2C128%2C128
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
a29a92177f1d042fe76cd8cda3d18912961808bd7bc04302c8abd4e74a463269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
393
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://observer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019053001.js
securepubads.g.doubleclick.net/gpt/
66 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019053001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
7afd1e931fc5bb2211f4f89e204c9e5d349e7bff9088ab84c97c3e5c50c6f8b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:31:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 May 2019 13:05:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
25250
x-xss-protection
0
expires
Thu, 06 Jun 2019 17:31:59 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

iab
api.skimlinks.mgr.consensu.org/
772 B
635 B
XHR
General
Full URL
https://api.skimlinks.mgr.consensu.org/iab
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
nginx/1.14.0 /
Resource Hash
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://observer.com/2018/07/
Origin
https://observer.com

Response headers

date
Thu, 06 Jun 2019 17:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.0
access-control-allow-headers
*
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://observer.com
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google
link
t.skimresources.com/api/v2/
22 B
91 B
Other
General
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:32:00 GMT
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
server
Python/3.7 aiohttp/3.5.4
access-control-allow-origin
https://observer.com
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
status
200
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
Consent_A_de.js
s.skimresources.com/js/GDPR/
20 KB
8 KB
Script
General
Full URL
https://s.skimresources.com/js/GDPR/Consent_A_de.js
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98797818fc1483ef31cbe24e20a575527972f45bc07297d1240fc26543a33b04

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:32:00 GMT
content-encoding
gzip
last-modified
Tue, 21 May 2019 10:56:42 GMT
server
AmazonS3
x-amz-request-id
8CF00A7C1FB6058D
etag
"a2b61f4e4a000e5edaf79129e20bca38"
x-hw
1559842320.cds060.lo4.hc,1559842320.cds078.lo4.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
7661
x-amz-id-2
mYJh7SRENRhauUjZbvFpi6jOCIroQ1xBx2lol3jAo4rfFb8Ra0e7LJdumC6xyHXZtVBMViuoWYc=
/
p.skimresources.com/ Frame F626
Redirect Chain
  • https://x.skimresources.com/?provider=exelate
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
  • https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=627234f536309d9c793806cf73cca813
  • https://p.skimresources.com/?provider_id=627234f536309d9c793806cf73cca813&skim_mapping=true
43 B
246 B
Image
General
Full URL
https://p.skimresources.com/?provider_id=627234f536309d9c793806cf73cca813&skim_mapping=true
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
UploadServer /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:32:01 GMT
status
200
x-guploader-uploadid
AEnB2Uo_W5NtckF1aG0athJm6bv9QmEdtpiPcEOMrLrD7D3WomlLXJSe2pkNju24Dm6WrXB16K-k2GN2guxlZgGFG_cGZ1Zwmw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
content-length
43
x-hw
1559842320.cds060.lo4.hc,1559842321.cds092.lo4.c
last-modified
Tue, 23 Oct 2018 13:19:28 GMT
server
UploadServer
etag
"f837aa60b6fe83458f790db60d529fc9"
x-goog-hash
crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation
1540300768038458
cache-control
public, max-age=7200
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif

Redirect headers

Location
https://p.skimresources.com?provider_id=627234f536309d9c793806cf73cca813&skim_mapping=true
Date
Thu, 06 Jun 2019 17:32:00 GMT
Server
TornadoServer/2.4.1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
r.skimresources.com/api/
130 B
390 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
690375f0d95ec1f6a26548306026af675327564f468e59c6b4c5d5479bef8dbd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 06 Jun 2019 17:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://observer.com
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google
page
t.skimresources.com/api/v2/
22 B
382 B
Other
