observer.com Open in urlscan Pro
192.0.66.160  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://politicker.com/ HTTP 301
   https://observer.com/politics HTTP 301
   https://observer.com/politics/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

• https://sb.scorecardresearch.com/cs/37161820/beacon.js HTTP 302
• https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 170

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 171

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP943zXs4hIWgEYW_UYhYgc&google_cver=1&google_push=Aer7DvKk-vtAucOlj-q4v7Z2wTA1rXvGKf1Q748ZZpj9fHhIR768PAwU3OEflG2rQE5F2d2JCCrjarGztsXtMV_vRFJ2PrKijR3thg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKk-vtAucOlj-q4v7Z2wTA1rXvGKf1Q748ZZpj9fHhIR768PAwU3OEflG2rQE5F2d2JCCrjarGztsXtMV_vRFJ2PrKijR3thg

Request Chain 180

• https://ads.travelaudience.com/google_pixel?google_gid=CAESENd2nDjfC8kDU6Lt9TGWMzU&google_cver=1&google_push=Aer7DvJGG8lSjSjwIA1HP17mqh35VurKE4tYr9Dcc8jOeQeWZ3MM6EygIhagh_MpqJsX0KeKzLD-8XzAQOjnfRudHBmPq9tn0qFFBg HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=S-dBnWQ_Rj6_iaYN9vonyw2&google_push=Aer7DvJGG8lSjSjwIA1HP17mqh35VurKE4tYr9Dcc8jOeQeWZ3MM6EygIhagh_MpqJsX0KeKzLD-8XzAQOjnfRudHBmPq9tn0qFFBg

Request Chain 181

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELOONlAWSnYoahcHke-XUIs&google_cver=1&google_push=Aer7DvIltV1V9AeNdjwS7yN4JU0pUGaOTFa1BIPQHPI8N5XxZy6PtPP0wk6xUM7llRk3j2SuhI_q--HDx2vtc4lSNQxKtcW-uNHwww HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIltV1V9AeNdjwS7yN4JU0pUGaOTFa1BIPQHPI8N5XxZy6PtPP0wk6xUM7llRk3j2SuhI_q--HDx2vtc4lSNQxKtcW-uNHwww&google_hm=eS1DU0ppblNSRTJwRzN4ek1EMHZKaVEwY0dNV3ZIN0lDcX5B

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response observer.com/politics/ Redirect Chain https://politicker.com/ https://observer.com/politics https://observer.com/politics/	152 KB 27 KB	7ms 7ms	Document text/html	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / WordPress VIP <https://wpvip.com> Resource Hash 38c4af59b44090b97bd9229ff9ecf4b659dc3bad94e97eaaaaf920863118f085 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1316 cache-control max-age=300, must-revalidate content-encoding gzip content-length 27323 content-type text/html; charset=UTF-8 date Fri, 21 Apr 2023 11:49:15 GMT host-header a9130478a60e5f9135f765b23f26593b link <https://observer.com/wp-json/>; rel="https://api.w.org/" <https://observer.com/wp-json/wp/v2/channel/423868943>; rel="alternate"; type="application/json" server nginx strict-transport-security max-age=31536000;includeSubdomains;preload vary Accept-Encoding x-cache hit x-frame-options SAMEORIGIN x-hacker If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header. x-powered-by WordPress VIP <https://wpvip.com> x-rq hhn2 96 185 443 Redirect headers age 1941 cache-control max-age=300, must-revalidate content-encoding gzip content-length 20 content-type text/html; charset=UTF-8 date Fri, 21 Apr 2023 11:49:15 GMT host-header a9130478a60e5f9135f765b23f26593b location https://observer.com/politics/ server nginx strict-transport-security max-age=31536000;includeSubdomains;preload x-cache graced x-frame-options SAMEORIGIN x-hacker If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header. x-powered-by WordPress VIP <https://wpvip.com> x-redirect-by WordPress x-rq hhn2 96 184 443
GET H2	200	css2 fonts.googleapis.com/	6 KB 1 KB	59ms 24ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash be2be0231fe3c7e47cbcce878baf740aed683e5f10c1699f275e8983f6ac0c43 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Apr 2023 11:49:15 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Apr 2023 11:49:15 GMT
GET H2	200	jquery.min.js Show response observer.com/wp-includes/js/jquery/	88 KB 31 KB	8ms 7ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:41 GMT server nginx x-rq hhn2 96 185 443 etag W/"642dec41-15ed7" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	main.min.css observer.com/wp-content/themes/newyorkobserver-2014/dist/css/	75 KB 14 KB	7ms 7ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.3 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 9a7f171292ad50e40db3fc6ad413fa152137cab87600be2ab3d53e95367fa91c Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 13 Apr 2023 14:48:45 GMT server nginx x-rq hhn2 96 185 443 etag W/"6438164d-12af6" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	style.css observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/	34 KB 5 KB	8ms 7ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/style.css?ver=1.9.3-1676305996 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e69314be4ca6c42063da42e3faf1a4adb5267ff8736f56d739ab87250b289e64 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Mon, 13 Feb 2023 16:33:16 GMT server nginx x-rq hhn2 96 185 443 etag W/"63ea664c-89a2" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	amp-google-tag-manager-public.js Show response observer.com/wp-content/plugins/amp-google-tag-manager/public/js/	838 B 559 B	7ms 6ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/amp-google-tag-manager/public/js/amp-google-tag-manager-public.js?ver=1.0.0 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 184 443 etag W/"63c93607-346" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	widget.subscribe.js Show response observer.com/wp-content/plugins/sailthru-widget/js/	2 KB 780 B	10ms 5ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/sailthru-widget/js/widget.subscribe.js?ver=6.2 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 12 Apr 2023 15:24:53 GMT server nginx x-rq hhn2 96 184 443 etag W/"6436cd45-622" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	htlbid.js Show response htlbid.com/v3/observer.com/	729 B 1 KB	537ms 410ms	Script application/javascript	13.32.27.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-47.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 19994c0cb38e49014dc3ee6c036efc40e47ede8b98c92cad70ee966cb6224109 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT via 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront) last-modified Sun, 02 Apr 2023 13:12:43 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 x-amz-server-side-encryption AES256 etag "7bbd3cbf407999082c5180ade14a001c" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=600 accept-ranges bytes content-length 729 x-amz-cf-id 4owFSqZCecFjIE5jtXW0fy-HDZmxeh-Z61cEO0PrDuooJDEAEEKiKw==
GET H2	200	js Show response www.googletagmanager.com/gtag/	219 KB 77 KB	82ms 26ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d472a0dfbf2b0c3c67e451099ab5fc8b02d55090f62154073a5ff3cc9bd970db Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78729 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 21 Apr 2023 11:49:15 GMT
GET H2	200	default.min.css observer.com/wp-content/themes/newyorkobserver-2014/dist/css/	66 KB 10 KB	18ms 15ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/default.min.css?ver=1.9.3 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 2cbc6c13af45bc311311531d579cd7e529376564ba3eef9af1f50e02f0998db0 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Mon, 13 Feb 2023 16:33:16 GMT server nginx x-rq hhn2 96 185 443 etag W/"63ea664c-1097b" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	print.min.css observer.com/wp-content/themes/newyorkobserver-2014/dist/css/	143 B 191 B	18ms 15ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/print.min.css?ver=1.9.3 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c0eb09d747f4cb0d61057afe50609d7419873b0bdbc56f6965f3098a1cf6d975 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 184 443 last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx etag "63c93607-8f" x-cache HIT content-type text/css cache-control max-age=31536000 accept-ranges bytes content-length 143
GET H2	200	mediaelementplayer-legacy.min.css observer.com/wp-includes/js/mediaelement/	11 KB 3 KB	18ms 15ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:41 GMT server nginx x-rq hhn2 96 185 443 etag W/"642dec41-2bf8" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	wp-mediaelement.min.css observer.com/wp-includes/js/mediaelement/	4 KB 1 KB	18ms 15ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.2 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:41 GMT server nginx x-rq hhn2 96 185 443 etag W/"642dec41-105a" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	classic-themes.min.css observer.com/wp-includes/css/	291 B 338 B	18ms 15ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/css/classic-themes.min.css?ver=6.2 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 185 443 last-modified Wed, 05 Apr 2023 21:46:41 GMT server nginx etag "642dec41-123" x-cache HIT content-type text/css cache-control max-age=31536000 accept-ranges bytes content-length 291
GET H2	200	media-credit.min.css observer.com/wp-content/plugins/media-credit/public/css/	589 B 358 B	18ms 16ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/media-credit/public/css/media-credit.min.css?ver=4.2.1 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a7b23f357530667a4d5d574a7b9141f0858db9f3dc49ad1e676bd850b8093c22 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 184 443 etag W/"63c93607-24d" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	lasso-live.css observer.com/wp-content/plugins/lasso/admin/assets/css/	26 KB 4 KB	19ms 16ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/lasso/admin/assets/css/lasso-live.css?v=1674130951&ver=253 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 36e24dc06e51fdd9b13497039bf3c286b61476669c715a274b9a6703b4000a2b Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 184 443 etag W/"63c93607-698a" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	amp-google-tag-manager-public.css observer.com/wp-content/plugins/amp-google-tag-manager/public/css/	98 B 145 B	19ms 16ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/amp-google-tag-manager/public/css/amp-google-tag-manager-public.css?ver=1.0.0 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 184 443 last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx etag "63c93607-62" x-cache HIT content-type text/css cache-control max-age=31536000 accept-ranges bytes content-length 98
GET H2	200	widget.subscribe.css observer.com/wp-content/plugins/sailthru-widget/css/	2 KB 825 B	19ms 16ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/sailthru-widget/css/widget.subscribe.css?ver=6.2 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 12 Apr 2023 15:24:53 GMT server nginx x-rq hhn2 96 185 443 etag W/"6436cd45-9a1" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	jetpack.css observer.com/wp-content/mu-plugins/jetpack-12.0/css/	97 KB 18 KB	19ms 16ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/mu-plugins/jetpack-12.0/css/jetpack.css?ver=12.0 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 5827ca18d6a69c3470f37b66610fc6b79d7dd1334e7e016ba6e281229f5b16e4 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 13 Apr 2023 18:20:41 GMT server nginx x-rq hhn2 96 185 443 etag W/"643847f9-18582" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	GettyImages-1333624649.jpg observer.com/wp-content/uploads/sites/2/2022/12/	54 KB 54 KB	12ms 7ms	Image image/jpeg	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2022/12/GettyImages-1333624649.jpg?quality=80&w=635&strip Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 8e034870145f89b3fce167a553f610e136933b2365f841d661a14be0c9760a91 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 84 443 last-modified Tue, 18 Apr 2023 15:51:10 GMT server nginx etag "9c2817af53eca526" vary Accept x-cache HIT content-type image/jpeg cache-control max-age=31536000 x-optim-disabled true accept-ranges bytes content-length 54849
GET H2	200	GettyImages-1443736911.jpg observer.com/wp-content/uploads/sites/2/2022/11/	15 KB 15 KB	13ms 7ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2022/11/GettyImages-1443736911.jpg?quality=80&w=300&strip Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b9e2466b31b350de239b426825d68c515a7988ede4de6c755e237e4525951668 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 139 443 last-modified Tue, 18 Apr 2023 15:51:10 GMT server nginx etag "2bfa9ecd7b6a334a" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 15466
GET H2	200	California-state-house.jpg observer.com/wp-content/uploads/sites/2/2022/10/	16 KB 16 KB	14ms 8ms	Image image/jpeg	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2022/10/California-state-house.jpg?quality=80&w=300&strip Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 96bbaa6805fc861f78d3fe25c0118ceb18afc488eb70162e41bd219fbeb86287 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 84 443 last-modified Tue, 18 Apr 2023 15:51:10 GMT server nginx etag "24eb2a4118df1abb" vary Accept x-cache HIT content-type image/jpeg cache-control max-age=31536000 x-optim-disabled true accept-ranges bytes content-length 16163
GET H2	200	spm.v1.min.js Show response ak.sail-horizon.com/spm/	98 KB 33 KB	71ms 8ms	Script application/javascript	18.66.112.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-95.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:47:14 GMT content-encoding gzip via 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront) last-modified Wed, 11 Jan 2023 16:08:40 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 122 x-amz-server-side-encryption AES256 etag W/"be0aea74754407f0a826a84e140dd5ea" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=600; must-revalidate x-amz-cf-id O6puolP9n0Q397AJGRFGRiybMO-7Xd4uWnF2voa0LSKtV9Qcuk7SFA==
GET H2	200	sailthru.js Show response observer.com/wp-content/plugins/hc-sailthru/assets/js/	761 B 472 B	12ms 7ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/hc-sailthru/assets/js/sailthru.js?ver=20211026 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b6cf23ed282a5cb25c43c5923908a43cc8c4c9e92b23a1f73eb7b0af46ef6534 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 185 443 etag W/"63c93607-2f9" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	wp-polyfill-inert.min.js Show response observer.com/wp-includes/js/dist/vendor/	8 KB 2 KB	13ms 8ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:41 GMT server nginx x-rq hhn2 96 185 443 etag W/"642dec41-1feb" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	regenerator-runtime.min.js Show response observer.com/wp-includes/js/dist/vendor/	6 KB 2 KB	13ms 8ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:41 GMT server nginx x-rq hhn2 96 184 443 etag W/"642dec41-19cf" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	hooks.min.js Show response observer.com/wp-includes/js/dist/	5 KB 2 KB	13ms 8ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:41 GMT server nginx x-rq hhn2 96 185 443 etag W/"642dec41-132e" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	loader.js Show response observer.com/wp-content/mu-plugins/wp-parsely-3.8/build/	3 KB 1 KB	13ms 8ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/mu-plugins/wp-parsely-3.8/build/loader.js?ver=1d54726e91ce976b3e82 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 962eaa3c1a2130ce8689105bb46d6454972927d761d9df30dd357c9373040b54 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 12 Apr 2023 18:10:40 GMT server nginx x-rq hhn2 96 185 443 etag W/"6436f420-abf" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	p.js Show response cdn.parsely.com/keys/observer.com/	56 KB 21 KB	37ms 9ms	Script application/javascript	18.66.100.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/observer.com/p.js?ver=3.8.4 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.100.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-100-58.fra56.r.cloudfront.net Software nginx / Resource Hash c46b033d7688f2f46e87a04634a1389db91ceea1be9cb70d1ae9205819739a7e Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma public date Thu, 20 Apr 2023 18:50:48 GMT content-encoding gzip via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) last-modified Thu, 24 Mar 2022 17:02:52 GMT server nginx x-amz-cf-pop FRA56-P2 age 61107 etag W/"623ca43c-e05a" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400, public x-amz-cf-id B1G6d-1FL8ko3AwZK9e6X8q6lR5dksEp0DZajxDc0Ntykh7QmNkEog== expires Fri, 21 Apr 2023 18:50:48 GMT
GET H2	200	helpers.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/	922 B 539 B	13ms 8ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/helpers.js?ver=1.9.3 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c0472ab03b5cc819b6f3a01c3d0519af30215aed943bd77a11d9625f93b4ab55 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 185 443 etag W/"63c93607-39a" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	jquery.flexslider.min.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/	21 KB 6 KB	18ms 14ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/jquery.flexslider.min.js?ver=2.2.2 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 184 443 etag W/"63c93607-5429" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	theme.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/	7 KB 3 KB	18ms 14ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/theme.js?ver=1.9.3.04282045 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 2e256a180025855d8521b1aeacc337c5bc34f88865bbd09680c9f7192c937553 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Mon, 13 Feb 2023 16:33:16 GMT server nginx x-rq hhn2 96 184 443 etag W/"63ea664c-1c48" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	sailthru-widget.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/	1 KB 600 B	18ms 14ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/sailthru-widget.js?ver=1.9.3 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 756dd7203be6457d7dd15085b51cb7fcee2efdc6e1e46792c7a5272775a82243 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 185 443 etag W/"63c93607-431" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	delay-load.js Show response observer.com/wp-content/plugins/xcurrent/assets/js/	3 KB 1 KB	18ms 14ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/xcurrent/assets/js/delay-load.js?ver=8f7693010179fc5007dacef632d329a6 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash ef5f8d6a9ea52bd9b20497b837b74bde31586062d5b0e16be75f8bbdffc29840 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 185 443 etag W/"63c93607-b50" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	lazy-load.js Show response observer.com/wp-content/plugins/xcurrent/assets/js/	8 KB 4 KB	18ms 14ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/xcurrent/assets/js/lazy-load.js?ver=6bd186b35f60946321703040eae7bccf Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 6c05e433ca10b433edfc856fd903cb5f2da848a54e4507642a48981deed8bb05 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 184 443 etag W/"63c93607-214a" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	script-queue.js Show response observer.com/wp-content/plugins/xcurrent/assets/js/	3 KB 2 KB	19ms 15ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a384a78bc8bee6afceab3ff107315b1bdcc0fd2622246826d16b503e742a8cdf Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 184 443 etag W/"63c93607-dd9" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	e-202316.js Show response stats.wp.com/	9 KB 3 KB	34ms 7ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202316.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-nc HIT hhn date Fri, 21 Apr 2023 11:49:15 GMT content-encoding br server nginx etag W/"6197c5cf-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Sun, 14 Apr 2024 02:59:55 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	84ms 23ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 21 Apr 2023 10:27:45 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 4890 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Fri, 21 Apr 2023 12:27:45 GMT
GET H2	200	advertising.js Show response www.npttech.com/	6 KB 3 KB	74ms 20ms	Script application/javascript	2606:4700:e0::ac40:640c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.npttech.com/advertising.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:640c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT x-amz-version-id AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 0AATFXAZPX633ZF7 age 1431 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 Mcur0B34i2Ov+re6LHJPUp9TBv2kHcyJqP1Da8Zc8yjtZVlZ3Wu1Tt7F6kkfC4e9YYRnHYKY7do= last-modified Tue, 18 Oct 2022 13:20:01 GMT server cloudflare etag W/"df0e1827cd8f289a645f38d8fecaf6e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylp4vXT0FnaWwQSa6GQGmJv9%2BPS4KxOi9o0h8gLBpA7E7JAFY8F8zjmA4yHXxk41jFLfYkcnmCy9o2sUSPgziq%2BTxgUub7rzp06oppS0WJZMOZqFv%2FINZpyctJQTZfW0kbFcNnIOChFCFhjRqnc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=28800 cf-ray 7bb567135db70a4f-AMS
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	load Show response sandbox.tinypass.com/xbuilder/experience/	4 KB 1 KB	79ms 27ms	Script application/javascript	2606:4700::6811:b9b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d55f7c21f317b20841033125e19ef280ff06aba9c8cb5ee2d6065220d8e5a30 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status HIT last-modified Fri, 21 Apr 2023 10:53:29 GMT server cloudflare age 3346 vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control public, max-age=1800 cf-ray 7bb567135bae0e36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-request-id tp959jpc9m expires Fri, 21 Apr 2023 12:19:15 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/internal-cs/default/ Redirect Chain https://sb.scorecardresearch.com/cs/37161820/beacon.js https://sb.scorecardresearch.com/internal-cs/default/beacon.js	4 KB 2 KB	7ms 7ms	Script application/javascript	13.32.99.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/internal-cs/default/beacon.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Server 13.32.99.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-23.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:24:12 GMT content-encoding gzip via 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront) last-modified Thu, 09 Mar 2023 10:02:11 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 age 1504 x-amz-server-side-encryption AES256 etag W/"77ff4ede4693897337a38594321529a3" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id va07L84HLp16yKeIpJS_yNdK27JHICKGMBovBbToMa3eB0eg5Ed4Tw== Redirect headers date Fri, 21 Apr 2023 11:49:15 GMT via 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront location /internal-cs/default/beacon.js content-length 0 x-amz-cf-id oLIHxEiS2r-GHa6YUzPHX8ZrowGF2u0THJUjoXpv_P3KauGMMhYOYw==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	107 KB 28 KB	30ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 21 Apr 2023 11:49:15 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27967 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug quFBk5dquLzy3sT1Pgv3oI9xAd6/4uBdXZJ9vygwNDFRPiCfiJiPA0GLfeggQHCKyV2D3oYHgAq8Zp8kElaJLg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	search-ffffff.svg observer.com/wp-content/themes/newyorkobserver-2014/images/	2 KB 1 KB	15ms 15ms	Image image/svg+xml	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/images/search-ffffff.svg Requested by Host: observer.com URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx x-rq hhn2 96 184 443 etag W/"63c93607-960" vary Accept-Encoding x-cache HIT content-type image/svg+xml cache-control max-age=31536000
GET H2	200	observer-logo-white-2015.png observer.com/wp-content/themes/newyorkobserver-2014/images/	3 KB 3 KB	15ms 15ms	Image image/png	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/images/observer-logo-white-2015.png Requested by Host: observer.com URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 184 443 last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx etag "63c93607-b7d" x-cache HIT content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 2941
GET H2	200	source-serif-pro-v11-latin-regular.woff2 observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/	19 KB 20 KB	11ms 11ms	Font application/font-woff2	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/source-serif-pro-v11-latin-regular.woff2 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 97816b3ca3d676b5241a16fd6fb3f3e4050a3b99c914f0a66f0bcc074617ba80 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers Referer https://observer.com/politics/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 185 443 last-modified Thu, 19 Jan 2023 12:22:31 GMT server nginx etag "63c93607-4df4" x-cache HIT content-type application/font-woff2 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control max-age=31536000 accept-ranges bytes content-length 19956
GET H2	200	jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 fonts.gstatic.com/s/librefranklin/v13/	27 KB 27 KB	51ms 15ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 02:05:24 GMT x-content-type-options nosniff age 35031 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27268 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:56:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 20 Apr 2024 02:05:24 GMT
GET H2	200	simple Show response api.sail-personalize.com/v1/personalize/	256 B 475 B	110ms 110ms	Fetch application/json	75.2.40.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0 Requested by Host: ak.sail-horizon.com URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.40.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aa7557bb34ea5624b.awsglobalaccelerator.com Software / Resource Hash 2facb93b5e96ee3db8075f7a9985870609f21c6643b12a0627443a67eae62f35 Request headers x-lib-version v1.0.1 accept-language de-DE,de;q=0.9 authorization Bearer eddd21a32bf5284abd9bc8ac7ddeec34 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type application/json accept application/json Referer https://observer.com/ x-referring-url https://observer.com/politics/ Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:15 GMT content-encoding gzip allowedorigins * vary Accept-Encoding content-type application/json access-control-allow-origin * allowedmethods GET,OPTIONS cache-control no-store access-control-allow-credentials true allowedheaders Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin content-length 174 expires -1
OPTIONS H2	200	simple api.sail-personalize.com/v1/personalize/ Frame	0 0	325ms 99ms	Preflight text/plain	75.2.40.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.40.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aa7557bb34ea5624b.awsglobalaccelerator.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-lib-version,x-referring-url Access-Control-Request-Method GET Origin https://observer.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL access-control-allow-methods OPTIONS,GET,POST,PUT,DELETE access-control-allow-origin https://observer.com access-control-max-age 1800 allow HEAD,GET,OPTIONS content-length 18 content-type text/plain date Fri, 21 Apr 2023 11:49:15 GMT
GET H2	200	tinypass.min.js Show response sandbox.tinypass.com/api/	339 KB 100 KB	39ms 38ms	Script application/javascript	2606:4700::6811:b9b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sandbox.tinypass.com/api/tinypass.min.js Requested by Host: sandbox.tinypass.com URL: https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b97b2342a7580d734b7aa27d35e1889d164d0a6b968679464a745d6665462c61 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT x-amz-version-id rvyIZTSHRoGj9ry99Fiu_X3H0J_lBLkq content-encoding br cf-cache-status HIT strict-transport-security max-age=86400; includeSubDomains x-amz-request-id HVRQB451J16VDMQQ age 2736 x-amz-server-side-encryption AES256 x-amz-replication-status REPLICA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 yk6DHNvDHWJwkMG1w5lGWqLyM/6KDQBdIB0lG0hesK47Bsm0f6A4xRxhR46v/12aRogjvkuklqA= last-modified Fri, 14 Apr 2023 08:16:54 GMT server cloudflare etag W/"43b5dfa841a0111e4078dfb6a8fba670" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7bb56713fd300e36-AMS expires Fri, 21 Apr 2023 15:49:15 GMT
GET H/1.1	200 OK	/ p1.parsely.com/plogger/	43 B 257 B	141ms 31ms	Image image/gif	63.34.81.234 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://p1.parsely.com/plogger/?rand=1682077755513&plid=92745343&idsite=observer.com&url=https%3A%2F%2Fobserver.com%2Fpolitics%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fobserver.com%2Fpolitics%2F&sref=&sts=1682077755510&slts=0&title=Latest+Political+News+%26+Articles+%7C+Observer&date=Fri+Apr+21+2023+11%3A49%3A15+GMT%2B0000+(GMT)&action=pageview&pvid=78456632&u=pid%3De77ca5585a8d81b9ece82fe35e1db4cc Requested by Host: observer.com URL: https://observer.com/politics/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-81-234.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Fri, 21 Apr 2023 11:49:15 GMT Cache-Control no-cache Last-Modified Friday, 21-Apr-2023 11:49:15 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	12ms 6ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&blog=168679389&post=0&tz=-4&srv=observer.com&hp=vip&j=1%3A12.0&host=observer.com&ref=&fcp=762&rand=0.5234673678752464 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 Apr 2023 11:49:15 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H2	200	js Show response www.google-analytics.com/gtm/	114 KB 45 KB	26ms 25ms	Script application/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-NXSTMDF&cid=205096105.1682077756 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 48cca88c76ec49de6cd6bc3049235ddb7bd85025c2895be85574b9d99c7cd712 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45384 x-xss-protection 0 last-modified Fri, 21 Apr 2023 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 Apr 2023 11:49:15 GMT
GET H2	200	618909876214345 Show response connect.facebook.net/signals/config/	377 KB 108 KB	10ms 9ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/618909876214345?v=2.9.102&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b89bc49c5f967d36c62aefbd991e7620e919df140cb2289100854dceebc9606a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 21 Apr 2023 11:49:15 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110226 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug eIVVUg7IcEIZSgfdVmkmk9k2QRwLb3Prk0U7CZ4lN1qvsR4Gz30dbX7prk7gnAajMNLe0UL76+rmaDBf+dcyoQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	b sb.scorecardresearch.com/	0 225 B	11ms 9ms	Image text/plain	13.32.99.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b?c1=2&c2=37161820&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682077755562&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2Fpolitics%2F&c8=Latest%20Political%20News%20%26%20Articles%20%7C%20Observer&c9= Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-23.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT via 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop FRA60-P3 x-amz-cf-id cuodhl4RsMmET47T7R7OXLqwQXgCj43mT_bfXaxvVNS2v2SHqM8eCg== x-cache Miss from cloudfront