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/85704X1538064.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:32:00 GMT
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
server
Python/3.7 aiohttp/3.5.4
access-control-allow-origin
https://observer.com
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
status
200
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=13507040&ns__t=1559842321049&ns_c=UTF-8&cv=3.1&c8=July%20%7C%202018%20%7C%20Observer&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=13507040&ns__t=1559842321049&ns_c=UTF-8&cv=3.1&c8=July%20%7C%202018%20%7C%20Observer&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&c9=
0
248 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=13507040&ns__t=1559842321049&ns_c=UTF-8&cv=3.1&c8=July%20%7C%202018%20%7C%20Observer&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&c9=
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-43-115-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2019 17:32:01 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=13507040&ns__t=1559842321049&ns_c=UTF-8&cv=3.1&c8=July%20%7C%202018%20%7C%20Observer&c7=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&c9=
Pragma
no-cache
Date
Thu, 06 Jun 2019 17:32:01 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
AT2MQQUJUVC3DELV2NQMTG
d.adroll.com/consent/check/
40 B
200 B
Script
General
Full URL
https://d.adroll.com/consent/check/AT2MQQUJUVC3DELV2NQMTG?_s=f4898639cae865426f90ef6f133b6681
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.84.76 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-84-76.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
6f43e1e85c42d5e449308701054501d9867a7254c9a8734406afbc89b3dfe5b4

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 06 Jun 2019 17:32:01 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
40
Content-Type
application/javascript
/
p.skimresources.com/ Frame F626
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=e6f4eaebb9e9b66407e5b794e7fe27f6
  • https://p.skimresources.com/?provider_id=e6f4eaebb9e9b66407e5b794e7fe27f6&skim_mapping=true
43 B
142 B
Image
General
Full URL
https://p.skimresources.com/?provider_id=e6f4eaebb9e9b66407e5b794e7fe27f6&skim_mapping=true
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
UploadServer /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 17:32:01 GMT
status
200
x-guploader-uploadid
AEnB2Uo_W5NtckF1aG0athJm6bv9QmEdtpiPcEOMrLrD7D3WomlLXJSe2pkNju24Dm6WrXB16K-k2GN2guxlZgGFG_cGZ1Zwmw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
content-length
43
x-hw
1559842321.cds060.lo4.hc,1559842321.cds092.lo4.c
last-modified
Tue, 23 Oct 2018 13:19:28 GMT
server
UploadServer
etag
"f837aa60b6fe83458f790db60d529fc9"
x-goog-hash
crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation
1540300768038458
cache-control
public, max-age=7200
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif

Redirect headers

Location
https://p.skimresources.com?provider_id=e6f4eaebb9e9b66407e5b794e7fe27f6&skim_mapping=true
Date
Thu, 06 Jun 2019 17:32:01 GMT
Server
TornadoServer/2.4.1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
consent.js
s.adroll.com/j/
102 KB
17 KB
Script
General
Full URL
https://s.adroll.com/j/consent.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5c57739c90bd26655a90a24c31b4e44e85b218aa72745276ece2900e1133cf9f

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
rbmI61EP5o22oHMGHp9u8dSdDZlNIuNO
Content-Encoding
gzip
x-amz-request-id
8C333AC65D423B16
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Thu, 06 Jun 2019 17:32:01 GMT
Connection
keep-alive
Content-Length
16967
x-amz-id-2
CB3cydm5nzQx9YvsYEY7X/YQIEgDagWUbtp3RiV0P7rW0hKBZwCSDx2MDVdlnQ1KXlmMXKUOBoU=
Last-Modified
Tue, 04 Jun 2019 15:39:29 GMT
Server
AmazonS3
ETag
"6c13c1e002c52bf626a59d733e18f437"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
hod
d.adroll.com/consent/
42 B
264 B
Image
General
Full URL
https://d.adroll.com/consent/hod?_e=view_banner&_s=f4898639cae865426f90ef6f133b6681&_b=626d9f6089ce68&_a=AT2MQQUJUVC3DELV2NQMTG
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.84.76 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-84-76.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 06 Jun 2019 17:32:01 GMT