POST H2	204	collect region1.google-analytics.com/g/	0 252 B	47ms 17ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-T9PLB60R8S&gtm=45je34j0&_p=1424256104&cid=205096105.1682077756&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682077755&sct=1&seg=0&dl=https%3A%2F%2Fobserver.com%2Fpolitics%2F&dt=Latest%20Political%20News%20%26%20Articles%20%7C%20Observer&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:15 GMT server Golfe2 content-type text/plain access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	execute Show response c2-sandbox.piano.io/xbuilder/experience/	2 KB 2 KB	176ms 129ms	XHR application/json	2606:4700::6810:2a41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c2-sandbox.piano.io/xbuilder/experience/execute?aid=CMrLcDjZsu Requested by Host: sandbox.tinypass.com URL: https://sandbox.tinypass.com/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f70bbcadf84b32612e1c4061fd82c2b371daff72f8a648fb1da5422def53e864 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-request-id xupr3g822r pragma no-cache server cloudflare vary Accept-Encoding, Origin access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=UTF-8 access-control-allow-origin https://observer.com access-control-expose-headers Composer-Request-Control-Policy cache-control no-cache, no-store access-control-allow-credentials true cf-ray 7bb56714d9f40a5d-AMS
GET H2	200	/ www.facebook.com/tr/	0 185 B	24ms 7ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=618909876214345&ev=PageView&dl=https%3A%2F%2Fobserver.com%2Fpolitics%2F&rl=&if=false&ts=1682077755629&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682077755628.1169932654&it=1682077755553&coo=false&rqm=GET Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 21 Apr 2023 11:49:15 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	GettyImages-1242603571-2.jpg observer.com/wp-content/uploads/sites/2/2022/08/	18 KB 18 KB	9ms 8ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2022/08/GettyImages-1242603571-2.jpg?quality=80&w=300&h=225&crop=1&strip Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f9b2e3c3df725ecde25317780b02ea8db16d24ee22e6b95c09483cc34d65ff7f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 86 443 last-modified Tue, 18 Apr 2023 15:51:11 GMT server nginx etag "9738238535306297" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 18008
GET H2	200	GettyImages-1435082544.jpg observer.com/wp-content/uploads/sites/2/2022/10/	4 KB 4 KB	7ms 7ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2022/10/GettyImages-1435082544.jpg?quality=80&w=300&h=225&crop=1&strip Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 6bd68050c8bdc6f12d6924e49ea78dbe0bbcb74599c20897067a4b8f602fac70 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:15 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 32 443 last-modified Tue, 18 Apr 2023 15:51:12 GMT server nginx etag "194d7110c3bbd354" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 4280
GET H2	200	htlbid.js Show response htlbid.com/build/982829bd-7057-43dc-90d6-767c2582ac6f/	539 KB 130 KB	411ms 411ms	Script application/javascript	13.32.27.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://htlbid.com/build/982829bd-7057-43dc-90d6-767c2582ac6f/htlbid.js Requested by Host: htlbid.com URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-47.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 652bfadc1582eb139fdb571805a587920bcbbf6b09ba96458bb509189b5867e2 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT content-encoding br via 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront) last-modified Thu, 09 Mar 2023 20:36:40 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 x-amz-server-side-encryption AES256 etag W/"66f05e2e8668f3ae6ed70d4129c347ee" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=600 x-amz-cf-id B8Crp02yC6wJEPC802TOwdxdehitnchcE-8kjlmgkQymGXfujcLrOw==
POST H2	200	/ Show response www.facebook.com/tr/ Frame 1F2B	0 70 B	8ms 7ms	Document text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://observer.com Referer https://observer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://observer.com alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 11:49:16 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	75 KB 25 KB	113ms 77ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: htlbid.com URL: https://htlbid.com/build/982829bd-7057-43dc-90d6-767c2582ac6f/htlbid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 16ef9592ba50fa099994cace802ef0d39f080c97e03b0b1d29eb2834a6a8a6a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25367 x-xss-protection 0 server cafe etag 406 / 19468 / m202304170101 / config-hash: 13555417812552352376 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 21 Apr 2023 11:49:16 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	226 KB 56 KB	33ms 8ms	Script application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: htlbid.com URL: https://htlbid.com/build/982829bd-7057-43dc-90d6-767c2582ac6f/htlbid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:40:12 GMT content-encoding gzip via 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront) last-modified Wed, 19 Apr 2023 20:25:04 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P3 age 545 x-amz-server-side-encryption AES256 etag W/"d0373f28cbce103f094bc2631a9c8dd5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id suv8KqCNozRaY39dxTYsqOAY-v7dN8BwAu8ofTsal04Dpux05hX7xA==
GET H2	200	3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Show response 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/	375 KB 105 KB	90ms 38ms	Script application/javascript	2606:4700::6812:af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Requested by Host: htlbid.com URL: https://htlbid.com/build/982829bd-7057-43dc-90d6-767c2582ac6f/htlbid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7cdb6b6d3241e17e73da94d052247e22669a8d01a2cb6c2843a2c83b0d02ed9 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding br cf-cache-status HIT x-goog-meta-oid 3b5c18b9-96b7-48e4-a3ef-011eb84a970d age 0 x-guploader-uploadid ADPycduRnWKJwHXvByIvQjKp-XFTqf_5bM92mEUzsYxDaj8ZOiAd5Lecw0DOUSSlh-mQyjlfZ5TknSTpPxLOGj4JxydLO8ubhWLD x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip last-modified Thu, 16 Feb 2023 10:48:34 GMT server cloudflare etag W/"e883e1ecf5b72f50fe4e4eda88be5f4c" vary Accept-Encoding x-goog-generation 1676544514216266 content-type application/javascript x-goog-hash crc32c=RpSJdQ==, md5=6IPh7PW3L1D+Tk7aiL5fTA== cache-control public, max-age=900 x-goog-stored-content-length 113699 timing-allow-origin * cf-ray 7bb567198ca3b788-AMS expires Fri, 21 Apr 2023 12:04:16 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	23ms 7ms	XHR application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH content-encoding gzip via 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront) date Fri, 21 Apr 2023 04:48:16 GMT x-amz-cf-pop FRA56-P3 age 44110 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 13 Apr 2023 22:29:11 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id Q-QbQ_Re8N_EIZwRgxx6WC1O75heQYxI-XvesLeTwGn7FRAa38bHYw==
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/	400 KB 124 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 10:16:29 GMT content-encoding br x-content-type-options nosniff age 5567 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126857 x-xss-protection 0 server cafe etag 11988808581808118609 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 20 Apr 2024 10:16:29 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	737 B 355 B	75ms 48ms	XHR application/json	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=observer.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 10129f5ff6dac5ae975f7b8654655d7f765548c669fe8d157f17e14f97ddc117 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 330 x-xss-protection 0 expires Fri, 21 Apr 2023 11:49:16 GMT
GET H2	200	pxid Show response 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/	46 B 391 B	86ms 20ms	XHR application/json	35.241.9.51 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/pxid?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 51.9.241.35.bc.googleusercontent.com Software Permutive / Resource Hash 323adb337bd0b2399e8fc1a4602f818a77f66f63ded4fe17652d56b4f6da0322 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66
GET H/1.1	200 OK	getuidj Show response ib.adnxs.com/	11 B 818 B	41ms 12ms	XHR application/json	185.89.211.84 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/getuidj Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers Pragma no-cache Date Fri, 21 Apr 2023 11:49:16 GMT AN-X-Request-Uuid 874a699c-9fe9-45c0-b975-1e5c4698776d Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://observer.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 178.162.209.136; 178.162.209.136; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	3b5c18b9-96b7-48e4-a3ef-011eb84a970d-models.bin Show response cdn.permutive.com/models/v2/	4 KB 3 KB	62ms 27ms	XHR application/x-binary	104.19.150.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.permutive.com/models/v2/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-models.bin Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9461083d835437de501cb8bab616d6122af7e6f2e394d2087e132123ddd2b59 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip cf-cache-status HIT x-goog-meta-oid 3b5c18b9-96b7-48e4-a3ef-011eb84a970d age 0 x-guploader-uploadid ADPycdvNXgHgHp2_r4w1Mby95RZqo9eYVUMddPT_yyLdp3kjzeFB0HMDgoDNbdwSCnOE_XXP6F5NIz7lm344-1Wb_7Dptg x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 2665 last-modified Fri, 21 Apr 2023 06:01:21 GMT server cloudflare etag "d38ca1d65120fa8551d7b555e68a21f2" vary Accept-Encoding x-goog-generation 1682056881672994 content-type application/x-binary access-control-allow-origin * x-goog-hash crc32c=DRG2Ng==, md5=04yh1lEg+oVR17VV5ooh8g== access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=900, no-transform x-goog-stored-content-length 2665 accept-ranges bytes timing-allow-origin * cf-ray 7bb5671a996e3649-FRA expires Fri, 21 Apr 2023 11:25:46 GMT
GET H2	200	geoip Show response api.permutive.com/v2.0/	260 B 366 B	90ms 19ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash c567910f6e69563b1e17802a1c9a915f910a3b5e8ff1fa392cd4e9498fa1bae0 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 173
POST H2	200	watson Show response api.permutive.com/v2.0/	333 B 302 B	97ms 26ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/watson?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 47e1a8eebfcf1720a3c06340e5da3fc09dedc52d436f0c79806c0373b3bd8008 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 236
GET BLOB	200 OK	31eeab75-6297-44bf-abdd-0f6f66a732ec https://observer.com/	92 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://observer.com/31eeab75-6297-44bf-abdd-0f6f66a732ec Requested by Host: observer.com URL: https://observer.com/politics/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4d2bfbc184a7e7c3d2723041ed0ec8ccfc8817c7adabd84d057dc3aaf6a6c206 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Length 93911 Content-Type
GET BLOB	200 OK	d7443235-1ccf-4b2f-9a0c-e62d41940f90 https://observer.com/	92 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://observer.com/d7443235-1ccf-4b2f-9a0c-e62d41940f90 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4d2bfbc184a7e7c3d2723041ed0ec8ccfc8817c7adabd84d057dc3aaf6a6c206 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Length 93911 Content-Type
GET H2	200	.js Show response dyv1bugovvq1g.cloudfront.net/79/observer.com/politics/	1 KB 853 B	480ms 412ms	XHR application/json	2600:9000:223e:cc00:5:82fd:2500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dyv1bugovvq1g.cloudfront.net/79/observer.com/politics/.js Requested by Host: htlbid.com URL: https://htlbid.com/build/982829bd-7057-43dc-90d6-767c2582ac6f/htlbid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:cc00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6cb4c8f2026ccbb552aa643d1d032fc63f3fbdf87ae670878c97ab46b5d1b224 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain Response headers date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip via 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 226 x-amz-expiration expiry-date="Tue, 20 Jun 2023 00:00:00 GMT", rule-id="cleanup" last-modified Thu, 20 Apr 2023 12:53:41 GMT server AmazonS3 etag "70dc02c6a1229c79d6d244d619192ca4" access-control-max-age 3000 access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://observer.com cache-control max-age=300 access-control-allow-credentials true vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id puV756hcc-UJRHUpmJmsuC1T0I2javLOJ3zTQa-aTNJ-QOlU48D1jg==
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	469 B 824 B	8ms 7ms	XHR application/json	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software Server / Resource Hash 6e2feca12765f3e6ef129b7d5d88b354684d79d29a98438b5cf48f4097f90c44 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:35:42 GMT via 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P3 age 813 x-cache Hit from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://observer.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 469 x-amz-cf-id i_RYtu21LsM4qdlkZ3Z3aJnEg2KNtPHWfgRlXpX5q57ZEdGz098mfg==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 460 B	152ms 42ms	XHR text/javascript	13.32.106.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fobserver.com%2Fpolitics%2F&pid=xpzpOXAeC2CZu&cb=0&ws=1600x1200&v=23.414.2006&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_leaderboard_atf%22%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_right_rail%22%7D%2C%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_right_rail_2%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1010%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.106.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-106-197.fra60.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P1 x-amz-rid SJ4MD21T1S240SFHSYX9 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://observer.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id EDYDpt02HPlTuhZeuT6nFhkgb4X0w9m0_kHl9_LSOlOqPPQ6dYpEgQ==
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	63ms 22ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=observer.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	63ms 22ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=observer.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	675 B 379 B	51ms 50ms	XHR text/plain	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3420305542207530&correlator=3917880585174716&eid=31073997%2C44780988&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=22133348250%2CPrimis_VDU&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=487435963&sfv=1-0-40&ists=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1682077756639&lmt=1682077756&dlt=1682077755309&idt=1272&adxs=0&adys=5908&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fobserver.com%2Fpolitics%2F&frm=20&vis=1&psz=1600x5817&msz=1600x0&fws=4&ohw=1600&ga_vid=205096105.1682077756&ga_sid=1682077757&ga_hid=1424256104&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash da6c43b2026ac728337b380682e4d246434d6891a5a2761302b48459fae6d206 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 349 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://observer.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	102ms 65ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304170101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 663cf166075af5d339406d723959811fbbd5f61bb76134dc992cea951f577a94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11274 x-xss-protection 0
GET H2	200	container.html Show response 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CBE0	6 KB 3 KB	85ms 21ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://observer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 11:49:16 GMT expires Sat, 20 Apr 2024 11:49:16 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	identify Show response api.permutive.com/v2.0/	50 B 88 B	59ms 30ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/identify?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash ee642793a9f6e2c2eafc54127b00fbfa8a8b7081d5056c25d6e4852ab3ae0c94 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	469 B 825 B	9ms 8ms	XHR application/json	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software Server / Resource Hash 6e2feca12765f3e6ef129b7d5d88b354684d79d29a98438b5cf48f4097f90c44 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:35:42 GMT via 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P3 age 813 x-cache Hit from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://observer.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 469 x-amz-cf-id iOQiFQFkjX_zO7_IHZrV1hAUJ_fL_Y2XGNqfXqaeImFc_NL0XMDMMQ==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 460 B	109ms 54ms	XHR text/javascript	13.32.106.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fobserver.com%2Fpolitics%2F&pid=xpzpOXAeC2CZu&cb=1&ws=1600x1200&v=23.414.2006&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-5-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_article%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1010%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.106.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-106-197.fra60.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P1 x-amz-rid 4BR0QWS11QDBN3JK3ZVA vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://observer.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id sA2P0FtHkC3KP-7jDlpyRl7pF8pWUgu999kLoBUu7vWDFORQHnvv1Q==
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	58 KB 17 KB	69ms 25ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 06 Apr 2023 12:00:04 GMT server cloudflare x-amz-request-id RD4KF7R7Z77NPBKD age 3434 etag W/"b58faeda0c1d193bc50dd25a7640d8ba" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 7bb5671b8a011e75-AMS x-amz-id-2 Ig35aqMy+yq2B+4GejDKtfcK/qrk94tDz/oJuwcQEBSN3ybzf8hNkpOI8ZiOAocN+OVrKPcEbWQ=
POST H2	200	recordVendorsLoaded Show response prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/	0 452 B	100ms 98ms	XHR text/plain	34.204.208.84 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.208.84 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-208-84.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Fri, 21 Apr 2023 11:49:17 GMT content-length 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
OPTIONS H2	200	recordVendorsLoaded prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame	0 0	300ms 98ms	Preflight	34.204.208.84 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.208.84 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-208-84.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://observer.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Fri, 21 Apr 2023 11:49:16 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	underscore.min.js Show response observer.com/wp-includes/js/	18 KB 7 KB	7ms 6ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/underscore.min.js Requested by Host: observer.com URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:42 GMT server nginx x-rq hhn2 96 185 443 etag W/"642dec42-4991" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	api-request.min.js Show response observer.com/wp-includes/js/	1023 B 667 B	7ms 7ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/api-request.min.js Requested by Host: observer.com URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:41 GMT server nginx x-rq hhn2 96 185 443 etag W/"642dec41-3ff" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
POST H2	200	recordVendorsLoaded Show response prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/	0 459 B	99ms 98ms	XHR text/plain	34.204.208.84 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.208.84 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-208-84.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Fri, 21 Apr 2023 11:49:17 GMT content-length 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
OPTIONS H2	200	recordVendorsLoaded prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame	0 0	300ms 99ms	Preflight	34.204.208.84 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.208.84 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-208-84.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://observer.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Fri, 21 Apr 2023 11:49:16 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	backbone.min.js Show response observer.com/wp-includes/js/	23 KB 8 KB	6ms 6ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/backbone.min.js Requested by Host: observer.com URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b99993143ef5c98b746267c0a19fd2c2f4a6d64af3e1dae82a87573c4b9b1572 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:41 GMT server nginx x-rq hhn2 96 185 443 etag W/"642dec41-5d28" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	CDC.jpg observer.com/wp-content/uploads/sites/2/2022/06/	9 KB 9 KB	7ms 7ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2022/06/CDC.jpg?quality=80&w=300&h=225&crop=1&strip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a1434becee72b5abad8fd9e5eae43cbd258fcf5e7d5b6dab31df4f9ed07ff2ff Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 84 443 last-modified Wed, 19 Apr 2023 11:01:55 GMT server nginx etag "86677b0549a4883a" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 9300
GET H2	200	wp-api.min.js Show response observer.com/wp-includes/js/	14 KB 4 KB	7ms 7ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/wp-api.min.js Requested by Host: observer.com URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 05 Apr 2023 21:46:42 GMT server nginx x-rq hhn2 96 184 443 etag W/"642dec42-395a" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
POST H2	200	audiences Show response api.permutive.com/audience-matching/v1/id/6b4fe463-3059-4a60-95df-57167bb2946a/	12 B 73 B	85ms 83ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/audience-matching/v1/id/6b4fe463-3059-4a60-95df-57167bb2946a/audiences?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software / Resource Hash 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 21 Apr 2023 11:49:16 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12 content-type application/json
POST H2	200	segment Show response api.permutive.com/adv/v2/	30 B 94 B	28ms 27ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/adv/v2/segment?new-session=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers access-control-allow-origin * date Fri, 21 Apr 2023 11:49:16 GMT via 1.1 google server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30 content-type application/json
GET H2	200	/ Show response observer.com/wp-json/wp/v2/	293 KB 14 KB	7ms 7ms	XHR application/json	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-json/wp/v2/ Requested by Host: observer.com URL: https://observer.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash cac188b99e266b45add6012dffdd20f9739501380b8af1c0c9fcedb181789c21 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload X-Content-Type-Options nosniff Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://observer.com/politics/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000;includeSubdomains;preload age 596 x-cache graced content-length 13947 x-rq hhn2 96 184 443 server nginx allow GET vary Accept-Encoding, Origin content-type application/json; charset=UTF-8 access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control max-age=60 accept-ranges bytes x-robots-tag noindex link <https://observer.com/wp-json/>; rel="https://api.w.org/" access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	64ms 28ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 21 Apr 2023 11:49:16 GMT
GET H/1.1	200	v1 Show response lb.eu-1-id5-sync.com/lb/	33 B 399 B	59ms 14ms	XHR application/json	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.82 , France, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash 617e319312a0ef06f4bdaa089dfec33f5ed372697f6c4c7b34742b5b70977c1b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://observer.com date Fri, 21 Apr 2023 11:49:16 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H/1.1	200	v1 Show response lb.eu-1-id5-sync.com/lb/	33 B 399 B	58ms 15ms	XHR application/json	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.82 , France, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash 617e319312a0ef06f4bdaa089dfec33f5ed372697f6c4c7b34742b5b70977c1b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://observer.com date Fri, 21 Apr 2023 11:49:16 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	22ms 21ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=observer.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	21ms 21ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=observer.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	216 KB 50 KB	606ms 605ms	XHR text/plain	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3420305542207530&correlator=4249522287741694&eid=31073997%2C44780988&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=22133348250%2Cobserver_leaderboard_atf%2Cobserver_right_rail%2Cobserver_right_rail_2%2Cobserver_1x1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x250%7C728x90%7C970x90%2C300x250%2C300x250%7C300x600%2C1x1&ifi=2&adks=4231055590%2C575193480%2C3095121235%2C2864702765&sfv=1-0-40&eri=1&cust_params=permutive%3D28393%252Crts%26puid%3D6b4fe463-3059-4a60-95df-57167bb2946a%26ptime%3D1682077756596%26is_testing%3Dno%26is_home%3Dno%26pagetype%3Dchannel_archive%26url%3Dhttps%253A%252F%252Fobserver.com%252Fpolitics%252F%26tag%3D%26author%3D%26articleID%3Dsection_423868943%26brandsafe%3Dyes%26section%3Dpolitics%26servead%3Dyes%26htlbidid%3D18002%26prmtvsdk%3Dweb&sc=1&cookie=ID%3Db25e3d33bc7a961d%3AT%3D1682077756%3AS%3DALNI_MYTGPEGDcvCA_w1jjtiAowFIjMSbg&gpic=UID%3D00000bedff4c179b%3AT%3D1682077756%3ART%3D1682077756%3AS%3DALNI_Mb2nEG0yYjrwi11SLimeNC8ji7loA&abxe=1&dt=1682077756781&lmt=1682077756&dlt=1682077755309&idt=1272&adxs=315%2C983%2C983%2C-12245933&adys=225%2C1512%2C1782%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C3%7C4%7C-1&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fobserver.com%2Fpolitics%2F&frm=20&vis=1&psz=970x0%7C300x0%7C300x0%7C0x0&msz=970x0%7C300x0%7C300x0%7C0x0&fws=4%2C4%2C4%2C132&ohw=1600%2C1600%2C1600%2C1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=205096105.1682077756&ga_sid=1682077757&ga_hid=1424256104&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7248495ad9af69f70eaa968edfe35ae33ccd164a3adab061420c807388bc0ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51130 x-xss-protection 0 google-lineitem-id -1,-1,-1,5658459797 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -1,-1,-1,138344978924 content-type text/plain; charset=UTF-8 access-control-allow-origin https://observer.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	51 KB 12 KB	357ms 357ms	XHR text/plain	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3420305542207530&correlator=1559714885674217&eid=31073997%2C44780988&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=22133348250%2Cobserver_article&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=1531089004&sfv=1-0-40&eri=1&cust_params=permutive%3D28393%252Crts%26puid%3D6b4fe463-3059-4a60-95df-57167bb2946a%26ptime%3D1682077756596%26is_testing%3Dno%26is_home%3Dno%26pagetype%3Dchannel_archive%26url%3Dhttps%253A%252F%252Fobserver.com%252Fpolitics%252F%26tag%3D%26author%3D%26articleID%3Dsection_423868943%26brandsafe%3Dyes%26section%3Dpolitics%26servead%3Dyes%26htlbidid%3D18002%26prmtvsdk%3Dweb&sc=1&cookie=ID%3Db25e3d33bc7a961d%3AT%3D1682077756%3AS%3DALNI_MYTGPEGDcvCA_w1jjtiAowFIjMSbg&gpic=UID%3D00000bedff4c179b%3AT%3D1682077756%3ART%3D1682077756%3AS%3DALNI_Mb2nEG0yYjrwi11SLimeNC8ji7loA&abxe=1&dt=1682077756790&lmt=1682077756&dlt=1682077755309&idt=1272&adxs=983&adys=2052&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fobserver.com%2Fpolitics%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=205096105.1682077756&ga_sid=1682077757&ga_hid=1424256104&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b8ef878c22ba234fb8a4c72a90cc732feceea1fce2f821bf539926cc4eb1dc4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12079 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://observer.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 99C8	13 KB 5 KB	15ms 13ms	Document text/html	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://observer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3590 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 10:49:26 GMT expires Sat, 20 Apr 2024 10:49:26 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame A214	783 B 1 KB	58ms 25ms	Document text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b3297fc616a2fa27cb6b5112c395a0c2213aae850ded446f6d0bd6a287243035 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-E9dNsMs89sIGycMjCZLiPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://observer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-E9dNsMs89sIGycMjCZLiPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 11:49:16 GMT expires Fri, 21 Apr 2023 11:49:16 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H/1.1	200	517.json Show response id5-sync.com/g/v2/	216 B 622 B	58ms 14ms	XHR application/json	141.95.33.111 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/517.json Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.33.111 , Germany, ASN16276 (OVH, FR), Reverse DNS ns3203177.ip-141-95-33.eu Software / Resource Hash 73f6702b27b83d4016be9009db23ec54d4462724ef3a05a7ec5b2c6807761d67 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://observer.com date Fri, 21 Apr 2023 11:49:16 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
POST H/1.1	200	517.json Show response id5-sync.com/g/v2/	216 B 622 B	59ms 15ms	XHR application/json	141.95.33.111 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/517.json Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.33.111 , Germany, ASN16276 (OVH, FR), Reverse DNS ns3203177.ip-141-95-33.eu Software / Resource Hash f9bf5e5c58771173f20c8fddd21176a0fa2e73877dc4b85c16caffc5778b406f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://observer.com date Fri, 21 Apr 2023 11:49:16 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H2	200	GettyImages-1404257121.jpg observer.com/wp-content/uploads/sites/2/2022/07/	16 KB 16 KB	7ms 7ms	Image image/jpeg	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2022/07/GettyImages-1404257121.jpg?quality=80&w=300&h=225&crop=1&strip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 52ecfb70955b36ac1615aca2ffdfdbf682acb32778e05ea8d03743fa42c1c556 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 139 443 last-modified Wed, 19 Apr 2023 11:01:56 GMT server nginx etag "bcf8e903b1c7f538" vary Accept x-cache HIT content-type image/jpeg cache-control max-age=31536000 x-optim-disabled true accept-ranges bytes content-length 16259