Cache-Control
no-transform,public,max-age=300,s-maxage=900
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
42
Vary
Cookie
Content-Type
image/gif
chartbeat.js
static.chartbeat.com/js/
35 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: observer.com
URL: https://observer.com/2018/07/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:6400:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b8a8385400d498bd2379a4abd15c533ae635bc5a958198b339cd19662d062e39

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 01:07:46 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 01:35:46 GMT
server
nginx
age
59055
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-id
gabGSsWqk1qG03-ouCFZHg2cKMlqreWlMqH3i6_0f93EhZdRUcQjgw==
via
1.1 7c2d73d3cd46e357090188fa2946f746.cloudfront.net (CloudFront)
expires
Fri, 07 Jun 2019 01:07:46 GMT
track
horizon.sailthru.com/horizon/
43 B
274 B
Image
General
Full URL
https://horizon.sailthru.com/horizon/track?r=1090&url=https%3A%2F%2Fobserver.com%2F2018%2F07%2F&d=horizon.observer.com&spider=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
162.208.117.11 New York, United States, ASN11403 (NYINTERNET - NYI, US),
Reverse DNS
162.208.117.11.static.nyinternet.net
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 06 Jun 2019 17:32:01 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
close
Content-Length
43
X-XSS-Protection
1; mode=block
gdprConsent
jadserve.postrelease.com/
43 B
408 B
Image
General
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092088&ntv_gdpr_consent=&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.153.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:32:01 GMT
server
nginx/1.12.1
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
collect
www.google-analytics.com/r/
35 B
112 B
Other
General
Full URL
https://www.google-analytics.com/r/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:32:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://observer.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
112 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://observer.com/2018/07/
Origin
https://observer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:32:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://observer.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-1212249-1&cid=1086568790.1559842318&jid=313782995&uid=1086568790.1559842318&gjid=766659107&_gid=154628912.1559842318&_u=a...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=313782995&_v=j76&z=911063570
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=313782995&_v=j76&z=911063570&slf_rd=1&random=1420402244
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=313782995&_v=j76&z=911063570&slf_rd=1&random=1420402244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:32:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:32:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1212249-1&cid=1086568790.1559842318&jid=313782995&_v=j76&z=911063570&slf_rd=1&random=1420402244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=observer.com&p=%2F2018%2F07%2F&u=CMaMMJTLBPiBzgFXl&d=observer.com&g=13018&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=16443&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=8442&t=CxUPpfB413BACCAUnvCTED3lC1yF82&V=113&i=July%20%7C%202018%20%7C%20Observer&tz=0&sn=1&sv=B2ah-eBfNTH9ClSukdCXPxgOClW57v&sd=1&im=06030c03&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.213.1 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-205-213-1.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 06 Jun 2019 17:32:01 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=5f830632-abb5-4969-8c63-eb4c59d0ab59&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=5f830632-abb5-4969-8c63-eb4c59d0ab59&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKtehlGd9Ej7xmUpCT2rBw8&google_cver=1
43 B
256 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKtehlGd9Ej7xmUpCT2rBw8&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://observer.com/2018/07/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:32:02 GMT
server
OXGW/16.146.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Jun 2019 17:32:02 GMT
server
HTTP server (unknown)