GET H3	200	FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response pagead2.googlesyndication.com/bg/ Frame 99C8	36 KB 14 KB	40ms 13ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 13:47:57 GMT content-encoding br x-content-type-options nosniff age 79279 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14264 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 19 Apr 2024 13:47:57 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame A214	0 0	46ms 46ms	Image text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304170101&jk=3420305542207530&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 99C8	0 10 B	14ms 13ms	Image text/plain	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?ySvmbA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:16 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012304062309000/ Frame 894C	222 KB 61 KB	54ms 15ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 19 Apr 2023 11:33:31 GMT age 173746 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61901 x-xss-protection 0 server sffe etag "8572ebb49fe3e70f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 18 Apr 2024 11:33:31 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012304062309000/v0/ Frame 894C	15 KB 5 KB	82ms 43ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 10:20:12 GMT age 91745 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5225 x-xss-protection 0 server sffe etag "ad2d0ddcea45401f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 10:20:12 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012304062309000/v0/ Frame 894C	94 KB 28 KB	77ms 38ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 01:31:13 GMT age 123484 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28974 x-xss-protection 0 server sffe etag "441c199a95baae2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 01:31:13 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012304062309000/v0/ Frame 894C	5 KB 2 KB	76ms 37ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 04:17:12 GMT age 113525 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1904 x-xss-protection 0 server sffe etag "60fdf036b4edbfa8" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 04:17:12 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012304062309000/v0/ Frame 894C	40 KB 13 KB	83ms 44ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 05:09:58 GMT age 110359 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12949 x-xss-protection 0 server sffe etag "53b4f6addb6819c0" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 05:09:58 GMT
GET H2	200	css fonts.googleapis.com/ Frame 894C	6 KB 765 B	26ms 26ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 21 Apr 2023 11:49:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Apr 2023 10:03:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Apr 2023 11:49:17 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 894C	2 KB 2 KB	16ms 15ms	Image image/png	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 22:44:13 GMT x-content-type-options nosniff server cafe age 47104 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Fri, 21 Apr 2023 22:44:13 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 894C	295 B 319 B	15ms 14ms	Image image/png	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 07:19:29 GMT x-content-type-options nosniff server cafe age 16188 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Sat, 22 Apr 2023 07:19:29 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 894C	0 0	27ms 26ms	Image text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfxslYLSLEjjz0shLTqSy8Lo-SaMo44yp99Y7TJqynvMpvq76kj-vNJE2si98KZVFr15GtryKvgvSr2dr_L8YqEDXYhA Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	2076313506083323656 tpc.googlesyndication.com/simgad/3084397263447096612/ Frame 894C	34 KB 34 KB	17ms 16ms	Image image/jpeg	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3084397263447096612/2076313506083323656 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dfa5d0a549e4de9f125fc4a44b175a3104b502223679673a4d7b44c9dd4f2113 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 19 Apr 2023 10:37:46 GMT x-content-type-options nosniff age 177091 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34886 x-xss-protection 0 last-modified Tue, 13 Dec 2022 21:05:45 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 18 Apr 2024 10:37:46 GMT
GET DATA	200 OK	truncated / Frame 894C	217 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 28cebc3506a9738371a1725ce79a4c961f6fa5f7f883519e796eaa6c4ec20da5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 894C	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 85ffc17c32d12e42aaa185216589efbca4bdc0ccea56672ce6aec435fc264d26 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 894C	15 KB 16 KB	16ms 14ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 19:35:07 GMT x-content-type-options nosniff age 58450 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Apr 2024 19:35:07 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 894C	15 KB 15 KB	17ms 17ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 02:04:52 GMT x-content-type-options nosniff age 121465 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Apr 2024 02:04:52 GMT
POST H3	200	events Show response api.permutive.com/v2.0/batch/	101 B 129 B	22ms 22ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 7303c6fa09b550219f47311d712a7a299c9659ef6f578addeb4bbc813b27a6b8 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:17 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 894C	0 0	59ms 59ms	Image text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CsBuPPHhCZP_JMuKT7_UPg4aU8AzK7IGOcJr_t8WSEc_R64iPGhABINy22H5glQKgAavVtLsCyAEJ4AIAqAMByAMKqgSdAk_QVQF3m1zPvXpPRBkt0840N42usMGStEyFeHQ4XEAr-wC3jrdLHt6t5dFtFypxpmB8-tOgfAZ5kwAFeBqiOMwRiTlMlSsUfPo4gHbKmNWW-7MaRaz_f8KJ2WO72l3VpZRfYS31glBlltKdG-pIOl33DMqMuUKTCVZjwjrlTz6I5Fpm_WdM9TaPS3BsjLQVcA811PmZG7i3d3dk5L-zHNfKVs7PcV6bytyZLoey0vhfB3-LaiaZzfvgy84Lr8em_f7sl8nk2ijLNKxBjLU_hpA2iIyUCH5rgGGisPTEchrsXNXFiSMYq-udKhwke-_u4Kp-zbdWx9iG-WnV3UGaJ3mdfMpRQx1KYKShkG4ssjdjG9BnbO1nGwmMj8nAb8AEjf7Y7fEC4AQBkgUECAQYAZIFBAgFGASgBi6AB8W0k8kBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQp9YR0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwG4E-QD2BMM0BUBgBcBshceChwIABIUcHViLTM0NTczMTQ0NTgyMzQ0MjgYzv52&sigh=x_IZaXT7ACU&uach_m=[]&cid=CAQSPABygQiDJd9xWpslyHDA642Ly4oYT2q1G_9zE1ihUpSzxxJ_yELRiVSREWg3NSW-e8hVvyCrwjPGMb_n-hgB&template_id=484&cbvp=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H2	200	oPS.js Show response d15kdpgjg3unno.cloudfront.net/	112 KB 23 KB	56ms 8ms	Script text/javascript	2600:9000:2490:fc00:11:b309:9100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79 Requested by Host: htlbid.com URL: https://htlbid.com/build/982829bd-7057-43dc-90d6-767c2582ac6f/htlbid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:fc00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a21a5b10241668ca60f4bee12afecd21ac53c27fdb3c4fed132bb80296866f74 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 17:53:58 GMT x-amz-version-id bltLJYZjbTHdybQOsFIfmVReSCOyEKgc content-encoding gzip last-modified Thu, 20 Apr 2023 17:53:52 GMT server AmazonS3 via 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 etag W/"355c931309360c10cc3641822f1a0ada" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=84600 age 64520 x-amz-cf-id 1XRASHQ3au1JG2hiC4gAQ-BxMhOWu96fNZ6bXol1VVefhD0qcf4a5Q==
GET H/1.1	200 OK	1x1-pixel.png ams-pageview-public.s3.amazonaws.com/	68 B 480 B	315ms 110ms	Image image/png	3.5.27.110 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1e511584efcb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Fri, 21 Apr 2023 11:49:18 GMT Last-Modified Mon, 26 Oct 2020 16:52:19 GMT Server AmazonS3 x-amz-request-id WRKFDEKY6RGFTMMP ETag "91e42db1c66c0b276abf6234dc50b2eb" Content-Type image/png Cache-Control no-store Accept-Ranges bytes Content-Length 68 x-amz-id-2 OxJUJJ2f3eSQm8bvWN6kBaX9YUnjATCY5R8kWE3ExxIHNrwgcdZgyOGWE7+DvkJp/xbuql3wtopxBqWjU2LwC+gs7kPNN13fs/lcxh5QR2s=
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/022304062309000/ Frame 4B8A	222 KB 61 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fdd6d2863fc8400a4ce08f5e1a297c76a4a20c5109ff320ffc44200b202fdb50 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 07:18:27 GMT age 102650 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61846 x-xss-protection 0 server sffe etag "06786997879fcd44" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 07:18:27 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/022304062309000/v0/ Frame 4B8A	15 KB 5 KB	23ms 21ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 19 Apr 2023 11:00:21 GMT age 175736 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5225 x-xss-protection 0 server sffe etag "ad2d0ddcea45401f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 18 Apr 2024 11:00:21 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/022304062309000/v0/ Frame 4B8A	94 KB 28 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 17 Apr 2023 15:14:31 GMT age 333286 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28974 x-xss-protection 0 server sffe etag "441c199a95baae2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 16 Apr 2024 15:14:31 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/022304062309000/v0/ Frame 4B8A	5 KB 2 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 04:11:20 GMT age 113877 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1904 x-xss-protection 0 server sffe etag "60fdf036b4edbfa8" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 04:11:20 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/022304062309000/v0/ Frame 4B8A	40 KB 13 KB	19ms 18ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 05:17:54 GMT age 109883 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12949 x-xss-protection 0 server sffe etag "53b4f6addb6819c0" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 05:17:54 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B8A	2 KB 2 KB	14ms 13ms	Image image/png	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 22:44:13 GMT x-content-type-options nosniff server cafe age 47104 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Fri, 21 Apr 2023 22:44:13 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B8A	295 B 319 B	15ms 14ms	Image image/png	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 07:19:29 GMT x-content-type-options nosniff server cafe age 16188 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Sat, 22 Apr 2023 07:19:29 GMT
GET DATA	200 OK	truncated / Frame 4B8A	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7611645487eda957a8b575231cba1762706af36aa9db9f069101c49f6383481c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/022304062309000/ Frame EB12	222 KB 60 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fdd6d2863fc8400a4ce08f5e1a297c76a4a20c5109ff320ffc44200b202fdb50 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 07:18:27 GMT age 102650 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61846 x-xss-protection 0 server sffe etag "06786997879fcd44" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 07:18:27 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/022304062309000/v0/ Frame EB12	15 KB 5 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 19 Apr 2023 11:00:21 GMT age 175736 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5225 x-xss-protection 0 server sffe etag "ad2d0ddcea45401f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 18 Apr 2024 11:00:21 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/022304062309000/v0/ Frame EB12	94 KB 28 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 17 Apr 2023 15:14:31 GMT age 333286 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28974 x-xss-protection 0 server sffe etag "441c199a95baae2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 16 Apr 2024 15:14:31 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/022304062309000/v0/ Frame EB12	5 KB 2 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 04:11:20 GMT age 113877 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1904 x-xss-protection 0 server sffe etag "60fdf036b4edbfa8" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 04:11:20 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/022304062309000/v0/ Frame EB12	40 KB 13 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022304062309000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Apr 2023 05:17:54 GMT age 109883 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12949 x-xss-protection 0 server sffe etag "53b4f6addb6819c0" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 19 Apr 2024 05:17:54 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB12	2 KB 2 KB	14ms 13ms	Image image/png	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 22:44:13 GMT x-content-type-options nosniff server cafe age 47104 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Fri, 21 Apr 2023 22:44:13 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB12	295 B 319 B	14ms 14ms	Image image/png	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 07:19:29 GMT x-content-type-options nosniff server cafe age 16188 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Sat, 22 Apr 2023 07:19:29 GMT
GET DATA	200 OK	truncated / Frame EB12	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b0986690aa59c218dbf94bfce3ee8e332b0d8441720d33f4709d9b556e7744d6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	container.html Show response 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B96	6 KB 3 KB	15ms 14ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://observer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 11:49:16 GMT expires Sat, 20 Apr 2024 11:49:16 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 9A3D	0 0	52ms 50ms	Fetch image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7eVXAlbDDq4S-rL455BfXPW4VUgaYWCU7KNwTF7eN1MiiEnHcGV0NINMEbX0v6ELDSMLlAODa_9XycI6xtqrTHWhuoH-0B60q4mBdlHloZp-OtiojF5_rZ_CwQNPB6NiMVstxI07LbDF9qTeLXKVU5Yz0nF1_sTw-04Dgs-eUUaZTnZzZ0qFGUzjW1lQ34dWt0KV6TNJeMmVm7F0MfgtmxIJdqe6P8Pib0BX9-Y7NM0X62yOGSGvsKT0bm-Jzaw1HsmZKVuyvzcwJALKEUnSGsP3W1VL7AL6OXultJHFd7alB949IejBux_7_KfuOWYk&sai=AMfl-YQlwtv3V4h-SW06shFoVHairGcpIIHPconp3Cv0WvB-suAYLj292ZyHA-WCv-OUA_qChX6zkb3kYFz_e5hPCDCA9QwBRfetKvJ82F4j1MG1clP4ijUOHlGJj8KEDBw&sig=Cg0ArKJSzO7QB-2haA-aEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	iframebuster.js Show response assets.bounceexchange.com/assets/bounce/ Frame 9A3D	2 KB 1 KB	102ms 14ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/bounce/iframebuster.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:18:44 GMT content-encoding gzip age 30633 x-guploader-uploadid ADPycdsOhWauNPP3v9CSYP4k6iYi7bRjWw8eXi8b3JTir0Kqbs9RtGzmqV6rWEHtAIR7fsJ9-EFS1ygVwmh-h9Ul1x5nZrPR0zEE x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 970 last-modified Thu, 20 Apr 2023 16:22:56 GMT server UploadServer etag "dbb8751c07537277f7be07050eb5cbb6" vary Accept-Encoding x-goog-generation 1682007776310933 x-goog-hash crc32c=tzKvXw==, md5=27h1HAdTcnf3vgcFDrXLtg== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=3600 x-goog-stored-content-length 970 accept-ranges bytes content-type text/javascript; charset=UTF-8
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 9A3D	159 KB 49 KB	78ms 35ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 11:49:17 GMT
GET H3	200	9343625332298430917 tpc.googlesyndication.com/simgad/ Frame 4B8A	57 KB 57 KB	16ms 15ms	Image image/png	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9343625332298430917?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkTsv81ljcUnh8-CEcrA-PKo1cYfw Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97d29271722cea67e7225a44d5990cb4d30edcc00cec4c01b57c6df2fb018a7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 01:08:29 GMT x-content-type-options nosniff age 124848 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58324 x-xss-protection 0 last-modified Mon, 27 Mar 2023 18:29:13 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 19 Apr 2024 01:08:29 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 4B8A	0 0	22ms 21ms	Image text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhXHkWd6qJWKxPwrTRuW0nkbtZ45WA48IKK2Rliiis8r48E2TBWd6S45VfLisy5-XtMvFO-O4zMHDSMoe8duSugSiPhg Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4B8A	0 0	57ms 56ms	Image text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch0f7PHhCZIj2MpWh9u8P6bSUiAXq1PuScK6m35mGEZql4fTbORABINy22H5glQKgAauM7MQDyAEC4AIAqAMByAMIqgSXAk_QpxKnVv0vH2AAiRy1qnLt3jU4ebvwc68JMiRCTXN3jLmyf3guiFXe8BrgSkHfXNeugSDHf1KsO4cXI_B0OK3skcpw9aRG1iKDcfIftLsogQgMMazIHGqrX-whD5ZEfSKKp_VA4SXR_XkqRqdhMXsgtOt9AzIEvKto2RqS880mYUtXd7YLq56tv5TMIckOQE2gkgimWIq52JWqWNgxTcVSD84BdpTKRHmJlxzY6pXk54RvAnV44oX39iFslAaPa-9HUsDlQBoIRmK-w1D3XoLznp8oXP9VTklgaha3nbKTPFZUm0JLhSfKEvcHLiPYLmUkxMmoda1KByhunM-dtNpfWik3fUjA3YkFtX7BA00Akjosov3llsAE2b-e3bIE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB73zkzuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCzmjbSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNDU3MzE0NDU4MjM0NDI4GM7-dg&sigh=q4pEyv4whMw&uach_m=[UACH]&cid=CAQSPABygQiDgDR9B3QiliXbBTLC-CotwdnQExIQmcHvWqsKasGS91JQd8ZF0f5MJ7mj0pIWw8ZcrrKAXFdtHxgB Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	6104186517252669114 tpc.googlesyndication.com/simgad/ Frame EB12	125 KB 125 KB	20ms 19ms	Image image/png	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/6104186517252669114?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn7v318fwP0pxkzOewdAm5drDmGfA Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 91fa8dcb3ce25074dfa033646c9bed2af3ce87a7f36b7a667c57d3919940caaa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 18:07:41 GMT x-content-type-options nosniff age 63696 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128277 x-xss-protection 0 last-modified Wed, 05 Apr 2023 14:57:48 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 19 Apr 2024 18:07:41 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame EB12	0 0	21ms 19ms	Image text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8RMge466UsEy-JyxWEVc1MxS57Rs4AD4xlEpuIcFUWqqaBqdEZCuivmXZas92E59aemWD-2xlm-sWwypHlD4ubLXxhw Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame EB12	0 0	57ms 55ms	Image text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CglzRPHhCZIn2MpWh9u8P6bSUiAWex9eXcImw4rmmEdzZHhABINy22H5glQKgAcjS1ckCyAECqQITiaZn2GOyPuACAKgDAcgDCKoEoQJP0Br-hmlIAOJWrB1N0qj3EoQXkJGSXb35BVPEwVOdN16nCDA9A8UuPAGkMJYqCu1c8160fVo9nwLBbMX29D-LTeLXRLZDKYi_-LOXvBn3LycrZxA7ZIZ5_dJJw6H1VIOoK58lskf2-QGKd8dj4-dgp2SVHzg-t-53nl4EtjyMABj3MEg_pWNNCD7sZEdPCjZNFYY9MtervaPBb4RI7APWKPJLwRhimeajMccdr-ycBZtHRq72qc8XB7HOXv4ZPt22QdCxjEs4twgDPrBzJtyKp7FVIcpiszbHaJ6aLxHjT4ZmMdrUCpahbXijiTNMG6rOSXWLMJQ2fMzuW-Z1JdeXoONcBZDIGLF990TZ0qTo8XtWOP21_WvTjGCxJNFkGbC-wAST6_39tgTgBAGgBgKAB-6Sl9cBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3PUN0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItMzQ1NzMxNDQ1ODIzNDQyOBjO_nY&sigh=ipE2nq9CFrI&uach_m=[UACH]&cid=CAQSPABygQiDgDR9B3QiliXbBTLC-CotwdnQExIQmcHvWqsKasGS91JQd8ZF0f5MJ7mj0pIWw8ZcrrKAXFdtHxgB Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	css fonts.googleapis.com/ Frame 6B96	2 KB 531 B	23ms 23ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 21 Apr 2023 11:49:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Apr 2023 10:02:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Apr 2023 11:49:17 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 6B96	2 KB 765 B	14ms 13ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:53:51 GMT content-encoding br x-content-type-options nosniff age 68126 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:53:51 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 6B96	0 0	57ms 57ms	Fetch text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C86UjPHhCZIr2MpWh9u8P6bSUiAXk0rr_b4nCl5TBEMbH37ScMhABINy22H5glQKgAfC9xvYDyAEJqQITiaZn2GOyPuACAKgDAcgDywSqBJgCT9AS68B6s8cDn-77Ktf3GYmlv62XlqXKapM-GEHhD3N0ZLcWvheC5sncaapP9FHoR-uqIduPO3-hGytm-5kvsad7tzPh4s0zlGOIu-3m6rs17qF5BcmCfy1h8ESKOxv2FopMSueRWLpSfJsQZHNOK2QuP-5ZR9YkKwAXiUxsdMemhk_r4o0THP4xhOU9YrY8TMjV-EpzZmqGjxWqYraXCMQAG-Yv-gDnRyVol7zcCGgPyZT-dZmTA1eDIMKrHUtc4wkJGS3Vv5gE02QuGMO3ehjWQpgeWFqUS7lT6ziZBGlmf6zJF-ot-btA6s8Hi88AU56kWv3PdOs5ms375jAxXfc_62sazwGhh47IvnrxXPlObiK0pDd47cAEt5LU0YsE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_jBuQmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQuPwI0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzQ1NzMxNDQ1ODIzNDQyOBjO_nY&sigh=DtQ23AX7wDE&uach_m=[UACH]&cid=CAQSPABygQiDgDR9B3QiliXbBTLC-CotwdnQExIQmcHvWqsKasGS91JQd8ZF0f5MJ7mj0pIWw8ZcrrKAXFdtHxgB&template_id=494 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 6B96	21 KB 8 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:48:26 GMT content-encoding br x-content-type-options nosniff age 68451 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:48:26 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 6B96	3 KB 1 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 07:30:34 GMT content-encoding br x-content-type-options nosniff age 15523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 07:30:34 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 6B96	19 KB 8 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 06:15:49 GMT content-encoding br x-content-type-options nosniff age 20008 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 06:15:49 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 6B96	0 0	22ms 21ms	Image text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-OCt0HoEZQBa7NmX-tpYJh43zX5HjCbOO4yqYjIEzAvwHwGDtAjOvwkfk3OHpDu3lZz-1QETeJofNRkVAZMbCqVBizA Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6B96	159 KB 49 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 11:49:17 GMT
GET H2	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame 6B96	32 KB 14 KB	79ms 23ms	Script text/javascript	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 12:00:35 GMT content-encoding gzip x-content-type-options nosniff age 85722 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 19 Jul 2023 12:00:35 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame 6B96	19 KB 19 KB	62ms 14ms	Image image/jpeg	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSare0qcAJeo_allEmVdUM94lMGnp7vjvW6qKgx_tKGXGwGByfIQMvPx7tLMA&usqp=CAI Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d6a523828a57a1a4a399f3e50f53ef28c35df8e97db373513287e282768ee2a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 19 Apr 2023 23:37:18 GMT x-content-type-options nosniff age 130319 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18994 x-xss-protection 0 last-modified Mon, 02 Jan 2023 11:38:20 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 18 Apr 2024 23:37:18 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame 6B96	17 KB 18 KB	56ms 13ms	Image image/jpeg	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSR9JZXCato3c9BtFu7KCcXcu-qkXMrWG_pu2mKbet2cWigEFyk7z5PIOe14Q&usqp=CAI Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04a681100953a06957140cad31cbdc6ae5e656607787fac48ebe9ded79029615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 03:03:57 GMT x-content-type-options nosniff age 117920 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17586 x-xss-protection 0 last-modified Sat, 18 Jun 2022 08:14:24 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Fri, 19 Apr 2024 03:03:57 GMT
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame 6B96	21 KB 22 KB	56ms 14ms	Image image/png	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ6VFXeHyJ7gvSjPrO9WKPRNfvOFgfjrDZNailwVxjT2HR8xkt6&usqp=CAI Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 19 Apr 2023 10:46:04 GMT x-content-type-options nosniff age 176593 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21587 x-xss-protection 0 last-modified Wed, 10 Jul 2019 07:52:36 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 18 Apr 2024 10:46:04 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	50ms 49ms	Image text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304170101&jk=3420305542207530&bg=!8POl86fNAAYfNdXmPzU7ADkAdvg8Ws7B5XKqceLvaKTb3rREfTnNrjzoFkxdSiXn3_bpQwdNKvr2D_SvQNVi10-utdd3GpWvbboCAAAAO1IAAAACaAEHCgAVPOJ-oWNFtlOZqtHnVdeSThrMoxtKmQLRUDB2gVPsrNm8e3fJ88XYbdRt-rgDGEgsRc3IfiN_QoXbcvJTxa4AUM8x-plE-23VJwJhxp3iPpl7XQVLRumFRAoxxHs0cS9kosuua4jYVLQvx8GWF5ia28nWGP0mb73khDaXMEnAUI0uFNYk-fg6teckRK8NhZYmilT83nn_X3T4Zq7bXxr6edat4SWB_GjEAFeCd9YBlBaOtj2T0cARwa26uQEuQUhD7narYZRHUm8ododoO8s7fnu5OneD0v4Ts3o7coIrkoOVQcJR6c953hjYdAMQ_jOWhdoFeBM2w_qfdHmpFCwey5fxTIFx4B8X-o46uhyjrlhaFa2Ij1Fj2M1QIImZTD6ooFVaIr-Tjo_tDv8bbUv7bF3JJGaN55sjw-adbIbjfcfj2V2Iuzko794GVTHpfdsXmdGmZFuL4SpiNfTx_X11fcqpU_FQmy3EkEh1ZtPWiIqw7U48nfyIq5WMfSazSaBDR-aX-cl5-NxPfakSd2MDkYuJgakbo7J1D8FVuNgabxrssvHkDqE6Ni7NDUyp7FjVa6ulLqU_MAvRDCEMFCL6-NEFLoqZIUC_-NHwlyOkVOmzp0XyHekobage8xme4ciaFLtYxzKBhFKl41-uGwKFOz2g_U6SYyzY0_fiOuly1nP7nmr4O2QlJGUlf90zEsDh6g9GAMXUdPgcBr28am6zuAvz3cjFnsLTbNu9c6SCXMSiAW-KzoN0FJNp50HoyKQScI-_y-v7co83kvCtxBhZkmAdQKk4ucPu1Zz3FWYnA_qfdtr9viny9LoPrLO9zuoYUMLYU_wjfx1NuJay5iNR1BtNAX5il7XHA7feijfS1yKo-xF2x6v7UpN_KhpekgLMgIjjJpToXgAZFRdPT1i956fAA1f-3Yrazm3elp2XPW2dZRVYKmilIztY8YfUtaTsz7NCO_TFfNbR_dPrD-aczTMUp08DGXrMxQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 4B8A Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	60ms 26ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Redirect headers date Fri, 21 Apr 2023 11:49:17 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame EB12 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	94ms 64ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Redirect headers date Fri, 21 Apr 2023 11:49:17 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	i.js Show response tag.bounceexchange.com/4256/	4 KB 2 KB	100ms 14ms	Script text/plain	34.120.253.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.bounceexchange.com/4256/i.js Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.253.120.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 96108ab85872c93ccf1a038a4cc82fd01f2a3ce3827895482f69df6964f3d269 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:39:01 GMT content-encoding gzip via 1.1 google age 616 x-envoy-upstream-service-time 0 x-region us-central1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1834 server istio-envoy etag 423c62adea6cae vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control public,max-age=60 timing-allow-origin * link <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 9A3D	0 0	48ms 48ms	Fetch image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0jzjMXZVIsFUZE22SQxYhIumNVfD4OGb_YMNE-0NipuUGOKQXommi-fULTteK9Re203wW5q0S5PcDPp6aXzBjTXj4LtoX8fuh-N23KJk67H0jVw_Uv2j7iB8GoHf_6RH_4wd8MMJzWgzzb0zudICJGW7b62bjJecbM8yitCWKTTgUin4e6Sdd4CpuTcwvyH1-Dy8FQS7MSSvJ4-3ScYBpLutKgt0XQkc3MvdPChY2Uy-Ry3Gb7DaLRhUsCA0TX_SE2pF6gVmFOiYQ7SmihKccv1M04TuYyXWUNE6TKpkBHT_Ft3MFQWE1tAvkddfxFblVEw&sai=AMfl-YRKpwhsDYc1krPlndafvQQTFGUNl-5xYJ98_C_fMpbRytUHaI1AwC3bFh8K2anI3cbEpjPQkZ7kVCfo1cjDqEPHtj35eWoXmMtqbpHq8Yorj812Lo_iNmrPq-oWyrE&sig=Cg0ArKJSzO700Xysv2hiEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 21 Apr 2023 11:49:17 GMT
POST H/1.1	200 OK	Test_oPS_Script_Loads Show response sqs.us-east-1.amazonaws.com/397719490216/	378 B 658 B	369ms 104ms	XHR text/xml	3.239.232.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D79%26bt%3Dnull Requested by Host: d15kdpgjg3unno.cloudfront.net URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.239.232.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-239-232-247.compute-1.amazonaws.com Software / Resource Hash dde3cc076ab6d109e0b058027ff5b11b44c019e290cfa45858aa9a98df08bdda Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Access-Control-Allow-Origin * Access-Control-Expose-Headers x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date Date Fri, 21 Apr 2023 11:49:17 GMT x-amzn-RequestId ad43fdd9-8dae-58e8-aa99-a165f7d3db70 Content-Length 378 Content-Type text/xml
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 68B9	1 KB 643 B	13ms 13ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 60532 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 20 Apr 2023 19:00:25 GMT etag 48472445140208031 expires Fri, 21 Apr 2023 19:00:25 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 6B96	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13b1bc4937c6f28259163670db24c290c3d6b9aafb8ed0ba5797085fa6bb6a88 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame 68B9	35 B 464 B	45ms 9ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDauwcptCwRoh4nmUdvSMPQ&google_cver=1&google_push=Aer7DvJAg7X_vBbFzFNGxbO9X6bKH3AokEF4R3OuxlqpibpYKHFVoam4FofZMaCCtYb17icZgSXFY3wQBc7vzB0vUDQtqGOCfBHlNQ Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:17 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame 68B9	0 104 B	96ms 24ms	Image text/plain	2a02:fa8:8806:16::1400 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFVfOaHqOZR4vic376Cgn-0&google_cver=1&google_push=Aer7DvIcuYyjf8i4blBgkoVoIWy8NtJ9fbO6WlLvjw0xC5ou6AB_-YmZIIwASRli08J3D4YxO4o530WpJzcbibnUvUh45Wv2B0VKyw Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:17 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 68B9 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP943zXs4hIWgEYW_UYhYgc&google_cver=1&google_push=Aer7DvKk-vtAucOlj-q4v7Z2wTA1rXvGKf1Q748ZZpj9fHhIR768PAwU3OEflG2rQE5F2d2JCCrjarGztsXtMV_v... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKk-vtAucOlj-q4v7Z2wTA1rXvGKf1Q748ZZpj9fHhIR768PAwU3OEflG2rQE5F2d2JCCrjarGztsXtMV_vRFJ2PrKijR3thg	170 B 232 B	24ms 23ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKk-vtAucOlj-q4v7Z2wTA1rXvGKf1Q748ZZpj9fHhIR768PAwU3OEflG2rQE5F2d2JCCrjarGztsXtMV_vRFJ2PrKijR3thg Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:17 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 21 Apr 2023 11:49:17 GMT Server MT3 830 785530e master zrh-pixel-x3 config_version:"unknown" Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKk-vtAucOlj-q4v7Z2wTA1rXvGKf1Q748ZZpj9fHhIR768PAwU3OEflG2rQE5F2d2JCCrjarGztsXtMV_vRFJ2PrKijR3thg P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Fri, 21 Apr 2023 11:49:16 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 68B9 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESENd2nDjfC8kDU6Lt9TGWMzU&google_cver=1&google_push=Aer7DvJGG8lSjSjwIA1HP17mqh35VurKE4tYr9Dcc8jOeQeWZ3MM6EygIhagh_MpqJsX0KeKzLD-8XzAQOjnfRud... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=S-dBnWQ_Rj6_iaYN9vonyw2&google_push=Aer7DvJGG8lSjSjwIA1HP17mqh35VurKE4tYr9Dcc8jOeQeWZ3MM6EygIhagh_MpqJsX0KeKzLD-8XzAQOjnfRudHBmPq9tn0qFFBg	170 B 329 B	23ms 23ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=S-dBnWQ_Rj6_iaYN9vonyw2&google_push=Aer7DvJGG8lSjSjwIA1HP17mqh35VurKE4tYr9Dcc8jOeQeWZ3MM6EygIhagh_MpqJsX0KeKzLD-8XzAQOjnfRudHBmPq9tn0qFFBg Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:17 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 Apr 2023 11:49:17 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=S-dBnWQ_Rj6_iaYN9vonyw2&google_push=Aer7DvJGG8lSjSjwIA1HP17mqh35VurKE4tYr9Dcc8jOeQeWZ3MM6EygIhagh_MpqJsX0KeKzLD-8XzAQOjnfRudHBmPq9tn0qFFBg x-host tde-deliveryengine-production-64c8469d98-fwnwq alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 68B9 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELOONlAWSnYoahcHke-XUIs&google_cver=1&google_push=Aer7DvIltV1V9AeNdjwS7yN4JU0pUGaOTFa1BIPQHPI8N5XxZy6PtPP0wk6xUM7llRk3j2SuhI_q--HDx2vtc4lSNQxKtcW... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIltV1V9AeNdjwS7yN4JU0pUGaOTFa1BIPQHPI8N5XxZy6PtPP0wk6xUM7llRk3j2SuhI_q--HDx2vtc4lSNQxKtcW-uNHwww&google_hm=eS1DU0ppblNSRTJwRzN4...	170 B 232 B	23ms 23ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIltV1V9AeNdjwS7yN4JU0pUGaOTFa1BIPQHPI8N5XxZy6PtPP0wk6xUM7llRk3j2SuhI_q--HDx2vtc4lSNQxKtcW-uNHwww&google_hm=eS1DU0ppblNSRTJwRzN4ek1EMHZKaVEwY0dNV3ZIN0lDcX5B Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:17 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 Apr 2023 11:49:17 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIltV1V9AeNdjwS7yN4JU0pUGaOTFa1BIPQHPI8N5XxZy6PtPP0wk6xUM7llRk3j2SuhI_q--HDx2vtc4lSNQxKtcW-uNHwww&google_hm=eS1DU0ppblNSRTJwRzN4ek1EMHZKaVEwY0dNV3ZIN0lDcX5B content-length 0
GET H2	200	dds rtb.openx.net/sync/ Frame 68B9	43 B 350 B	69ms 19ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESEBip-O0gqwj-3gM-tPmYWuU&google_cver=1&google_push=Aer7DvJHSzt8hHQd_Lp1CyWs2TbY3dGGZIa2jVuPItjlHV8F9snOsFvLdkNTPv9-04G_YYai-thJAtydMg1jQicTcMep9EkHjFAiNA Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:17 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id tufsj7ao53508sm6sbsq7lqe2nfrlpt3