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKtehlGd9Ej7xmUpCT2rBw8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

457 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer string| GoogleAnalyticsObject function| ga function| addLoadEvent object| _wpemojiSettings object| NO_JQUERY object| wpcom_mobile_user_agent_info undefined| $ function| jQuery function| pm object| jQuery112406136930523750688 object| Jetpack object| nyo object| google_tag_data object| gaplugins object| gaGlobal object| googletag object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleTokenSync object| twemoji object| wp function| CMD function| initCmd object| $jscomp object| ntv number| ntvLoadStart undefined| nQuery object| prdom function| ntvInsertTracking function| ntvTrackingUrlUtil function| ntvStopWatch function| ntvTimeOnContentStopWatch function| ntvGetElementViewability function| ntvViewableImpressionTracker function| ntvArticleTracker function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript object| ntvToutAds object| PostRelease function| parcelRequire function| TrackerFactory function| _MOAT function| _Viant object| businessLogic object| google_tag_manager undefined| google_measure_js_timing object| google_optimize function| pbjsChunk object| pbjs object| __core-js_shared__ object| apstag function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| failedAds object| loadedAds string| ajaxurl number| _sf_startpt object| gptadslots object| adUnits object| apstagSlots object| gptAdSlots object| mapSize boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id function| fetchHeaderBids number| PREBID_TIMEOUT function| generateNextSlotName function| refreshAd function| refreshBid function| useReserveSlot function| canRefreshFixedArticle function| refreshAds number| nextSlotId number| ad_refresh_timeout object| wpApiSettings object| settings object| wpcomVipAnalytics object| wpcom_img_zoomer object| jetpackLikesWidgetQueue object| jetpackLikesWidgetBatch boolean| jetpackLikesMasterReady function| JetpackLikespostMessage function| JetpackLikesBatchHandler function| JetpackLikesMessageListener function| JetpackLikesWidgetQueueHandler function| setCookie function| getCookie function| deleteCookie function| throttle function| debounce object| detectZoom function| $clamp function| Hammer object| Stickyfill boolean| page_is_focused boolean| user_is_inactive number| interaction_timeout number| interaction_timeout_counter function| _ object| Backbone function| st_vt object| _tkq object| _stq string| mobileStatsQueryString object| _sf_async_config object| addthis_config object| addthis_share object| _qevents string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded function| fbq function| _fbq object| _comscore string| ju_num string| asset_host function| juapp object| gaData object| userflux function| st_go function| ex_go function| re_go function| linktracker_init object| wpcom function| sailthru function| Sailthru string| ju_domain function| ju_loadversionscript function| jju_setCookie function| jju_getCookie function| isNumeric object| $jujsonp string| ju_v string| ju_vr undefined| ju_v_arr function| ju_vcheck object| __SKIM_JS_GLOBAL__ object| isBot object| ju_Cookie object| ju_MobileEsp object| juTempConfig string| _ju_dn function| pstmsgresize function| ju_push_pers function| ouibounce function| ju_parseQuery function| ju_fadeinoverlay function| ju_fadeoutoverlay function| ju_fadein function| ju_fadeout function| setwidthheight function| resizejucon function| ju_targeting_data function| write_data_cookies function| evaltype function| test_targets function| update_rules_matched function| run_target_action function| ju_logimpression function| update_prods_seen function| update_offers_seen function| testju_mobile function| ju_logpagestats function| ju_getconfig function| ju_readyfetch function| ju_fetchconfig function| ju_replaceErrors function| ju_logerr function| forceNumber function| forceString function| parseImageFromTab function| ju_removeProp function| ju_setup_cookie_data function| ju_conv_cart function| ju_log_conversion function| ju_submit_conv function| ju_beaconsend function| ju_regtest_array function| ju_beaconsend_gzip function| ju_visibility_change function| ju_savetodb function| safeToJSON function| ju_limitobjectlength function| ju_objectlength function| ju_safepost_p function| ju_jsonp_p function| addDefaultCSS function| ju_initialize function| ju_tabClick function| ju_reshow_button function| ju_animate_show_open function| ju_animate_hide_button function| ju_animate_button function| ju_activityAdjust function| ju_createiframe function| ju_setup_interval_stuff function| alert_iframe_of_scroll function| ju_loadiframe function| ju_loadiframe_con function| ju_writeIframe function| fire_animation function| ju_add_css function| ju_add_js function| existArrayObj function| tryCatch function| ju_jqLoaded function| update_offers_closed function| update_offers_engaged function| ju_switchfixedabsolute function| quickapplycoupon function| juDebug function| pushdown_stuff function| ju_arr_upsert function| return_engagment_type function| ju_check function| jju_getDomain function| ju_save_hash function| ju_a function| ju_call_a function| ju_autosetemail function| ju_autoapplycoupon function| tabPosition function| tabOptions function| jju_getParameterByName function| jju_getju_windowHeight function| ju_record_event function| ju_optimizely_event function| ju_gtm_event function| ju_zaius_event function| ju_ga_event function| ju_heap_event function| ju_sgio_event function| ju_rejoiner_event function| ju_bluecore_event function| ju_ibm_analytics_event function| ju_klaviyo_event function| ju_field_event function| ju_listrak_event function| ju_recart_event function| ju_hubspot_event function| ju_hasTouch function| ju_debounce function| ju_generateUID function| ju_genPageId function| sendPushBody function| ju_initpush function| ju_askPermission function| ju_pushSupport function| ju_registerServiceWorker function| ju_UrlExists function| ju_checkRemotePermission function| ju_subscribeUserToPush function| _toConsumableArray function| urlBase64ToUint8Array function| ju_sendSubscriptionToBackEnd function| ju_detectCompetitors function| ju_compareDetected object| ju_123_seo function| ju_inIframeLoaded number| ju_onboarding_display number| ju_onboarding_steps function| fetchWindowHref function| ju_Fgp function| ju_md5 function| ju_sha1 function| ju_sha256 object| ju_errors object| pako function| bililiteRange string| ju_language boolean| ju_alreadyloaded string| ju_widget_v string| profileUrl object| ju_target_starttime number| ju_target_interval function| jju object| ju_data_page object| ju_data_session object| ju_data_all object| juDp object| juDs object| juDa object| ju_config string| ju_current_domain string| ju_current_url string| ju_current_url_protocol string| ju_camefrom_domain string| ju_camefrom_url string| ju_camefrom_url_protocol boolean| ju_triggerred boolean| ju_show_button boolean| ju_show_coupon number| ju_show_campaign_id number| ju_show_tab_campaign_id boolean| ju_haveseen number| ju_custom_button_width string| ju_conversion string| ju_cookie_domain boolean| ju_il_activated_exit boolean| ju_il_activated_back number| ju_targetruncount boolean| ju_mobile boolean| ju_initialized_button number| ju_new_visit number| ju_new_user number| ju_new_user_ever string| ju_active_ju_num boolean| ju_svgmode object| juHeight object| juWidth object| juBorder object| juStartingPosition object| juFinalPosition object| ju_scroll_check object| ju_ajaxDebounce object| ju_cv_timer_check boolean| ju_stoptop number| ju_successfocused number| ju_lastopenedcoupon number| ju_timer object| ju_timer2 object| ju_matched_cm object| ju_Tracker string| ju_promo_title string| ju_iframe_url boolean| ju_initialized object| ju_resize_tracker string| show_preview_tab boolean| fixed_supported object| fixed_push_interval number| pushdown_distance object| fixed_push_type number| ju_idleStateTime boolean| ju_stopupdating boolean| ie9 number| ju_cm boolean| touchPresent object| ju_googlefonttimer object| ju_promo_options boolean| ju_exitback boolean| ju_setupexitintent boolean| ju_setupbackintent object| ju_setupclickintent object| ju_setuphoverintent string| ju_setupclickintent_el string| ju_setuphoverintent_el boolean| ju_allow_again string| ju_cnt string| ju_reg string| ju_cty string| ju_zip string| _ju_dt object| ju_config_timeout object| ju_fp object| ju_ct_timer_check object| ju_lg_timer_check object| ju_lg_array object| ju_pst boolean| ju_useBeacon boolean| ju_visible boolean| ju_jqLoaded_once boolean| ju_fetchconfig_once number| ju_lastKeyDown string| ju_orderid string| ju_referrer_url string| ju_referrer_url_protocol number| ju_plastsaved boolean| ju_cookieonly object| ju_eu_countries string| ju_gaTracker boolean| ju_cartDirty string| ju_pns function| ju_todayDate string| ju_pageid object| ju_tmpCartObj object| urlvalidmatch object| ju_qstr object| ju_options string| ju_customvar string| ju_custom1 string| ju_custom2 string| ju_custom3 number| ju_loadcm number| ju_windowHeight number| ju_windowWidth function| ju_assumejq function| ju_launch function| ju_postMessage function| jju_receivePostMessage function| jju_receiveMessage function| ju_removeProfile number| ju_ratio string| ju_genhash string| ju_devicehash string| ju_rtcKey number| ju_fptime object| _atw object| ju_data_keys_genhash object| ju_data_keys_devicehash boolean| ju_mobile_scale undefined| juappTempArray string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| Typekit function| quantserve function| __qc object| ezt object| _qoptions number| google_unique_id object| google_reactive_ads_global_state function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls function| udm_ object| ns_p object| COMSCORE string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent boolean| __adroll_consent_is_gdpr string| BANNER_VERSION object| __adroll_consent_banner number| _sf_endpt object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://s2.wp.com/_static/??-eJyFztEKwjAMBdAfsisyOnwRv6XWOFKXtDbphn69HeiDMBQC9+EeuLFLNshhqhcQG9vdK5THO7ooO/sLGMKxeIWOkD84JFZgXW1OogQifoSNltIZJzBVoDTA2mauacN9v4Q8Iyx/WQTNPtxMAcHnun6i4965Q++GwfXxBTkPW9k=(Line 8)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api info (Line 2)
Message:
Loading data context plugin.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adserver.pressboard.ca
adservice.google.de
ak.sail-horizon.com
analytics.justuno.com
apex.go.sonobi.com
api.skimlinks.mgr.consensu.org
as-sec.casalemedia.com
c.amazon-adsystem.com
cdn.justuno.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dc8xl0ndzn2cb.cloudfront.net
dmx.districtm.io
eu-u.openx.net
fastlane.rubiconproject.com
horizon.sailthru.com
ib.adnxs.com
jadserve.postrelease.com
loadeu.exelator.com
m.addthisedge.com
my.justuno.com
observer.com
observermedia-d.openx.net
p.skimresources.com
p.typekit.net
ping.chartbeat.net
pixel.quantserve.com
pixel.wp.com
r-login.wordpress.com
r.skimresources.com
rules.quantcount.com
s.adroll.com
s.ntv.io
s.skimresources.com
s0.wp.com
s2.wp.com
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
stats.wp.com
sync.crwdcntrl.net
t.skimresources.com
tpc.googlesyndication.com
us-u.openx.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.skimresources.com
104.109.64.186
104.111.214.206
104.111.215.135
104.111.215.236
13.35.253.13
13.35.254.145
147.75.102.200
151.139.128.10
162.208.117.11
172.217.22.66
173.241.240.143
173.241.240.220
178.162.133.150
185.33.223.216
192.0.76.3
192.0.77.32
192.0.78.18
192.0.79.33
2.18.232.15
213.19.162.41
23.43.115.95
23.96.112.53
2600:9000:200c:5c00:6:44e3:f8c0:93a1
2600:9000:200c:6400:18:1fcd:349:ca21
2606:4700::6812:1788
2a00:1450:4001:815::2004
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2001
2a00:1450:4001:820::2003
2a00:1450:400c:c0a::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.205.213.1
34.250.10.37
35.190.40.172
35.190.59.101
35.201.67.47
35.203.66.107
52.19.153.98
54.171.6.140
54.247.84.76
91.228.74.231
91.228.74.235
99.86.1.198
037769e7f632592e9c091ec44660c257ffa42d6edbd8233789789b358399634a
050c2ca74a4941fedd88349d977d960b8ab384ebb83a3c9e4b233160476ee8f1
0db992f97b98b4d13265f5eae3e0f6b94812561e2a266fe230b7f2ba7db3d1f7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17ddbd20dbb97ae3b02377b57dad4688d0d2add5eac2e801480cd9d796d3f67a
27bdaf82545dfb613a59abadd7541c75e10f6079d40e323cddc1f6458aea04d8
2bcbed8ade63c6e0da313465ab20b2e2e5e5e020609551b4916431d121f46c5f
32006b665c48d165c3c109a07122bf5e950f1ed57e179eb22b0b1e54c5bd827f
3371ddae6ac2308fa1e620e55aa5a490735185dfb754f21ffac2da56cc7224ad
3584fd2be46903422c3b90e679fd3229c7f3d6e0e7f24ee195ef12ece881a367
39feac0d94cfc062ba99e8acd98368cc19fc3437b519a5ea492c6da383f3da9a
3f95e6fba905257465a4f7dfedfc6500b80606e1696340a3d1fcec3678c22f74
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
42c3e0a792b572eacc9011d5ece727e2b8a0439d96ddba9e20a44d2576630a6a
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa528417205e3df93b8d837f56e5faeef7b92c678baef71822e6e3d04f0d2a7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e1c0d3790394c5bd9bbe681d7458106e03452fc444a5a8999a72fa307fd5f5
5a307caf60ee3a1d46e212d733e8dbcc7baa9a2331741c8b3de3a38214d9fe4f
5c57739c90bd26655a90a24c31b4e44e85b218aa72745276ece2900e1133cf9f
609518806e39d0910ccfd5808096f1ccd074c3bf9f7575ef6bd9ebf42d19190b
61574ce484f5c994a3fe99ab37455ea9e3816fc359d9262faa89d6a698d70b5e
66abacd1c4fb7a0c4016652a8505a2a7acb38e188da28cf5c775c1b429b5a67b
690375f0d95ec1f6a26548306026af675327564f468e59c6b4c5d5479bef8dbd
69e5292f668f84e22c5e5dc31733b12634b74e2d6b01f436f9db84acfda0a34e
6d577d94f1675029cbc48a4a7e98f03942874723d30c7a8c6263e19a7b5d3329
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
6f3959f6136f3e6a3e2828d6cf45c5eebcf3642fd501122ddcfa94500675ac89
6f43e1e85c42d5e449308701054501d9867a7254c9a8734406afbc89b3dfe5b4
6f6c97f202cd914c0e075b15edb68f7d98b6dbc49e2a1965b723a2c25424ed63
74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0
76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f
7afd1e931fc5bb2211f4f89e204c9e5d349e7bff9088ab84c97c3e5c50c6f8b6
7c256ffc1f9d77958ae2d403c487b5ef5dfeac21df8340606aede0074961b9b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b7697b9838f9bd2456a63b6b0c49ef2bfe61687b8f79408a31443b542a8f8d
89960e4cbacfe11953e693a2fd095120ec15d5cac72ef649a656b5ed6c7e4501
8aa2d4a076b1df43e751a2dca70d57a2c6098758addfc7c13e7076337564e0fd
8bd06a157f6234495a2a93e0ad4166ebe82bf9d69a20831eadd196aad3f152b6
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
91c0f0aed60f954037936f8c34547d91047c638179470b0b1fef25721df97aa8
9219db678bab692540d08b247bab4301b7585a79c5ed5cd299145be887af7f99
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93c8ec8639ebd563c1c3339822a0942ffc734b169937011702ecde64f89e8f37
97e6b7ae3879a8d4f3a1ea18888daffdfa39f56a5497e126369af274a55b9ab5
98797818fc1483ef31cbe24e20a575527972f45bc07297d1240fc26543a33b04
9ac4113ec7495f2d89bdc82202aa9bcf6546493766810858655c94b02d9cba47
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9ede9870f2c552ff81d19d6fb484748bc214e61b200543fed50da2a894072c82
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a29a92177f1d042fe76cd8cda3d18912961808bd7bc04302c8abd4e74a463269
a4b29ac286547c0674a7c2fb0ae92bd83f0dabae0555b2fe5adb7d80305bf506
a52a4d4a685c0413f39b1ea0130b65f638f1d8fff040ae1275e81706f753a97a
ad32ea5a6407e8680cffc26f2fb99c8860bdb82a7d00408af5568deb153c2b85
aefdb80dc36afbeeae8a49fe40f35f23ef2e0e170d1447c1231c17984ffcb2ae
b21ea74a8e203062a9d6aa950036feb554e31a8f99b4ba2d722e0f6d82b3907f
b4ea21ae88404e2556fb6b52781e55191c5302d1b3949dfeb909fb517159eaef
b8a8385400d498bd2379a4abd15c533ae635bc5a958198b339cd19662d062e39
bbb0a12e9b9778866e0cd98e1b2c57f5dc051a4f079b95c9cc20173924975812
c54ebe8869312644ac7f8a9892fe913900cf8a2dca23b5f4ba42b01561c5baed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf93abb4c3efb91a3dc24fc92fd58ad72342ba145b5732c812a1f26d934ce82b
cfd6eaf5317878dfbb216bc427baf0657cdabf4181f3c9b4d7153b6f0719c771
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87
dca9cf635ff484602e743fccbf3e6f1a331cf2a3649358c04f6451d928ecc3b4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
def05e32c3c44327ae78591cdad77b8b972e700b96177951ba04f0a53b58c435
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e871ebdde7a2bf214b13203c056a7d2c5a06309a7d03597ff6454d9101390460
e8ecac0d9588460760098de931844572de4b73b8033bdd76340f3f9701b05500
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eb6c0b5f18a5f24ad6f6b253e4ebea4918c28ffba3cc988c6014791c5bfe177c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27611a8ca70895cf25af274f105a26d8683e40bdd627e7e3c729cdefa47094a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
fc2fd5c838b7ca0b9b4782d491f4f2c30f3c204555b938193de6c444e986f88c
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fcf68a9e66e8b3154ab7d6f7737ba3b36622e181a9eae40031ad2a0099f3142c
fe9bdb7e292ee2f3898335a25041d48fd5ec875fedeef4bcb3ffa3dd4cfefa8c