GET H2	200	sync ssbsync.smartadserver.com/api/ Frame 68B9	0 45 B	118ms 17ms	Image text/plain	185.86.139.94 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDN6NmuAcEJBC3In7047P4k&google_cver=1&google_push=Aer7DvLvvRqCH5Ya1r1b3w9zFnfZ7tuKnut1Ti2P59u-TeyzpqjHFvx_89XeU2nHm22RGOpIVM8nH4awFK0e-CFwasl9WeMP_CL5vw Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT content-length 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 68B9	0 139 B	67ms 20ms	Image text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgQAogOhiUutFdsgLJjD1cFKb23OHO008y7RGsIqDf0I9uTFxyjf5HFbZwWnWq7GRTQj4H Requested by Host: 3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com URL: https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6B96	20 KB 20 KB	14ms 14ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 02:04:52 GMT x-content-type-options nosniff age 121465 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20784 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:21:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Apr 2024 02:04:52 GMT
GET H2	200	runtime_ed54d7cacf42ca7551642baa572e3495.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	2 KB 954 B	15ms 14ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_ed54d7cacf42ca7551642baa572e3495.br.js Requested by Host: tag.bounceexchange.com URL: https://tag.bounceexchange.com/4256/i.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 70ca695827ee799ccb27df51756e9391870e9abd2ce148c269070152e300e248 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 15:55:23 GMT content-encoding br age 71634 x-guploader-uploadid ADPycdsHjbWLSe2AJjqbGa6w0yFGdy5KEd3VcrezdMLAw8a3u49FiRCzLx5lb4hk6EY_HiS7670JVkGXWIPdLkYHur8Q2SXRyLQ4 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 672 last-modified Wed, 19 Apr 2023 15:14:04 GMT server UploadServer etag "6b390255ab99a0cfade03457a44da3e1" x-goog-generation 1681917244127672 x-goog-hash crc32c=uPCEAw==, md5=azkCVauZoM+t4DRXpE2j4Q== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=3600 x-goog-stored-content-length 672 accept-ranges bytes content-type text/javascript
GET H3	200	FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response pagead2.googlesyndication.com/bg/ Frame D29F	36 KB 14 KB	12ms 12ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://3dcccb88669e6dbc0e7ffea316e07b30.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 13:47:57 GMT content-encoding br x-content-type-options nosniff age 79280 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14264 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 19 Apr 2024 13:47:57 GMT
POST H3	200	state Show response api.permutive.com/v1.0/	0 33 B	46ms 45ms	XHR text/plain	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v1.0/state?fetch_unseen=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers access-control-allow-origin * date Fri, 21 Apr 2023 11:49:17 GMT content-encoding gzip via 1.1 google server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	main-v2_ff3c49f826b53db16b06a810dc85d90f.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	383 KB 75 KB	20ms 19ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ff3c49f826b53db16b06a810dc85d90f.br.js Requested by Host: tag.bounceexchange.com URL: https://tag.bounceexchange.com/4256/i.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 610e6e94e0e3dc505c673bcdf921c9be6c3c3928b6881d1eac689862c89b3c38 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:23:35 GMT content-encoding br age 69942 x-guploader-uploadid ADPycdsC5ZjUe2yoOKS6_jYiJpDj6hjwaSFIUTikSw-X_plxj4b4fTAR-jUVJ24EJVhs_2Ram1W5ogVU7ZU6P_otjQAvmleej5s3 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 76801 last-modified Thu, 20 Apr 2023 16:23:18 GMT server UploadServer etag "6be0a08285cd80f0731263dc941638c4" x-goog-generation 1682007798377756 x-goog-hash crc32c=e9YYFg==, md5=a+CggoXNgPBzEmPclBY4xA== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=3600 x-goog-stored-content-length 76801 accept-ranges bytes content-type text/javascript
GET H/1.1	200 OK	load.js Show response s.ntv.io/serve/	559 KB 156 KB	64ms 22ms	Script application/x-javascript	2.19.229.35 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.ntv.io/serve/load.js?ver=1.0.0 Requested by Host: observer.com URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.19.229.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-229-35.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash b97bd40ed81da00659daeff4bc998c4e1c28e4d54b63c4f22caa982dafbc0458 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Fri, 21 Apr 2023 11:49:17 GMT Content-Encoding gzip x-amz-request-id C2A2A8KRRS0PRJAQ x-amz-server-side-encryption AES256 Transfer-Encoding chunked Connection keep-alive, Transfer-Encoding x-amz-id-2 9/blMNwJJjeJicAGx34oPrP2QPk0Bx6DzhM+xjXdXevuBljL3fM0MU6k59o/x+mO6rcKSD3b1+Q= Last-Modified Thu, 13 Apr 2023 16:39:39 GMT Server AmazonS3 ETag "6ad67918ea443c2cc0d1967f130562d8" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Accept-Ranges bytes Access-Control-Allow-Headers *
GET H3	200	onsite-v2_ed2994641ad6d97e7617ed368e39d897.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	23 KB 6 KB	14ms 13ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_ed2994641ad6d97e7617ed368e39d897.br.js Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ff3c49f826b53db16b06a810dc85d90f.br.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 1ee26762e2224737d899a3a3ff533c0277943862e1183ee8ec5123875f5cb9ba Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 17:53:01 GMT content-encoding br age 64576 x-guploader-uploadid ADPycdv76_Lf0KerPFrhBw3jev202nUeFQCfcKggdLW5mBQ1Hx9FUesKDHJDYnit76jmJeGooBs0VaIiA9nqMpoXZ3DTLa8Bt4H1 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5823 last-modified Wed, 19 Apr 2023 17:32:55 GMT server UploadServer etag "08429fe3983810b5f6d237990c89af71" x-goog-generation 1681925575257503 x-goog-hash crc32c=KRSxYQ==, md5=CEKf45g4ELX20jeZDImvcQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=3600 x-goog-stored-content-length 5823 accept-ranges bytes content-type text/javascript
GET H3	200	ads-v2_a5e162a78b81a836c431b8d9aa71444b.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	248 KB 45 KB	14ms 14ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_a5e162a78b81a836c431b8d9aa71444b.br.js Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ff3c49f826b53db16b06a810dc85d90f.br.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 438f8a4ced2eefbcc8c4152bd536d43f562c3e2f03b60af2deba0fab80f0249c Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:23:12 GMT content-encoding br age 69965 x-guploader-uploadid ADPycdudnsrrstASX_ORFf1pUvmzGTbRZq4y44Cz7hR5RvYvDbu6tS8r-4dTXXGdnoUoPm00WB8yDZcRfIMjXEf6ytt0kIQx7m6A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45963 last-modified Thu, 20 Apr 2023 16:23:00 GMT server UploadServer etag "2691e5ca7fc21b811c3fecbab96e99ed" x-goog-generation 1682007780672856 x-goog-hash crc32c=WUhcvw==, md5=JpHlyn/CG4EcP+y6uW6Z7Q== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=3600 x-goog-stored-content-length 45963 accept-ranges bytes content-type text/javascript
GET H3	200	local_storage_frame17.min.html Show response assets.bounceexchange.com/assets/bounce/ Frame 77CA	2 KB 1 KB	14ms 14ms	Document text/html	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ff3c49f826b53db16b06a810dc85d90f.br.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6 Request headers Referer https://observer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * access-control-expose-headers etag Content-Type age 30671 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=3600 content-encoding gzip content-length 1073 content-type text/html; charset=UTF-8 date Fri, 21 Apr 2023 03:18:06 GMT etag "764101008bb67885471f217a7be47278" last-modified Thu, 20 Apr 2023 16:22:49 GMT server UploadServer vary Accept-Encoding x-goog-generation 1682007769845314 x-goog-hash crc32c=r6amug== md5=dkEBAIu2eIVHHyF6e+RyeA== x-goog-metageneration 1 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding gzip x-goog-stored-content-length 1073 x-guploader-uploadid ADPycdvpClYogKIvngBIM9UIsi7xxltlH5XYdAt-aox-4DXfnUVB_wjVr77X_KmLdEHTJHyjL3meo7I6XnnpV2xx8Q92Bg
GET H2	200	t Show response jadserve.postrelease.com/	1 KB 1 KB	115ms 35ms	Script text/javascript	3.248.88.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fobserver.com%2Fpolitics%2F&ntv_mvi Requested by Host: s.ntv.io URL: https://s.ntv.io/serve/load.js?ver=1.0.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.88.116 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-88-116.eu-west-1.compute.amazonaws.com Software nginx/1.12.2 / Resource Hash a4b87db3096d96706463571a03d84d52a70ad87e1e63dc624cbe36eb9c8e8354 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip server nginx/1.12.2 content-type text/javascript;charset=UTF-8 access-control-allow-origin * p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 741 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	init1.js Show response api.bounceexchange.com/bounce/	36 B 342 B	264ms 148ms	Script text/html	34.111.8.32 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.bounceexchange.com/bounce/init1.js?wklzs=398&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAOAJgAYB2agVkoE5L9NgAvEKczAdwFMAjHKmC8A+qgAmUACykahTACdeOEABs4aDAULlyAD3wUuymL0XLFUbAEM1a1AgDmouIrVQAFsGAAHHACkAMwAggGkAGLhESCC5gBu5gB0SCAAttG+6sKoSIGRmPGoQsCiqSAA1qi8UAGUAELhpGq+TcFhpKTefvk0oeE0kQORsTgJyakZcpFZDmh5w1Gd4QDCTYpt-cvLlAAi2CCV1bUNTRKSmx2kRoSUpLKkxEGEQXJ31-htpGudRRKXRDIVFoDEI9GItzq+3KVTEoBAojUNkUThqMDsY0w-F8nEwvD8UAA2gBdTC+YB4A5pXwOGzIMQwJFOazxTw2KBAA Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ff3c49f826b53db16b06a810dc85d90f.br.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 32.8.111.34.bc.googleusercontent.com Software / Resource Hash fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip x-envoy-upstream-service-time 125 via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type text/html; charset=UTF-8
GET H2	200	app.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/	5 KB 2 KB	7ms 6ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/app.js?ver=1.9.3 Requested by Host: observer.com URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 7b56af893358318f9825834c44e15ba72af5dd08fda34a56c0bd7b6ef1d9f355 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:17 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 07 Mar 2023 15:47:15 GMT server nginx x-rq hhn2 96 185 443 etag W/"64075c83-15f6" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	trk.gif jadserve.postrelease.com/	43 B 426 B	30ms 30ms	Image image/gif	3.248.88.116 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=7812544&ntv_pl=1092088 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.88.116 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-88-116.eu-west-1.compute.amazonaws.com Software nginx/1.12.2 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT server nginx/1.12.2 content-type image/gif access-control-allow-origin * p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	trk.gif jadserve.postrelease.com/	43 B 426 B	30ms 29ms	Image image/gif	3.248.88.116 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/trk.gif?ntv_ui=1e0ab350-73d5-4d45-805a-834c6d278a31&ntv_fl=JLhPS8RkPkhWiotLsPbwZjNppewJPfoYXM6Ddt-Saz_qUG0T7ZbdmMvVyroLdLI98ZwJbbFii1z_Omm-vp-k7F4s8-VWaDzOWNFuDaPOrpUv0YaZ3KRL3gRzy2g3lDurCqWKDXbw24FxcSUilTWm__5Bhj62Owf7kKmCLMT6iJJvAA2EyWoCR3HInTcLsFx5&ntv_ht=PnhCZAA&ntv_at=303,302&ntv_a=AAAAAAAAAA-KkQA&ord=1682077758070&ntv_it Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.88.116 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-88-116.eu-west-1.compute.amazonaws.com Software nginx/1.12.2 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT server nginx/1.12.2 content-type image/gif access-control-allow-origin * p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	gdprConsent jadserve.postrelease.com/	43 B 426 B	31ms 31ms	Image image/gif	3.248.88.116 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092088&ntv_gdpr_consent=&ntv_it Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.88.116 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-88-116.eu-west-1.compute.amazonaws.com Software nginx/1.12.2 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT server nginx/1.12.2 content-type image/gif access-control-allow-origin * p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	242 KB 77 KB	34ms 33ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6 Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 06a7586e8876a16360c54b0ec0fa2411e224f320a861191fd2580d992a11273f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78587 x-xss-protection 0 last-modified Fri, 21 Apr 2023 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 Apr 2023 11:49:18 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	22 KB 9 KB	15ms 8ms	Script application/javascript	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip etag "DUHyBE1e2vdA+NAhXV6BXg==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Fri, 28 Apr 2023 11:49:18 GMT
GET H3	200	832096553515722 Show response connect.facebook.net/signals/config/	377 KB 108 KB	9ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/832096553515722?v=2.9.102&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0c796f7b0215cc78fe6dba404eef875ad1c807a398526b1d7f8e4c4d7bba52ce Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 21 Apr 2023 11:49:18 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110249 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug UHg/pS5Zwt8k2P4YgI9V26NbrIBRFsyYKNzriDqTg3OXAQWFc9HeAr3lnrSt6/9I8RnkTDcBQ+ftrB9iEizDPg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	4 KB 2 KB	9ms 9ms	Script application/javascript	13.32.99.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-23.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 09:36:45 GMT content-encoding gzip via 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront) last-modified Thu, 09 Mar 2023 09:22:40 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 age 7954 x-amz-server-side-encryption AES256 etag W/"a06e7a176f40dc26aa5e9567ac9d2d5e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id fqw2Vfev75U6vnSCXKgv0u_nnWryy6JuUNk6_-SiVD9NZvtu7s_zWQ==
GET H3	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 884 B	13ms 13ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:27:40 GMT content-encoding gzip x-content-type-options nosniff age 1298 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 859 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 21 Apr 2023 12:27:40 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 21 Apr 2023 10:27:45 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 4893 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Fri, 21 Apr 2023 12:27:45 GMT
GET H2	200	rules-p-UtaLhd9K6h6Mf.js Show response rules.quantcount.com/	160 B 641 B	43ms 9ms	Script application/javascript	2600:9000:223c:2200:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-UtaLhd9K6h6Mf.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3afad7944608ccb8f39bb022444e73be0d7d2bc03ade1aebd436d17c3c2eefc4 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:12:12 GMT via 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 2348 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Fri, 14 Oct 2022 00:57:38 GMT server AmazonS3 etag "5e639fe6c85b0bcfca5ebb1b7d3b3dec" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id 9C4gEM5V5YnbzU8gvh0nn2x98rzzHKV_dvMiLtbqt9MAhmPW_72Glg==
GET H2	204	b sb.scorecardresearch.com/	0 225 B	9ms 9ms	Image text/plain	13.32.99.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b?c1=2&c2=13507040&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682077758209&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2Fpolitics%2F&c8=Latest%20Political%20News%20%26%20Articles%20%7C%20Observer&c9= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-23.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:18 GMT via 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop FRA60-P3 x-amz-cf-id TYBbf_B4AcGvF0FJaWq15Rx_o59oOyZztnl2TCChhDBzpZxELV9GSA== x-cache Miss from cloudfront
POST H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 21ms	Ping image/gif	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 347 B	61ms 20ms	XHR text/plain	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1212249-1&cid=205096105.1682077756&jid=910890117&uid=205096105.1682077756&gjid=1349038197&_gid=1818099982.1682077756&_u=aGDAgUAjQAAAAEAEK~&z=501808631 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 21 Apr 2023 11:49:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect www.google-analytics.com/	35 B 55 B	20ms 20ms	Ping image/gif	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	0 18 B	7ms 7ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=832096553515722&ev=PageView&dl=https%3A%2F%2Fobserver.com%2Fpolitics%2F&rl=&if=false&ts=1682077758225&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682077755628.1169932654&it=1682077755553&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 21 Apr 2023 11:49:18 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H2	200	pixel;r=2096415467;source=gtm;rf=0;a=p-UtaLhd9K6h6Mf;url=https%3A%2F%2Fobserver.com%2Fpolitics%2F;uht=2;fpan=1;fpa=P0-1552852403-1682077758208;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gd... pixel.quantserve.com/	35 B 210 B	15ms 8ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=2096415467;source=gtm;rf=0;a=p-UtaLhd9K6h6Mf;url=https%3A%2F%2Fobserver.com%2Fpolitics%2F;uht=2;fpan=1;fpa=P0-1552852403-1682077758208;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=observer.com;dst=0;et=1682077758253;tzo=0;ogl=type.website%2Ctitle.Latest%20Political%20News%20%26%20Articles%20%7C%20Observer%2Curl.https%3A%2F%2Fobserver%252Ecom%2Fpolitics%2F%2Cdescription.Observer%20covers%20the%20most%20current%20political%20news%20and%20political%20opinion%20articles%252C%20%2Csite_name.Observer%2Cimage.https%3A%2F%2Fs0%252Ewp%252Ecom%2Fi%2Fblank%252Ejpg%2Cimage%3Aalt.%2Clocale.en_US;ses=f32c1ae8-2013-4e99-b9d7-ccb32c53c055 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT cache-control private, no-cache, no-store, proxy-revalidate strict-transport-security max-age=86400 content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	25ms 25ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1212249-1&cid=205096105.1682077756&jid=910890117&_u=aGDAgUAjQAAAAEAEK~&z=388275125 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	58ms 23ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1212249-1&cid=205096105.1682077756&jid=910890117&_u=aGDAgUAjQAAAAEAEK~&z=388275125 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 4B8A	42 B 64 B	55ms 55ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7wHMupv7lG_2QwSfnrHPgpdXGHYbuiyj8xE9Hu2vs8Kl2_RtOuuY8qknQEKP-BPMNAZCRBCgmYl4qKf824krEXkiednUjvd2meV42x3N_5U08Q8ULAyNWDf0XP6znRcxYpyo0jQ&sai=AMfl-YTYuoiju5qRoikxBdQn0Pl7gYaQ7Nzc3Xy5sMkiFca80omXuXCUugpVTm9fO-qJOONwts46ViDENJMx1CYeeGFRVJzl2lci3TdbWRIw22V8dOq9OOdOskoVjQAS&sig=Cg0ArKJSzIKQRsgT7UtYEAE&cid=CAQSPABygQiDgDR9B3QiliXbBTLC-CotwdnQExIQmcHvWqsKasGS91JQd8ZF0f5MJ7mj0pIWw8ZcrrKAXFdtHxgB&id=ampim&o=315,110&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=275&tls=1275&g=100&h=100&tt=1275&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:18 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame 3771	0 15 B	7ms 7ms	Document text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://observer.com Referer https://observer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://observer.com alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 11:49:18 GMT priority u=0,i server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	57ms 23ms	Script application/javascript	2606:4700::6813:bb61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 +GAQ9uZzuyMATxU6dGRBFA== age 66044 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6741 x-ms-lease-status unlocked last-modified Wed, 19 Apr 2023 03:49:51 GMT server cloudflare etag 0x8DB4089215A4BFC vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id d0787911-f01e-016e-7b05-73379a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7bb56728594d1c7d-AMS
GET H2	200	3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Show response cdn.permutive.com/	375 KB 105 KB	45ms 29ms	Script application/javascript	104.19.150.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Requested by Host: observer.com URL: https://observer.com/politics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7cdb6b6d3241e17e73da94d052247e22669a8d01a2cb6c2843a2c83b0d02ed9 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:18 GMT content-encoding br cf-cache-status HIT x-goog-meta-oid 3b5c18b9-96b7-48e4-a3ef-011eb84a970d age 0 x-guploader-uploadid ADPycdsAQU6943vnVMczt4PDnAYc8NDDssMTPvo2gOJbyE7AYWmMX6MvA4N8DtvQqcpde9S1q26n3RtGFkTopLMoZJ2OHGm7qcXu x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip last-modified Thu, 16 Feb 2023 10:48:34 GMT server cloudflare etag W/"e883e1ecf5b72f50fe4e4eda88be5f4c" vary Accept-Encoding x-goog-generation 1676544514216266 content-type application/javascript x-goog-hash crc32c=RpSJdQ==, md5=6IPh7PW3L1D+Tk7aiL5fTA== cache-control public, max-age=900 x-goog-stored-content-length 113699 timing-allow-origin * cf-ray 7bb567282e4c37e8-FRA expires Fri, 21 Apr 2023 12:04:18 GMT
GET H2	200	infinite-scroll.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/	2 KB 952 B	7ms 6ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/infinite-scroll.js Requested by Host: observer.com URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 3e8a3e0ef8c8f68a79afd0a29baeba4ba617aed8dc43b67025325b8b94ab6b99 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/politics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Mon, 03 Apr 2023 09:25:35 GMT server nginx x-rq hhn2 96 184 443 etag W/"642a9b8f-696" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	posts Show response observer.com/wp-json/wp/v2/	160 KB 37 KB	916ms 916ms	XHR application/json	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-json/wp/v2/posts?page=2&channel=423868943&source=infinite-scroll&queried_term_id=423868943&offset=21 Requested by Host: observer.com URL: https://observer.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a9c0f55de1a80726849e69fb4dafdd1fbea0642acaa0807aa33c0944796c2f26 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload X-Content-Type-Options nosniff Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://observer.com/politics/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 X-WP-Nonce adac5d1327 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:19 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000;includeSubdomains;preload age 0 x-cache pass x-rq hhn2 96 184 443 server nginx x-wp-totalpages 11447 allow GET content-type application/json; charset=UTF-8 access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control max-age=60 x-wp-total 114467 accept-ranges bytes x-robots-tag noindex access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type x-wp-nonce adac5d1327 link <https://observer.com/wp-json/wp/v2/posts?page=1&channel%5B0%5D=423868943&source=infinite-scroll&queried_term_id=423868943&offset=21>; rel="prev", <https://observer.com/wp-json/wp/v2/posts?page=3&channel%5B0%5D=423868943&source=infinite-scroll&queried_term_id=423868943&offset=21>; rel="next"
GET H3	200	gaAccount Show response sandbox.tinypass.com/api/v3/anon/assets/	64 B 388 B	129ms 129ms	Script application/javascript	2606:4700::6811:b9b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sandbox.tinypass.com/api/v3/anon/assets/gaAccount?aid=CMrLcDjZsu&tbc=%7Bkpex%7DD8LcBgzsB6QRktMu5z3-GTsWkhTLnzlJ6Ww8mllPydtQ5UnP7_LkxLABlshujTYy&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp4652 Requested by Host: sandbox.tinypass.com URL: https://sandbox.tinypass.com/api/tinypass.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38ced3b9558f4fc6f26430935a9855ff029ca8f4973d8dfb13565872a9a550ca Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:18 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status DYNAMIC wn sandbox-vx-dash-10-13-15-166 server cloudflare p3p CP="NON DSP COR OUR IND" server-time 0.004 content-type application/javascript cache-control public, max-age=86400, s-maxage=86400 x-forwarded-https on cf-ray 7bb567287c5eb74c-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-request-id X6irgtrhptg
GET H2	200	6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json Show response cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/	3 KB 2 KB	52ms 24ms	XHR application/x-javascript	2606:4700::6813:bb61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cc8f8f131774a8405d79658e64366f7044e6f439cfccaf977aecf0deb4c052e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 0CCuNb2oi4MBXRI3Igqd4w== age 33090 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1135 x-ms-lease-status unlocked last-modified Thu, 12 Nov 2020 16:47:25 GMT server cloudflare etag 0x8D8872AA28370D2 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id b839e4c2-a01e-00be-46e1-5acd6d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7bb56728acdb1b07-AMS expires Sat, 22 Apr 2023 11:49:18 GMT
POST H3	200	identify Show response api.permutive.com/v2.0/	50 B 88 B	25ms 25ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/identify?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash ee642793a9f6e2c2eafc54127b00fbfa8a8b7081d5056c25d6e4852ab3ae0c94 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70
POST H3	200	watson Show response api.permutive.com/v2.0/	333 B 254 B	24ms 23ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/watson?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 47e1a8eebfcf1720a3c06340e5da3fc09dedc52d436f0c79806c0373b3bd8008 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 236
GET BLOB	200 OK	d66bb486-7d15-446e-9bc4-2d5bfe887820 https://observer.com/	92 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://observer.com/d66bb486-7d15-446e-9bc4-2d5bfe887820 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4d2bfbc184a7e7c3d2723041ed0ec8ccfc8817c7adabd84d057dc3aaf6a6c206 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Length 93911 Content-Type
GET BLOB	200 OK	d2a7f940-0f26-4dc1-ab04-5573af615b62 https://observer.com/	92 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://observer.com/d2a7f940-0f26-4dc1-ab04-5573af615b62 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4d2bfbc184a7e7c3d2723041ed0ec8ccfc8817c7adabd84d057dc3aaf6a6c206 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Length 93911 Content-Type
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 295 B	81ms 49ms	XHR application/json	2606:4700:4400::ac40:9062 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 11:49:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 7bb567290b74b6f3-AMS access-control-allow-headers Content-Type
POST H3	200	segment Show response api.permutive.com/adv/v2/	30 B 44 B	27ms 27ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/adv/v2/segment?new-session=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers access-control-allow-origin * date Fri, 21 Apr 2023 11:49:18 GMT via 1.1 google server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30 content-type application/json
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.9.0/	341 KB 74 KB	47ms 47ms	Script application/javascript	2606:4700::6813:bb61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 21 Apr 2023 11:49:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 56jOXvghU3RiFIKiZ2Zh+g== age 27257 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 75725 x-ms-lease-status unlocked last-modified Fri, 20 Nov 2020 16:34:12 GMT server cloudflare etag 0x8D88D721D404CB2 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id b4108ab3-b01e-000b-2ee1-5ac092000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7bb567296ace1c7d-AMS
POST H3	200	events Show response api.permutive.com/v2.0/batch/	101 B 129 B	23ms 23ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 8483a452ccb6b36fc5428c8cd846f892f73ea6eb3e394875fb736db9261af765 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:19 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111
GET H2	200	en.json Show response cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/	73 KB 13 KB	28ms 27ms	Fetch application/x-javascript	2606:4700::6813:bb61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c724c4cb202cda5ac3fc5dd433b3403995f9c2ddd9b45f52713de38a62deedd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 21 Apr 2023 11:49:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 EBsOpg7Elu1REC0UgglQbw== age 30119 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12888 x-ms-lease-status unlocked last-modified Thu, 12 Nov 2020 16:47:33 GMT server cloudflare etag 0x8D8872AA6D573E5 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id c02903af-f01e-012a-2ce1-5aebf6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7bb56729ddde1b07-AMS expires Sat, 22 Apr 2023 11:49:19 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.9.0/assets/	13 KB 4 KB	29ms 28ms	Fetch application/json	2606:4700::6813:bb61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 21 Apr 2023 11:49:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 nLr4hEi4fuLY/p0DQsLcMA== age 60834 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3343 x-ms-lease-status unlocked last-modified Fri, 20 Nov 2020 16:34:03 GMT server cloudflare etag 0x8D88D721792550E vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 018057e7-901e-00f9-7ae1-5a1206000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7bb5672a0e151b07-AMS
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.9.0/assets/	62 KB 15 KB	30ms 30ms	Fetch application/json	2606:4700::6813:bb61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 21 Apr 2023 11:49:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 ue/MTNcIjSCNWtleQfbrzg== age 14086 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 14986 x-ms-lease-status unlocked last-modified Fri, 20 Nov 2020 16:34:03 GMT server cloudflare etag 0x8D88D7217E98574 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 9f1e85fa-e01e-00d4-51e1-5a91c6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7bb5672a0e171b07-AMS
GET DATA	200 OK	truncated /	817 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
POST H3	200	events Show response api.permutive.com/v2.0/batch/	101 B 128 B	20ms 19ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash d0d407dd6a97494a760b2b7456db736029f0385a141302fa2f0313ed0c33b64f Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers date Fri, 21 Apr 2023 11:49:19 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110
POST H3	200	state Show response api.permutive.com/v1.0/	0 33 B	26ms 25ms	XHR text/plain	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v1.0/state?fetch_unseen=false&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type text/plain Response headers access-control-allow-origin * date Fri, 21 Apr 2023 11:49:19 GMT content-encoding gzip via 1.1 google server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	18ms 17ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-T9PLB60R8S&gtm=45je34j0&_p=1424256104&cid=205096105.1682077756&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1682077755&sct=1&seg=1&dl=https%3A%2F%2Fobserver.com%2Fpolitics%2F&dt=Latest%20Political%20News%20%26%20Articles%20%7C%20Observer&en=page_view&_et=2616 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 11:49:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT