www.newsobserver.com Open in urlscan Pro
104.83.177.146 Public Scan

URL:
https://www.newsobserver.com/
Submission: On March 05 via api (March 5th 2021, 5:17:30 pm UTC) from US

Summary HTTP 303 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 100 IPs in 10 countries across 72 domains to perform 303 HTTP transactions. The main IP is 104.83.177.146, located in Madrid, Spain and belongs to AKAMAI-AS, US. The main domain is www.newsobserver.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 11th 2021. Valid for: a year.

This is the only time www.newsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	104.83.177.146 104.83.177.146	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2600:9000:20d... 2600:9000:20d7:b000:15:d134:4e40:93a1	16509 (AMAZON-02) (AMAZON-02)
12	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	52.212.164.82 52.212.164.82	16509 (AMAZON-02) (AMAZON-02)
2 6	52.51.22.62 52.51.22.62	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	52.50.19.208 52.50.19.208	16509 (AMAZON-02) (AMAZON-02)
2	35.181.18.61 35.181.18.61	16509 (AMAZON-02) (AMAZON-02)
1 1	54.171.42.33 54.171.42.33	16509 (AMAZON-02) (AMAZON-02)
5	13.32.25.48 13.32.25.48	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
1	65.9.58.60 65.9.58.60	16509 (AMAZON-02) (AMAZON-02)
1	52.48.248.240 52.48.248.240	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 2	54.77.118.208 54.77.118.208	16509 (AMAZON-02) (AMAZON-02)
1	184.30.21.59 184.30.21.59	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1	35.244.220.155 35.244.220.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:3a00:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:be00:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
2	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1	2600:9000:20d... 2600:9000:20d7:7c00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1 7	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
1	65.9.187.76 65.9.187.76	16509 (AMAZON-02) (AMAZON-02)
1	13.32.24.86 13.32.24.86	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
3	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20d... 2600:9000:20d7:400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7 8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	65.9.24.128 65.9.24.128	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	34.192.62.151 34.192.62.151	14618 (AMAZON-AES) (AMAZON-AES)
1	35.201.100.179 35.201.100.179	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2013	15169 (GOOGLE) (GOOGLE)
5	54.183.247.206 54.183.247.206	16509 (AMAZON-02) (AMAZON-02)
6	65.9.189.204 65.9.189.204	16509 (AMAZON-02) (AMAZON-02)
1	65.9.189.60 65.9.189.60	16509 (AMAZON-02) (AMAZON-02)
10 10	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	52.46.131.203 52.46.131.203	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	54.164.147.252 54.164.147.252	14618 (AMAZON-AES) (AMAZON-AES)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.186.239.74 35.186.239.74	15169 (GOOGLE) (GOOGLE)
1	130.211.7.115 130.211.7.115	15169 (GOOGLE) (GOOGLE)
1	35.201.89.125 35.201.89.125	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 5	34.249.70.28 34.249.70.28	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
3	65.9.187.67 65.9.187.67	16509 (AMAZON-02) (AMAZON-02)
2 4	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a04:4e42:3::539 2a04:4e42:3::539	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	130.211.47.17 130.211.47.17	15169 (GOOGLE) (GOOGLE)
7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	34.107.221.36 34.107.221.36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.167 213.155.156.167	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
2 2	185.29.132.68 185.29.132.68	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	18.195.94.99 18.195.94.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	54.221.253.252 54.221.253.252	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:710... 2a02:26f0:7100::687e:244a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.187.8 65.9.187.8	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b120:1f6b:b8df:cda6:ffc4	14618 (AMAZON-AES) (AMAZON-AES)
1	3.213.73.156 3.213.73.156	14618 (AMAZON-AES) (AMAZON-AES)
3 8	54.221.51.83 54.221.51.83	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:252d:a0d8:b19f:2c13	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	35.157.13.31 35.157.13.31	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.46.229 18.185.46.229	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
303	100

55 104.83.177.146 (Madrid, Spain)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-177-146.deploy.static.akamaitechnologies.com

www.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media2.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20d7:b000:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ovp.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.164.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-164-82.eu-west-1.compute.amazonaws.com

mcclatchy.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mboxedge37.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.51.22.62 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-22-62.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.19.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

mcclatchy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)

mcclatchy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.42.33 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.25.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-48.fra56.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.60 (United States)

ASN16509 (AMAZON-02, US)

mcclatchy-newsobserver.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.118.208 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-59.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.220.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3a00:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:be00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:7c00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.187.76 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.24.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-86.fra56.r.cloudfront.net

analytics-check.publishersite.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.24.128 (Orlando, United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.192.62.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.100.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)

connect.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

geo.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.183.247.206 (San Jose, United States)

ASN16509 (AMAZON-02, US)

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.189.204 (United States)

ASN16509 (AMAZON-02, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.189.60 (United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.114.49 (Frankfurt am Main, Germany) 10 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.131.203 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.164.147.252 (United States)

ASN14618 (AMAZON-AES, US)

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.239.74 (Kansas City, United States)

ASN15169 (GOOGLE, US)

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.7.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.89.125 (Kansas City, United States)

ASN15169 (GOOGLE, US)

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.249.70.28 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.187.67 (United States)

ASN16509 (AMAZON-02, US)

context.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.145 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

mcclatchy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:3::539 (United States)

ASN54113 (FASTLY, US)

manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.47.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a597164d6b9dc750211bc8129578d3ab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.221.36 (Kansas City, United States)

ASN15169 (GOOGLE, US)

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.68 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.94.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.253.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::687e:244a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.187.8 (United States)

ASN16509 (AMAZON-02, US)

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:1f6b:b8df:cda6:ffc4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.73.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.221.51.83 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:252d:a0d8:b19f:2c13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.152.128 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.13.31 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.46.229 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	newsobserver.com www.newsobserver.com media2.newsobserver.com	1 MB
28	google.com 1 redirects www.google.com contributor.google.com fundingchoicesmessages.google.com adservice.google.com	214 KB
22	doubleclick.net 7 redirects pubads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	142 KB
21	googlesyndication.com 1 redirects a597164d6b9dc750211bc8129578d3ab.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	334 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	568 KB
14	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com image2.pubmatic.com aud.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	36 KB
13	liadm.com 4 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com i6.liadm.com	18 KB
13	boltdns.net cf-images.us-east-1.prod.boltdns.net manifest.prod.boltdns.net	1 MB
12	everesttech.net 11 redirects cm.everesttech.net lasteventf-tm.everesttech.net sync-tm.everesttech.net	3 KB
9	mcclatchy.com media.mcclatchy.com	122 KB
7	demdex.net 2 redirects dpm.demdex.net mcclatchy.demdex.net	10 KB
7	iris.tv ovp.iris.tv context.iris.tv	62 KB
7	cookielaw.org cdn.cookielaw.org	113 KB
6	brightcove.com edge.api.brightcove.com	27 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	ampproject.org cdn.ampproject.org	99 KB
5	adsrvr.org 4 redirects match.adsrvr.org	2 KB
5	postrelease.com jadserve.postrelease.com	3 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	26 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com	680 KB
4	facebook.com www.facebook.com	922 B
4	criteo.com bidder.criteo.com dis.criteo.com gum.criteo.com	734 B
4	adnxs.com 2 redirects ib.adnxs.com	4 KB
4	casalemedia.com 1 redirects dsum-sec.casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	2 KB
4	omtrdc.net mcclatchy.tt.omtrdc.net mcclatchy.sc.omtrdc.net mboxedge37.tt.omtrdc.net	4 KB
3	cdnwidget.com ids.cdnwidget.com e.cdnwidget.com	278 B
3	openx.net 1 redirects mcclatchy-d.openx.net us-u.openx.net	1 KB
3	cdnbasket.net data.cdnbasket.net page.cdnbasket.net view.cdnbasket.net	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	chartbeat.net ping.chartbeat.net	505 B
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
3	criteo.net static.criteo.net	38 KB
3	rlcdn.com ats.rlcdn.com geo.rlcdn.com api.rlcdn.com	60 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	onetrust.com geolocation.onetrust.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	addthis.com 1 redirects x.dlx.addthis.com	1 KB
2	facebook.net connect.facebook.net	93 KB
2	googletagservices.com www.googletagservices.com	62 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	adform.net 1 redirects c1.adform.net	681 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	992 B
2	semasio.net 1 redirects uipglob.semasio.net	910 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	rubiconproject.com pixel.rubiconproject.com fastlane.rubiconproject.com	3 KB
2	parsely.com cdn.parsely.com p1.parsely.com	24 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	80 KB
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	13 KB
2	scroll.com static.scroll.com connect.scroll.com	7 KB
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	903 B
2	quantserve.com edge.quantserve.com pixel.quantserve.com	9 KB
2	crwdcntrl.net ad.crwdcntrl.net tags.crwdcntrl.net	13 KB
2	heraldsun.com www.heraldsun.com	126 KB
1	taboola.com trc.taboola.com	240 B
1	p-n.io cdn.p-n.io	68 KB
1	ipify.org api.ipify.org	259 B
1	clarium.io protected-by.clarium.io	215 B
1	simpli.fi um.simpli.fi	611 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	2mdn.net s0.2mdn.net	17 KB
1	google.de www.google.de	505 B
1	amazonaws.com sqs.us-east-1.amazonaws.com	658 B
1	quantcount.com rules.quantcount.com	1 KB
1	indexww.com js-sec.indexww.com	26 KB
1	publishersite.xyz analytics-check.publishersite.xyz	392 B
1	bounceexchange.com assets.bounceexchange.com	138 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	ntv.io s.ntv.io	102 KB
1	zeustechnology.com mcclatchy-newsobserver.zeustechnology.com	53 KB
1	wknd.ai tag.wknd.ai	3 KB
303	72

	Domain	Requested by
37	www.newsobserver.com	www.newsobserver.com
14	fundingchoicesmessages.google.com	www.newsobserver.com
12	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net www.newsobserver.com cdn.ampproject.org tpc.googlesyndication.com
11	www.google.com	1 redirects www.newsobserver.com www.gstatic.com www.google.com
10	sync-tm.everesttech.net	10 redirects
9	media.mcclatchy.com	www.newsobserver.com media.mcclatchy.com
8	i.liadm.com	3 redirects b-code.liadm.com i.liadm.com
8	pagead2.googlesyndication.com	srcdoc securepubads.g.doubleclick.net tpc.googlesyndication.com
8	manifest.prod.boltdns.net	www.newsobserver.com
8	cm.g.doubleclick.net	7 redirects www.newsobserver.com
8	www.gstatic.com	www.google.com www.gstatic.com
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	cdn.cookielaw.org	www.newsobserver.com cdn.cookielaw.org
7	media2.newsobserver.com	www.newsobserver.com media2.newsobserver.com
6	edge.api.brightcove.com	www.newsobserver.com
6	securepubads.g.doubleclick.net	mcclatchy-newsobserver.zeustechnology.com securepubads.g.doubleclick.net www.newsobserver.com www.googletagservices.com
6	dpm.demdex.net	2 redirects media2.newsobserver.com www.newsobserver.com
6	pubads.g.doubleclick.net	www.newsobserver.com media2.newsobserver.com imasdk.googleapis.com
5	x.bidswitch.net	5 redirects
5	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
5	image2.pubmatic.com	www.newsobserver.com image6.pubmatic.com ads.pubmatic.com
5	match.adsrvr.org	4 redirects js-sec.indexww.com
5	jadserve.postrelease.com	s.ntv.io www.newsobserver.com
5	cf-images.us-east-1.prod.boltdns.net	www.newsobserver.com
4	www.facebook.com	www.newsobserver.com
4	ib.adnxs.com	2 redirects mcclatchy-newsobserver.zeustechnology.com www.newsobserver.com
4	imasdk.googleapis.com	www.newsobserver.com imasdk.googleapis.com
4	ovp.iris.tv	www.newsobserver.com ovp.iris.tv
3	context.iris.tv	ovp.iris.tv
3	sb.scorecardresearch.com	1 redirects www.newsobserver.com
3	www.i.matheranalytics.com	www.newsobserver.com
3	ping.chartbeat.net	www.newsobserver.com
3	c.amazon-adsystem.com	www.newsobserver.com c.amazon-adsystem.com
3	ads.pubmatic.com	mcclatchy-newsobserver.zeustechnology.com ads.pubmatic.com
3	static.criteo.net	mcclatchy-newsobserver.zeustechnology.com www.newsobserver.com
3	www.google-analytics.com	media2.newsobserver.com www.google-analytics.com
3	geolocation.onetrust.com	cdn.cookielaw.org www.newsobserver.com
2	rtb.mfadsrvr.com	2 redirects
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	b-code.liadm.com	www.newsobserver.com b-code.liadm.com
2	connect.facebook.net	www.newsobserver.com connect.facebook.net
2	www.googletagservices.com	www.newsobserver.com securepubads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	e.cdnwidget.com	www.newsobserver.com
2	sync.search.spotxchange.com	1 redirects www.newsobserver.com
2	mcclatchy-d.openx.net	1 redirects www.newsobserver.com
2	bidder.criteo.com	static.criteo.net
2	dsum-sec.casalemedia.com	1 redirects www.newsobserver.com
2	confiant-integrations.global.ssl.fastly.net	www.newsobserver.com confiant-integrations.global.ssl.fastly.net
2	secure-us.imrworldwide.com	1 redirects www.newsobserver.com
2	js.matheranalytics.com	1 redirects www.newsobserver.com
2	contributor.google.com	www.newsobserver.com
2	www.heraldsun.com	www.newsobserver.com
2	mcclatchy.sc.omtrdc.net	media2.newsobserver.com
1	trc.taboola.com	i.liadm.com
1	i6.liadm.com	i.liadm.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	cdn.p-n.io	www.newsobserver.com
1	gum.criteo.com	static.criteo.net
1	api.ipify.org	www.newsobserver.com
1	googleads.g.doubleclick.net	www.newsobserver.com
1	protected-by.clarium.io	confiant-integrations.global.ssl.fastly.net
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	a597164d6b9dc750211bc8129578d3ab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	ids.cdnwidget.com	assets.bounceexchange.com
1	image6.pubmatic.com	ads.pubmatic.com
1	adservice.google.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	us-u.openx.net	www.newsobserver.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	fastlane.rubiconproject.com	mcclatchy-newsobserver.zeustechnology.com
1	hbopenbid.pubmatic.com	mcclatchy-newsobserver.zeustechnology.com
1	p1.parsely.com	www.newsobserver.com
1	api.rlcdn.com	js-sec.indexww.com
1	pixel.quantserve.com	www.newsobserver.com
1	pixel.rubiconproject.com	www.newsobserver.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	www.google.de	www.newsobserver.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	cdn.parsely.com	www.newsobserver.com
1	geo.rlcdn.com	ats.rlcdn.com
1	connect.scroll.com	static.scroll.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	edge.quantserve.com
1	js-sec.indexww.com	mcclatchy-newsobserver.zeustechnology.com
1	analytics-check.publishersite.xyz	mcclatchy-newsobserver.zeustechnology.com
1	tags.crwdcntrl.net	www.newsobserver.com
1	assets.bounceexchange.com	tag.wknd.ai
1	static.chartbeat.com	media2.newsobserver.com
1	dyv1bugovvq1g.cloudfront.net	www.newsobserver.com
1	d15kdpgjg3unno.cloudfront.net	www.newsobserver.com
1	ats.rlcdn.com	www.newsobserver.com
1	static.scroll.com	www.newsobserver.com
1	s.ntv.io	www.newsobserver.com
1	edge.quantserve.com	media2.newsobserver.com
1	lasteventf-tm.everesttech.net	media2.newsobserver.com
1	ad.crwdcntrl.net	www.newsobserver.com
1	mcclatchy-newsobserver.zeustechnology.com	www.newsobserver.com
1	tag.wknd.ai	media2.newsobserver.com
1	mboxedge37.tt.omtrdc.net	www.newsobserver.com
1	cm.everesttech.net	1 redirects
1	mcclatchy.demdex.net	media2.newsobserver.com
1	mcclatchy.tt.omtrdc.net	www.newsobserver.com
1	fonts.googleapis.com	www.newsobserver.com
303	118

This site contains links to these domains. Also see Links.

Domain
account.newsobserver.com
jobs.newsobserver.com
support.newsobserver.com
www.facebook.com
instagram.com
twitter.com
photostore.newsobserver.com
t.news.newsobserver.com
markets.financialcontent.com
kidstownnc.com
games.newsobserver.com
artsnownc.com
www.triangletoday.com
www.legacy.com
placead.mcclatchy.com
classifieds.mcclatchy.com
triangle.adperfect.com
raleighnewsobserver.column.us
placead2.newsobserver.com
covidtracking.com
gisanddata.maps.arcgis.com
policies.google.com
newsobserver.com
www.youtube.com
mcciservices.newscyclecloud.com
www.mcclatchy.com
k12nie.com
www.legalnotice.org
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert SHA2 Secure Server CA	`2021-02-11` - `2022-01-31`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
iris.tv Amazon	`2020-10-10` - `2021-11-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.prod.boltdns.net Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
tag.wknd.ai R3	`2021-01-27` - `2021-04-27`	3 months	crt.sh
*.zeustechnology.com Amazon	`2020-06-13` - `2021-07-13`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-11` - `2021-04-20`	2 months	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-04` - `2021-04-03`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.scroll.com R3	`2021-03-03` - `2021-06-01`	3 months	crt.sh
ats.rlcdn.com GTS CA 1D2	`2021-01-12` - `2021-04-12`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D2	`2021-02-19` - `2021-05-20`	3 months	crt.sh
publishersite.xyz Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
geo.rlcdn.com GTS CA 1D2	`2021-02-23` - `2021-05-24`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-26`	a year	crt.sh
*.api.brightcove.com Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
queue.amazonaws.com Amazon	`2020-12-04` - `2021-12-03`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2020-07-29` - `2021-09-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-03` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
brightcove.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-28` - `2021-04-20`	7 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
ids.cdnwidget.com GTS CA 1D2	`2021-02-03` - `2021-05-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
e.cdnwidget.com GTS CA 1D2	`2021-02-14` - `2021-05-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
*.p-n.io Amazon	`2020-04-04` - `2021-05-04`	a year	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.newsobserver.com/
Frame ID: CEF2C3D65C62AE61B45D3ED22C0396FB
Requests: 209 HTTP requests in this frame

Frame: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: 357E03EB0A99D37900A13D5B1FECD120
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubmV3c29ic2VydmVyLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&badge=inline&cb=w9gqoyqjp2q7
Frame ID: 9E8021F121C6E3E110EC3C9213438D5C
Requests: 5 HTTP requests in this frame

Frame: https://sb.scorecardresearch.com/beacon.js
Frame ID: 976E5C0BA806971372F59B02930AB8A4
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 89E76380FF2A76C3E9CAF5EED07EC265
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 6FE4E02588D5A3D4B035EF85F0531E56
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: A85EB607C2BCB0CC0BFCD4AD9B606105
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 1F5C59D037BA767DB172224B2703C388
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 03B10B7A6938135A2549CB2C7E2843AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5E3EA6DA57691FC6354F7D06F9BAB077
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1858521100CC8BBD3FE1E1AE90536660
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F4F4879ACC44D69D9BE87BBB0543C47F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3314724042105434289
Frame ID: EC9D6150405CA6AB1B939C2ACA1F8531
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3
Frame ID: 18936D6A905F76D292D027D06259C112
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 07B22752F40AFD8E9907C589FE478588
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-RKVCwYbGZ6y5uIRhDT24Zmafb6xGG1iu7ax0uqmuKGCEWnxQHxGrmxn_0v8cwGf072TpwOoq7X1wzHvxMgskHfZl_IHC1oSTYyybk3xtuHRXruqKEW73A6ZZleRwoLnPBOXiMAUkDkrAx7AIXRL328Kab0im_3TjQ2YsJN-jqDu8ZaVRL3xXCJkdLjx3x2VYMfBUwFWgAOYvGrplfDLxjPtecYnOaMT2yL9ZeFxVqlGeSxeoaXQGCLc44Fc8T2CCNxqZr09GbRWpuMCneBQMbYxT3NU0ealq1vWZl6-IDs2LZXb-Kzbja97Qyd4AhTV6fN1531Vddk0fp4bk-DHW1KwazQwMkI0&sai=AMfl-YSQXCGMmERmVbSkTl2bVsmtTUkfWSrxA9B5CsaXSmTqKIoNJF87d2YvnjpfujOqzIqURWN4WmJCYPeRBMufohdDzEkEaENJzMUvNgLvKhTcKRmr6qJ7DiAs9vOUN3U&sig=Cg0ArKJSzFkCB066JWKFEAE&urlfix=1&adurl=
Frame ID: 55273DFC9A8945883B5D323E32DC5859
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/14221371079760943072
Frame ID: D6B1A074A526BA52133B49A1C3ECA339
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.newsobserver.com
Frame ID: F3CF4F13B801EE22A07C8AF41AF41F61
Requests: 1 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/fbevents.js
Frame ID: 5F577B9F5A1E34FA350535CA14668BCC
Requests: 5 HTTP requests in this frame

Frame: https://b-code.liadm.com/a-01ec.min.js
Frame ID: 672CCEB25CADA6219160B74520B2240B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 1D44902E9F6DF6388BE2803BAC4958A4
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01ec?s=&cim=&ps=true&ls=false&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 80503364DC07081B2C782871E5C955EF
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

303
Requests

99 %
HTTPS

33 %
IPv6

72
Domains

118
Subdomains

100
IPs

10
Countries

5739 kB
Transfer

13816 kB
Size

2
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://account.newsobserver.com/static/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://account.newsobserver.com/static/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: https://jobs.newsobserver.com/#navlink=navbar
Title: Jobs/Recruiting

Search URL Search Domain Scan URL

URL: http://support.newsobserver.com/#navlink=subnav
Title: Support

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsandobserver/#navlink=subnav
Title: Facebook

Search URL Search Domain Scan URL

URL: http://instagram.com/newsobserver/#navlink=subnav
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/newsobserver/#navlink=subnav
Title: Twitter

Search URL Search Domain Scan URL

URL: http://photostore.newsobserver.com/mycapture/index.asp#navlink=subnav
Title: Buy Photos

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://markets.financialcontent.com/mi.newsob/markets/#navlink=subnav
Title: Stocks Center

Search URL Search Domain Scan URL

URL: http://kidstownnc.com/#navlink=subnav
Title: Family

Search URL Search Domain Scan URL

URL: http://games.newsobserver.com/?arkpromo=site_subnav
Title: Games and Puzzles

Search URL Search Domain Scan URL

URL: http://artsnownc.com/#navlink=subnav
Title: ArtsNow

Search URL Search Domain Scan URL

URL: http://games.newsobserver.com/#navlink=subnav
Title: Games

Search URL Search Domain Scan URL

URL: http://www.triangletoday.com/#navlink=subnav
Title: Nightlife

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/newsobserver/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placead.mcclatchy.com/obits/raleigh/home/listItems.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/raleigh/#navlink=subnav
Title: Place Ad

Search URL Search Domain Scan URL

URL: http://triangle.adperfect.com/?catid=191#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: https://raleighnewsobserver.column.us/search/#navlink=subnav
Title: Legals

Search URL Search Domain Scan URL

URL: http://placead2.newsobserver.com/#navlink=subnav
Title: Obits/In Memoriams

Search URL Search Domain Scan URL

URL: https://jobs.newsobserver.com/#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: https://covidtracking.com/
Title: The COVID Tracking Project

Search URL Search Domain Scan URL

URL: https://gisanddata.maps.arcgis.com/apps/opsdashboard/index.html#/bda7594740fd40299423467b48e9ecf6
Title: Johns Hopkins University CSSE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.newsobserver.com%2Fsports%2Fcollege%2Facc%2Func%2Farticle249703278.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.newsobserver.com%2Fsports%2Fcollege%2Facc%2Func%2Farticle249703278.html&text=Did%20coach%20Roy%20Williams%20use%20a%20shovel%20to%20try%20to%20correct%20UNC%27s%20turnover%20problem%3F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.newsobserver.com%2Fsports%2Fcollege%2Facc%2Fnc-state%2Farticle249677813.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.newsobserver.com%2Fsports%2Fcollege%2Facc%2Fnc-state%2Farticle249677813.html&text=Photos%20from%20NC%20State%27s%20victory%20over%20Notre%20Dame

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle249658573.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle249658573.html&text=Dolly%20Parton%27s%20COVID%20message%3A%20%27Don%E2%80%99t%20be%20such%20a%20chicken%20squat%2C%20get%20out%20there%20and%20get%20your%20shot%27

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://newsobserver.com/mobile
Title: Raleigh News & Observer App

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsandobserver
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/newsobserver
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/newsobservertube
Title:

Search URL Search Domain Scan URL

URL: https://account.newsobserver.com/static/subscribe/#navlink=mi_footer
Title: Start a Subscription

Search URL Search Domain Scan URL

URL: https://mcciservices.newscyclecloud.com/cgi-bin/cmo_mcc-c-cmdb-est-01.sh/custservice/web/login.html?siteid=RAL#navlink=mi_footer
Title: Vacation Hold

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-observer/#navlink=mi_footer
Title: About Us

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://k12nie.com/?p=newsobserver/#navlink=mi_footer
Title: News in Education

Search URL Search Domain Scan URL

URL: http://www.legalnotice.org/pl/newsobserver/landing1.aspx#navlink=mi_footer
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/raleigh/#navlink=mi_footer
Title: Place a Classified

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://cm.everesttech.net/cm/dd?d_uuid=27782752902577036082884456932365094412 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEJnhwAAAHctHSKu

Request Chain 72

https://js.matheranalytics.com/s/ma12095/74930332/sp.js?cb=1558 HTTP 301
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js

Request Chain 76

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1614964616584 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1614964616584&ja=1

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Mjc3ODI3NTI5MDI1NzcwMzYwODI4ODQ0NTY5MzIzNjUwOTQ0MTI= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK6xZI7IMbI7nThohFP1HPU&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 125

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVKbmh3QUFBSGN0SFNLdQ==

Request Chain 146

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEJnhwAAAHctHSKu&expires=90

Request Chain 154

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEJnhwAAAHctHSKu HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEJnhwAAAHctHSKu&C=1

Request Chain 155

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1614964621255&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1614964621255&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c9=&cs_ak_ss=1

Request Chain 165

https://mcclatchy-d.openx.net/w/1.0/arj?auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200x24&tz=-60&nocache=1614964621491&us_privacy=1--- HTTP 302
https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200x24&tz=-60&nocache=1614964621491&us_privacy=1---

Request Chain 169

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=YEJnjQAAAJ1MaToG HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YEJnjQAAAJ1MaToG&_test=YEJnjQAAAJ1MaToG

Request Chain 176

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEJnjQAAAJ1MaToG

Request Chain 195

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEJnjQAAAJ1MaToG

Request Chain 206

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=YEJnjwAAAEtjJCzr HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEJnjwAAAEtjJCzr&img=1&_test=YEJnjwAAAEtjJCzr HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEJnjwAAAEtjJCzr&img=1&_test=YEJnjwAAAEtjJCzr&__user_check__=1&sync_id=9b33ba62-7dd6-11eb-a7b9-1a404fd51b06

Request Chain 213

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3314724042105434289

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BVS6wvL6R-qpKbKJB0DH0Q%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BVS6wvL6R-qpKbKJB0DH0Q%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 216

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0554BAC2-F2FA-47EA-A929-B2890740C7D1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0554BAC2-F2FA-47EA-A929-B2890740C7D1&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 217

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&addseg=29

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDU1NEJBQzItRjJGQS00N0VBLUE5MjktQjI4OTA3NDBDN0Qx&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDU1NEJBQzItRjJGQS00N0VBLUE5MjktQjI4OTA3NDBDN0Qx&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ94xjpET6DY5GY-e8FoeFs&google_cver=1

Request Chain 221

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Request Chain 222

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:81186042-678e-4300-a026-29366f5e55a3&gdpr=0&gdpr_consent=

Request Chain 223

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=29486bd9-8b90-4db0-8bc0-eb0366ce1e24

Request Chain 224

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=0&gdpr=0&gdpr_consent=

Request Chain 225

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YhkLZKZ1l2IrDzcrRJdxCimzvWcJLP4-&gdpr=0&gdpr_consent=

Request Chain 227

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEJnjwAAAEtjJCzr&t=2592000&o=0

Request Chain 237

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDnq7jUeBABGAEoATIIRCa0hO01vLpA1fzu7AU HTTP 301
https://tpc.googlesyndication.com/simgad/14221371079760943072

Request Chain 251

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 290

https://rp.liadm.com/j?tna=v2.0.1&aid=a-01ec&wpn=lc-bundle&pu=https%3A%2F%2Fwww.newsobserver.com%2F&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&se=e30&dtstmp=1614964626902 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01ec&wpn=lc-bundle&pu=https%3A%2F%2Fwww.newsobserver.com%2F&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&se=e30&dtstmp=1614964626902&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Request Chain 297

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01ec%2F0%2Fa724c9b5483d46b2997cc9035f53922f%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5 HTTP 302
https://i.liadm.com/s/e/a-01ec/0/a724c9b5483d46b2997cc9035f53922f?mpid=7156&muid=1fd66042-6795-4a00-9421-adcfab76e893

Request Chain 298

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=97d7792c-bf98-4a4d-b06d-e50e14c0bf89 HTTP 303
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=97d7792c-bf98-4a4d-b06d-e50e14c0bf89&_li_chk=true&previous_uuid=915e4df7b174488b81a298ffdab433cb HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=97d7792c-bf98-4a4d-b06d-e50e14c0bf89

Request Chain 299

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01ec%2F0%2Fa724c9b5483d46b2997cc9035f53922f%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01ec%2F0%2Fa724c9b5483d46b2997cc9035f53922f%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-01ec/0/a724c9b5483d46b2997cc9035f53922f?mpid=82775&muid=54709376488209288080362366750458304918

Request Chain 300

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&rd=Y

Request Chain 301

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae HTTP 303
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae&_li_chk=true&previous_uuid=5bef0957dd8048cf93898d5dcddee429

Request Chain 302

https://x.bidswitch.net/sync?ssp=liveintent&user_id=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5 HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_user_id=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_user_id=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=dadb7bc7-943b-4f7c-9f63-94e3a69ca8cc&ssp=liveintent HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae

303 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.newsobserver.com/ 185 KB
31 KB 1019ms
885ms Document
text/html 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 33fd701129b974fc9b1585525b99f3fb169b86b8cc5415aedc29125aa851cad1

Request headers

:method: GET
:authority: www.newsobserver.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy-forwarding-type: BlackList
mi-api: WPS
content-type: text/html;charset=utf-8
surrogate-control: varnish=ESI/2.1
x-varnish: 104751787, 142662049 149498855
last-modified: Fri, 05 Mar 2021 17:16:32 GMT
etag: W/"2e0a4-fokTeEmtfHeagChtfT5aHgSOBG8"
content-encoding: gzip
x-mi-in-market: 0
server: MI
mi-cache-age: 20
vary: Accept-Encoding
mi-cache: HIT
x-akamai-transformed: 9 30802 0 pmb=mTOE,4
expires: Fri, 05 Mar 2021 17:16:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 05 Mar 2021 17:16:53 GMT
content-length: 30986
set-cookie: ak_bmsc=EC0C44F11FEE19C1EFF2304536FC5D0E0211235EEA57000085674260ED49ED5A~pl1uufOovAiPJJQOR3QfKBGp+UfV6ac6J74YSRp7XrBMAHEQHJc63i0P/mCZNq9pWgbIHSzNOBuR4XHc4bPWHWNKj/jIwQZCmORyzxzjc/08wlNgh9WKjMqPsr4qTaIe83ooHA7lY/JubLW58Per8zrnb4QBRgwWke+c4oieOKieGggtbRqj1LYc5cBXuiolPvCA9r4woieNQwrNncQl5CFcSjUcKqxwkaxu8ifZK9d+s=; expires=Fri, 05 Mar 2021 19:16:53 GMT; max-age=7200; path=/; domain=.newsobserver.com; HttpOnly bm_mi=1F8263CC2F6E0D4B2666F2D015612CED~Jq2k922QFVlZ64HdMCa0sXXKyYVQBbYtWq2jgaA0zGuz7wCzkuBLF/lhX7hKrn26OaiYHLjqU14P5Jj7J/yqO1jlLz9z2f3pVh7XhajOdjPEOA4sA6sVQnDu9nRmIkLrXXF1UE/dv3BGk5UnvvPtSR8AKynxgJDtcFkZGf8JnbDNwearfp4CADKwQrISfM9XeXfxFzJB1uvCNpROttxQPm6/Qmz38elaackl83FZ9eg=; Domain=.newsobserver.com; Path=/; Max-Age=0; HttpOnly
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *

GET
H2 200 core.js Show response
www.newsobserver.com/static/yozons-lib/ 65 KB
20 KB 127ms
123ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/core.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fedcc61597e7959d4fe9a00573d0b1464c9b53b5a174203d3f9f15ecdedfdc08

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 71
content-length: 20349
last-modified: Wed, 03 Mar 2021 14:32:47 GMT
server: MI
etag: W/"10572-5bca2b98861c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 186069711 167368275
access-control-allow-origin: *
cache-control: max-age=79
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 newsobserver.js Show response
media2.newsobserver.com/misites/nao/ 2 KB
1 KB 154ms
150ms Script
text/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 18f9e6b96e326a7aa705c687fc8893c6b2df53acce477aefe2d0239d7b82fcb5

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 21:38:27 GMT
server: Apache
etag: "9f8-56b038eb73ac0"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1085

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
4 KB 40ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DgCf/JQeR4+J+ZEYMfLA9Q==
age: 2126
vary: Accept-Encoding
content-length: 4211
cf-request-id: 08a4fd7b21000005e9291f9000000001
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:08 GMT
server: cloudflare
etag: 0x8D8D8E828181ED0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c3880db3-801e-0143-0bda-0ab45a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62b4fea50e4a05e9-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 35ms
12ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YyyuJSQqC/IlFtjhtrYhpg==
age: 2126
vary: Accept-Encoding
cf-request-id: 08a4fd7b21000005e9d02ba000000001
x-ms-lease-status: unlocked
last-modified: Wed, 03 Mar 2021 08:12:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 43f20523-e01e-007e-7e06-104729000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 62b4fea50e4b05e9-FRA

GET
H2 200 vendor.bundle-ce1a13c0119f26716569.js Show response
www.newsobserver.com/wps/build/webpack/ 396 KB
121 KB 127ms
124ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a8c0554545df5557bfbae4b60e272d4c68b10876874942ae276e8a3f927f5dd0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1805
content-length: 122735
last-modified: Tue, 02 Mar 2021 20:45:54 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"631af-177f4b0a7d0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 84478206, 102409214 104771430
access-control-allow-origin: *
cache-control: max-age=409725
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-15539dde6db92a4565c1.js Show response
www.newsobserver.com/wps/build/webpack/ 13 KB
5 KB 150ms
148ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-header.bundle-15539dde6db92a4565c1.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 434203
content-length: 4394
last-modified: Tue, 09 Feb 2021 19:09:25 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"3412-1778832c688"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 108851531, 267718013 152844570
access-control-allow-origin: *
cache-control: max-age=187309
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
981 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3476c08cec250146dcdfd0cfbab2e721a7ca1fd5ba590e9075658a79b3b99524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 17:15:17 GMT
server: ESF
date: Fri, 05 Mar 2021 17:16:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Mar 2021 17:16:53 GMT

GET
H2 200 mi-styles.8a5037c2d30c9fc2847d.css
www.newsobserver.com/wps/build/webpack/css/ 211 KB
44 KB 149ms
147ms Stylesheet
text/css 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.8a5037c2d30c9fc2847d.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 74471d2c1b4f67e7d2d598b4941cc968ee248bf36c10921c25e5bcea805af6e8

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1804
content-length: 44310
last-modified: Tue, 02 Mar 2021 20:46:04 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"34b30-177f4b0cee0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 67530797, 90463967 87973196
access-control-allow-origin: *
cache-control: max-age=409601
access-control-allow-credentials: false
mi-cache: HIT
content-type: text/css;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 guid.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 1 KB
967 B 150ms
148ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/guid.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 495801
content-length: 547
last-modified: Tue, 09 Feb 2021 19:07:18 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"505-1778830d670"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 114819491, 282626427 170852109
access-control-allow-origin: *
cache-control: max-age=291684
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
973 B 47ms
20ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7be93782718b63bdf0478467dbae39879064f603eb44d42a90a6c6fee1ee81a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Fri, 05 Mar 2021 17:16:54 GMT

GET
H2 200 599164fc Show response
www.newsobserver.com/akam/11/ 32 KB
11 KB 62ms
61ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/11/599164fc
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b9ff52733a78204eaa29c541b1e01a35c748fcdd3ccfe66aa06761108e42aaf1

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:01:45 GMT
etag: "a98fda85edac81eb3ea75e9395fbb415d95f168ffe4fd9b619a328ae563267e5"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 10424
expires: Fri, 05 Mar 2021 17:16:54 GMT

GET
H2 200 main.b65b1c70.css
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 5 KB
2 KB 589ms
533ms Stylesheet
text/css 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.b65b1c70.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d4b4384bb2207ab3d40f433ad82a808cfbba943114432667cf3d2b3b65c62ee4

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 18:19:30 GMT
server: Apache
etag: "1361-5bad735fe2caf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=579
accept-ranges: bytes
content-length: 1474

GET
H2 200 main.85ef961b.js Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 237 KB
56 KB 553ms
497ms Script
text/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82a074c62a609a3ada316e1f97ab72d89b9f050bf05dcb145cc340734053c122

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 18:19:30 GMT
server: Apache
etag: "3b3c7-5bad735fe1ee5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 56823

GET
H2 200 escenic_s_code.js Show response
media2.newsobserver.com/mistats/products/ 95 KB
32 KB 127ms
125ms Script
text/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 22:54:12 GMT
server: Apache
etag: "17b06-5b4555f9a663f"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 32672

GET
H2 200 escenic.js Show response
media2.newsobserver.com/mistats/products/ 64 KB
16 KB 128ms
127ms Script
text/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/products/escenic.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2fadd9d3bd97439af1e5f2bce0c0215cd0cde410dbad50f9248712fd314dc4be

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:53 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 21:17:52 GMT
server: Apache
etag: "1012f-5bc94446834a4"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 15743

GET
H2 200 finalizestats.js Show response
media2.newsobserver.com/mistats/ 70 KB
18 KB 154ms
124ms Script
text/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/finalizestats.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 899090d9abbe42bf8e5503ac6f145a4cf9346250a3171a3bca8f6ad20f27e6d9

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 21:13:43 GMT
server: Apache
etag: "117d1-5bc0764ae79e8"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 18487

GET
H2 200 mi-footer.bundle-79c24024c08d7f0c7b17.js Show response
www.newsobserver.com/wps/build/webpack/ 11 KB
5 KB 139ms
125ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 87974
content-length: 4197
last-modified: Tue, 02 Mar 2021 20:45:54 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"2d5a-177f4b0a7d0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 80741934, 124353576 112900195
access-control-allow-origin: *
cache-control: max-age=534776
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 iris.adaptive.js Show response
ovp.iris.tv/libs/adaptive/v2/ 123 KB
35 KB 148ms
30ms Script
application/javascript 2600:9000:20d7:b000:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:b000:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba8bbfe110629e3df60cffbcd75d2ea7627f5f6e13ef3ba0354221cab7b8e097

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 01:10:37 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 18:43:33 GMT
server: AmazonS3
age: 5587578
etag: W/"a5f9f8a7f66429858d67ad40caa225aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yNO4p54aN9wmQjMnpKaFPqqyZn6b5iAY
via: 1.1 38a3f663851a0597e7026100a58b9b39.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZAG50-C1
content-type: application/javascript
x-amz-cf-id: 1xFUBJCnSDDnZpLndY30qZRd-EbUMEC9EQNVlBOhUZzYaqodJc9tDg==

GET
H2 200 iris-context.min.js Show response
ovp.iris.tv/libs/context/ 13 KB
5 KB 143ms
26ms Script
application/javascript 2600:9000:20d7:b000:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:b000:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9710dab6bb3447842cba847209148bd89fb928f55865b045105fa3aefa4fb51f

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5ZdiiNwZl43A.GuGAotRXH1LFI541fXN
content-encoding: gzip
last-modified: Thu, 18 Jun 2020 14:14:19 GMT
server: AmazonS3
age: 39568
etag: W/"1f6dcd0526f7505c7eb84fec71d5e468"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 38a3f663851a0597e7026100a58b9b39.cloudfront.net (CloudFront)
date: Fri, 05 Mar 2021 06:17:27 GMT
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: qqH2PGcCBGfXTwiwArSVGScc7oORtCBRqKJdapHiBOiVichWMdlnJQ==

GET
H2 200 vue.bundle-3ab3918677131d13ac6b.js Show response
www.newsobserver.com/wps/build/webpack/ 107 KB
38 KB 137ms
125ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vue.bundle-3ab3918677131d13ac6b.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 318fd391dc5361f08bff2ae57af7e4eb1261f436d8a44b1ef0e0553cf3298297

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1704
content-length: 38898
last-modified: Tue, 02 Mar 2021 20:46:18 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1ad47-177f4b10590"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 70339410, 103755094 91936015
access-control-allow-origin: *
cache-control: max-age=409642
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videojs.bundle-edfe4e7551e581579442.js Show response
www.newsobserver.com/wps/build/webpack/ 455 KB
120 KB 136ms
126ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videojs.bundle-edfe4e7551e581579442.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5cb4514e117d67aa8609b1e40d3d465f8344810761949a3807a442cf26b5cced

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1704
content-length: 121808
last-modified: Tue, 02 Mar 2021 20:46:18 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"71b1f-177f4b10590"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 51148787, 178267441 182164091
access-control-allow-origin: *
cache-control: max-age=409631
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videoStory.bundle-667b380d20e928f31b53.js Show response
www.newsobserver.com/wps/build/webpack/ 208 KB
61 KB 150ms
140ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8e79e41b43dfffe5d1cc409d0ab4269d92c26a2e8a947a455cb384d93aea55df

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1699
content-length: 61545
last-modified: Tue, 02 Mar 2021 20:46:18 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"33f43-177f4b10590"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 13773992, 98050402 89515183
access-control-allow-origin: *
cache-control: max-age=409656
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 footer.bundle-c9711777d343f484b936.js Show response
www.newsobserver.com/wps/build/webpack/ 10 KB
3 KB 152ms
143ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/footer.bundle-c9711777d343f484b936.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: cf5e946c1508e9a17e9fa87a2e65eb15ee2f72721d207d64c11ce5d702738378

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1807
content-length: 2447
last-modified: Tue, 02 Mar 2021 20:45:54 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"269f-177f4b0a7d0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 67122971, 99790299 106640026
access-control-allow-origin: *
cache-control: max-age=409742
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 netdale.edafd2fbcdad58785338.js Show response
www.newsobserver.com/static/yozons-lib/ 70 KB
18 KB 88ms
61ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/netdale.edafd2fbcdad58785338.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e340562229e59781fbae588213f4c581b33050aab14b230d947ff13310d4b52f

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 169
content-length: 17873
last-modified: Wed, 03 Mar 2021 14:32:45 GMT
server: MI
etag: W/"118e9-5bca2b969dd40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 184241231, 103402124 111673649
access-control-allow-origin: *
cache-control: max-age=422677
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 0
727 B 146ms
60ms XHR
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=%2F7675%2Fral.site_newsobserver%2Fpropensity&sz=1x1&ref=&cookie=&c=550177533249069&tile=1&u_tz=60

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adobe.t2_3.js Show response
www.newsobserver.com/static/yozons-lib/ 91 KB
31 KB 73ms
66ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5fd8bc8f1abe2eca0f650c16cd0f04bea980adbc2f228e4bc7bb6357923a9c36

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 329200
content-length: 31126
last-modified: Mon, 22 Feb 2021 18:04:25 GMT
server: MI
etag: W/"16dbe-5bbf0a1d21c40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 145013681 66408794
access-control-allow-origin: *
cache-control: max-age=592669
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 gfc.32717c4b746b1baa40e1.js Show response
www.newsobserver.com/static/yozons-lib/ 10 KB
5 KB 93ms
51ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/gfc.32717c4b746b1baa40e1.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 28c63584eb4027625b9506290596df5504421ad97552510c6057e8485e171441

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 170
content-length: 4673
last-modified: Wed, 03 Mar 2021 14:32:45 GMT
server: MI
etag: W/"2853-5bca2b969dd40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 177522957, 103827290 103431760
access-control-allow-origin: *
cache-control: max-age=422640
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

POST
H2 200 delivery Show response
mcclatchy.tt.omtrdc.net/rest/v1/ 189 B
449 B 176ms
58ms XHR
application/json 52.212.164.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=772c383445d941cda9f8601c9e33a3cd&version=2.3.0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.164.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-164-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 28624340a60b7488e2bf28f112ec8d00dcef5b16c6be7a732e77c995c4e2748b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 9f3f641c5a5f9b8434a602293516c167
content-type: application/json;charset=UTF-8

GET
H2 200 common.js Show response
media2.newsobserver.com/misites/all/ 4 KB
2 KB 110ms
69ms Script
text/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/misites/all/common.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 13:27:05 GMT
server: Apache
etag: "ee5-59232dc43bc40"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1412

GET
H2 200 micb.js Show response
media2.newsobserver.com/mistats/ 125 KB
35 KB 82ms
70ms Script
text/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/micb.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0a8fcb1d48ebeba1a1d89d0fd53c64f5ae022dbbfea93635ce3408bf94307352

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 21:10:30 GMT
server: Apache
etag: "1f306-5bc075932a672"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 35237

GET
H3-Q050 200 pts Show response
pubads.g.doubleclick.net/subopt/ 150 B
231 B 164ms
110ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/subopt/pts?products=newsobserver.com&type=general&extrainfo=null&u_tz=-60&v=1&cdm=www.newsobserver.com&c=669354

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

aa7b5487965f8ad73deb95b8c75fccf0aa9e42515da23be90cd1f3f91715e6ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 05 Mar 2021 17:16:54 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 241ms
60ms XHR
application/json 52.51.22.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_coop_safe=1&ts=1614964614590

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.22.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-22-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

33cfa9935e8b0eaee675b85c9648ca5cab9e371e890dc5bca482dbe32dd2ec16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v089-08696b216.edge-irl1.demdex.com 5.80.6.20210202104731 8ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: A0uPKc5qRE0=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 994
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 204 data Show response
pubads.g.doubleclick.net/subopt/ 0
569 B 60ms
58ms XHR
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/subopt/data?states=newsobserver.com%3Aunknown&extrainfo=null&u_tz=-60&v=1&cdm=www.newsobserver.com&c=891262

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 17:16:54 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 89ec5922-1183-4866-8824-09f66181e549.json Show response
cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/ 3 KB
2 KB 40ms
24ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/89ec5922-1183-4866-8824-09f66181e549.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0827a540ffd8faac9bc0bcdcb724fdb6e0a4fb3d073d46ff9a93ea105e1613ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VEhEeWxZ9Hxrgg8t3QZJ7w==
age: 1807
vary: Accept-Encoding
content-length: 1277
cf-request-id: 08a4fd7e870000062de9b26000000001
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 15:58:01 GMT
server: cloudflare
etag: 0x8D84521D12CED36
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 70169d7c-701e-0034-18b3-b4774e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62b4feaa79b7062d-FRA

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
225 B 88ms
28ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 62b4feab7ef94ed3-FRA
cf-request-id: 08a4fd7f2d00004ed362879000000001

GET
H2 200 geofeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
518 B 84ms
24ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d6aa0d1df9cfdddb4ba1c2e84627fbae84624b959ac448e02057a26df5c89ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 62b4feab7efd4ed3-FRA
cf-request-id: 08a4fd7f2d00004ed36d851000000001

GET
H2 200 identityModulev3.min.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 35 KB
11 KB 64ms
63ms XHR
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/identityModulev3.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 12623
content-length: 11142
last-modified: Tue, 09 Feb 2021 19:07:18 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"8dbb-1778830d670"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 108969123, 289570789 289403325
access-control-allow-origin: *
cache-control: max-age=267921
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v11/ 16 KB
16 KB 34ms
2ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:21:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:50:59 GMT
server: sffe
age: 557705
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16180
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:21:49 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v9/ 27 KB
27 KB 23ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 22:19:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:59 GMT
server: sffe
age: 241060
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27344
x-xss-protection: 0
expires: Wed, 02 Mar 2022 22:19:14 GMT

GET
H3-Q050 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v11/ 16 KB
16 KB 57ms
11ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 22:52:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Sep 2020 00:08:03 GMT
server: sffe
age: 239063
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
expires: Wed, 02 Mar 2022 22:52:32 GMT

GET
H2 200 logo.svg
www.newsobserver.com/wps/build/images/newsobserver/ 5 KB
3 KB 96ms
67ms Image
image/svg+xml 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/build/images/newsobserver/logo.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1270a862b7759b86d679ce76254e22bcd758959c10543bd38d451a9ef6c38004

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 12614
content-length: 2220
last-modified: Tue, 09 Feb 2021 19:09:25 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1479-1778832c688"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 112443315, 163141342 159933236
access-control-allow-origin: *
cache-control: max-age=205134
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
362 B 24ms
22ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:55 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 62b4fead69c34ed3-FRA
cf-request-id: 08a4fd806300004ed3b6090000000001

GET
H/1.1 200
OK Cookie set dest5.html Show response
mcclatchy.demdex.net/ Frame 357E 7 KB
3 KB 218ms
49ms Document
text/html 52.50.19.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.demdex.net/dest5.html?d_nsid=0

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.19.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: mcclatchy.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsobserver.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=27782752902577036082884456932365094412
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 11 Feb 2021 14:59:28 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=27782752902577036082884456932365094412;Path=/;Domain=.demdex.net;Expires=Wed, 01-Sep-2021 17:16:55 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: sunW2pD+SzU=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
mcclatchy.sc.omtrdc.net/ 2 B
321 B 181ms
44ms XHR
application/x-javascript 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=27609064911973716632943517110110075323&ts=1614964615316

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 Mar 2021 17:16:55 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5955cb7dcf-pc2z8
vary: Origin
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YEJnhwAAAHctHSKu
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=27782752902577036082884456932365094412
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEJnhwAAAHctHSKu

42 B
915 B

60ms
57ms

Image
image/gif

52.51.22.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEJnhwAAAHctHSKu

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.22.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-22-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-093656234.edge-irl1.demdex.com 5.80.6.20210202104731 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: k8xaluzyTSs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEJnhwAAAHctHSKu
Date: Fri, 05 Mar 2021 17:16:55 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3-Q050 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v9/ 23 KB
23 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:20:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
age: 118563
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23924
x-xss-protection: 0
expires: Fri, 04 Mar 2022 08:20:52 GMT

POST
H2 200 delivery Show response
mboxedge37.tt.omtrdc.net/rest/v1/ 653 B
708 B 89ms
82ms XHR
application/json 52.212.164.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=772c383445d941cda9f8601c9e33a3cd&version=2.3.0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.164.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-164-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9123dd764cdf6640af32405dd1e50798fd994ae1b6243da5ea1ce7546d4d5ade

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 05 Mar 2021 17:16:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 8d393100caa20859a4aa43412acd6ce2
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK states-data.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 77 KB
10 KB 219ms
75ms Fetch
application/json 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/states-data.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48fe692ef18a6935b89833a7242c6ad22d50aeec1647cce98fe73468e71e171a

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 17:00:02 GMT
Server: Apache
ETag: "1345c-5bccd03de28cd"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=109
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9726

GET
H/1.1 200
OK us-data.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 619 B
1 KB 208ms
74ms Fetch
application/json 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/us-data.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7d5150cb5b2d0d699d3d5233541ec06379a8f974dbc72a09d77f69bc376cfbdf

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 17:00:03 GMT
Server: Apache
ETag: "26b-5bccd03e3fb76"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=109
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 338

GET
H/1.1 200
OK NC-daily.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 499 KB
41 KB 689ms
558ms Fetch
application/json 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/NC-daily.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed0bf597b66e41afc3a6e661d0635227605da4099f82f75f4b92c73c1bc6ecc7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 19:46:59 GMT
Server: Apache
ETag: "7cb87-5bcbb3b18d5aa"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41614

GET
H2 200 fontawesome-webfont.woff2
www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 206ms
204ms Font
font/woff2 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.8a5037c2d30c9fc2847d.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.8a5037c2d30c9fc2847d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 276
content-length: 56780
last-modified: Tue, 02 Mar 2021 20:43:52 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"ddcc-177f4aecb40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 85266967, 118940495 113341450
access-control-allow-origin: *
cache-control: max-age=180
access-control-allow-credentials: false
mi-cache: HIT
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 IMG_framegrab_5_1_SNCBLHCM_L341108808
www.heraldsun.com/news/local/counties/durham-county/gee248/picture192216969/alternates/LANDSCAPE_768/ 59 KB
60 KB 167ms
147ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/news/local/counties/durham-county/gee248/picture192216969/alternates/LANDSCAPE_768/IMG_framegrab_5_1_SNCBLHCM_L341108808
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1745e853c656440ee792667b3962cf794f31971fb9c2b66779561e67445ee3a3

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2932
content-length: 60603
last-modified: Sun, 31 Dec 2017 00:39:29 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "132619ae8fdb7cba75e0c79c08869899"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 218709054, 149398636 144302996
access-control-allow-origin: *
cache-control: max-age=603811
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/d48022eb-608b-44f3-92b8-3ca79a3c465c/0abb799a-3072-436b-9a2b-b98fd9085a28/480x270/match/ 101 KB
101 KB 135ms
34ms Image
image/jpeg 13.32.25.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/d48022eb-608b-44f3-92b8-3ca79a3c465c/0abb799a-3072-436b-9a2b-b98fd9085a28/480x270/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-48.fra56.r.cloudfront.net
Software: / BC
Resource Hash: 5575eca2e0efd5124d75ee84804dbc6828de11b01de335cc2d10b421acef8030

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:03:55 GMT
Via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 555181
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: vkegOaZCdFAKJy0mrpqIFu4ma1QuMK4efM0NosPRktKoZOUwVDOk8w==
Expires: Sun, 27 Feb 2022 07:03:55 GMT

GET
H2 200 MILLBROOK14-021721-EDH.jpg
www.newsobserver.com/latest-news/ujzrwq/picture249345365/alternates/LANDSCAPE_768/ 38 KB
39 KB 88ms
72ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/ujzrwq/picture249345365/alternates/LANDSCAPE_768/MILLBROOK14-021721-EDH.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6dccae2152e9894d5c6b806825afa1148a18f8a53b316149dbb0e876fb0b7ae0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1106
content-length: 38963
last-modified: Thu, 18 Feb 2021 19:29:31 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "13e8f2df86f3cb0b4743a0167dfd95f8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 135748749 144587986
access-control-allow-origin: *
cache-control: max-age=586840
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 Office_Exterior.jpg
www.newsobserver.com/latest-news/wk16wt/picture249642728/alternates/LANDSCAPE_768/ 50 KB
51 KB 95ms
80ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/wk16wt/picture249642728/alternates/LANDSCAPE_768/Office_Exterior.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a6a9cddb40a2981519d0dafa3dd4d10582726b5b2be473b2e23fc64c0b6db9ef

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3174
content-length: 51531
last-modified: Tue, 02 Mar 2021 21:51:07 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "744ab223f4b08af889b5438971b8131c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 141803019 145240464
access-control-allow-origin: *
cache-control: max-age=593525
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 0817-oc-impactfees-pic
www.heraldsun.com/latest-news/vyckqr/picture217177600/alternates/LANDSCAPE_768/ 65 KB
66 KB 164ms
145ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/latest-news/vyckqr/picture217177600/alternates/LANDSCAPE_768/0817-oc-impactfees-pic
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b6ed1c93753ced57f042c218d7ffcbf0bf9ca3c9eabdb428e84001f3f97d95a4

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5287
content-length: 66969
last-modified: Fri, 26 Feb 2021 15:56:44 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "bbc1baa06a9dd30b24a44ad661dd2733"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 139748197, 221663716 222471789
access-control-allow-origin: *
cache-control: max-age=586961
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 HILLSBOROUGHST6-NE-052016-HLL
www.newsobserver.com/news/traffic/3047gc/picture196610899/alternates/LANDSCAPE_768/ 57 KB
57 KB 128ms
113ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/news/traffic/3047gc/picture196610899/alternates/LANDSCAPE_768/HILLSBOROUGHST6-NE-052016-HLL
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4c68b33fa7b31e5829c075d2bf524c7982d12b8364970aece613fdb4e1915998

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 4704
content-length: 58113
last-modified: Thu, 04 Mar 2021 23:56:54 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "a4a49ceb920093b68cc040d05af83a7a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 223922337 223004733
access-control-allow-origin: *
cache-control: max-age=586857
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 20200615_cooperpresser_CAT_126.jpg
www.newsobserver.com/latest-news/yci7ll/picture243550677/alternates/LANDSCAPE_768/ 27 KB
28 KB 98ms
84ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/yci7ll/picture243550677/alternates/LANDSCAPE_768/20200615_cooperpresser_CAT_126.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9c367b58a51d516df8732a7145826b90d0f3b6742e9ade0fa26629ae48ebdda7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 645
content-length: 28060
last-modified: Mon, 15 Jun 2020 19:47:42 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "7fd2d504d20ce691029e66c40b7c0e05"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 144339305, 219210679 224509738
access-control-allow-origin: *
cache-control: max-age=603815
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 xCOHENBARBERVACC-NE-030521-RTW_1.jpg
www.newsobserver.com/latest-news/y3v20w/picture249719353/alternates/LANDSCAPE_768/ 30 KB
30 KB 105ms
91ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/y3v20w/picture249719353/alternates/LANDSCAPE_768/xCOHENBARBERVACC-NE-030521-RTW_1.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 582a7c610f3fffe0455704b14c6f4b8a157ecdf0ae71911d8a6be481f87d52bf

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 517
content-length: 30367
last-modified: Fri, 05 Mar 2021 16:52:20 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "2498a9b42f01d19b5f08cfb29cc36f75"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 230360133, 138926596 143971612
access-control-allow-origin: *
cache-control: max-age=604778
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 AP21064126505236.jpg
www.newsobserver.com/latest-news/ksnvdq/picture249710338/alternates/LANDSCAPE_768/ 54 KB
55 KB 112ms
98ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/ksnvdq/picture249710338/alternates/LANDSCAPE_768/AP21064126505236.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a8b79b3cc84d582960e0a22ed704b9a231748e52192fcfddd0dbeab3aea6a1f8

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5710
content-length: 55536
last-modified: Fri, 05 Mar 2021 04:26:47 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "63c65d67f3cea76910d9d1c32b194967"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 142642368, 219950170 217497097
access-control-allow-origin: *
cache-control: max-age=564249
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/4680da95-88d0-44ce-9a01-f8b539700367/d71f913a-b91f-4765-aed5-2f50411cfcd1/480x270/match/ 48 KB
48 KB 130ms
32ms Image
image/jpeg 13.32.25.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/4680da95-88d0-44ce-9a01-f8b539700367/d71f913a-b91f-4765-aed5-2f50411cfcd1/480x270/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-48.fra56.r.cloudfront.net
Software: / BC
Resource Hash: 238c04813fbba34a775c6a2dbf3626154f51a3e85a0bffc93798c987476f6842

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 15:23:59 GMT
Via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 352377
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: tmqKMPUM9CYKka8pbIB9Bifb5EVvVvtf69VBP19JT_hT7WI19dEsJA==
Expires: Tue, 01 Mar 2022 15:23:59 GMT

GET
H2 200 IMG_NASHVILLEVIRUS-NE-03_4_1_AGHSRB6U_L548290540.JPG
www.newsobserver.com/latest-news/lpewg7/picture248174635/alternates/LANDSCAPE_768/ 61 KB
61 KB 120ms
107ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/lpewg7/picture248174635/alternates/LANDSCAPE_768/IMG_NASHVILLEVIRUS-NE-03_4_1_AGHSRB6U_L548290540.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 73c741a6273524a35f7e1d086bb7913ccf587fb0d495c131a782683b4f6fc1bc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2970
content-length: 62244
last-modified: Wed, 30 Dec 2020 17:47:06 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "b874fd954836384ea68eb547dc312c7f"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 167266954, 103170779 94744816
access-control-allow-origin: *
cache-control: max-age=411732
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 NCStateNotreDameBasketball%20(4).JPG
www.newsobserver.com/latest-news/41v0uk/picture249685163/alternates/LANDSCAPE_768/ 43 KB
43 KB 126ms
113ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/41v0uk/picture249685163/alternates/LANDSCAPE_768/NCStateNotreDameBasketball%20(4).JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ee3a43f964c31dd0bd4d6e20c705987ec6e12af6585830573ce5061b8d5233bf

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3665
content-length: 43566
last-modified: Thu, 04 Mar 2021 13:27:43 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "bd8ca03080b6cc17f490c03192ae27f4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 124363666, 207749937 203784299
access-control-allow-origin: *
cache-control: max-age=508447
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 DukeGeorgiaTechBasketball%20(12).JPG
www.newsobserver.com/latest-news/4syyuq/picture249659578/alternates/LANDSCAPE_768/ 56 KB
57 KB 130ms
118ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/4syyuq/picture249659578/alternates/LANDSCAPE_768/DukeGeorgiaTechBasketball%20(12).JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 420972042521b177c4c8e7b2f1122a17976a3e354dad9b946a1f5e99846152bc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 337
content-length: 57384
last-modified: Wed, 03 Mar 2021 15:44:14 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "f1a133a8db5a03b4dd4e4605ebd8ada6"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 187598422 176483872
access-control-allow-origin: *
cache-control: max-age=426791
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 001.jpg
www.newsobserver.com/latest-news/fm9kco/picture249620403/alternates/LANDSCAPE_768/ 37 KB
38 KB 159ms
147ms Image
image/jpeg 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/fm9kco/picture249620403/alternates/LANDSCAPE_768/001.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 851b081bf8d06d4d71b7085b7f6760a4bcac9fe03d87ee5ba883da3ba0edfe49

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 4142
content-length: 37952
last-modified: Wed, 03 Mar 2021 02:31:01 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "d593198f5bb158ced2c8bff4917b0461"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 90620460, 162516780 164638265
access-control-allow-origin: *
cache-control: max-age=383054
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ 331 KB
130 KB 76ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 17:10:05 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/3581/ 10 KB
3 KB 248ms
159ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3581/i.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: fasthttp /
Resource Hash: 3aaff2c9e6db25bd0a28edbe850cd8168e6b30fb771f6de229d950f8b499a2ad

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
content-encoding: gzip
server: fasthttp
age: 0
etag: df2386a8550a56
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public, max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 3195

GET
H2 200 main.js Show response
mcclatchy-newsobserver.zeustechnology.com/ 199 KB
53 KB 149ms
50ms Script
application/javascript 65.9.58.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.edafd2fbcdad58785338.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23425925f24f35a94cde3e8e7664fd092258cfda4f60c0e3ea14d0fbbb93c38

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: E9uktLWQE.OpKfK_RJnWepc_9WSdl.ck
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 19:50:01 GMT
server: AmazonS3
age: 39398
etag: W/"6238c662edf036d0e87e6cded8531153"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
date: Fri, 05 Mar 2021 06:20:19 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: WTmGusO_x7XrM1X_Wd7OcljB7JibnVg9dLXkMKhXfO_6KOU7vELBDg==

GET
H2 200 callback=mi.ads.extractPid Show response
ad.crwdcntrl.net/5/c=7436/pe=y/ 82 B
290 B 163ms
48ms Script
application/javascript 52.48.248.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=7436/pe=y/callback=mi.ads.extractPid
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:56 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.7.22
content-type: application/javascript;charset=UTF-8
content-length: 82
expires: 0

GET
H2 200 loader.js Show response
contributor.google.com/scripts/7df76a16abfcab18/ 103 KB
36 KB 171ms
147ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7df76a16abfcab18/loader.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7922642e4e612b07fbff97ee74353807c51643533b13c1acd1aea43e08e0e223

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5Zp4z5gxgv7DUlqKZhKDJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-5Zp4z5gxgv7DUlqKZhKDJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=86400
content-security-policy: script-src 'report-sample' 'nonce-5Zp4z5gxgv7DUlqKZhKDJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-5Zp4z5gxgv7DUlqKZhKDJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:16:56 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
69 KB 14ms
12ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Mar 2021 17:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 6009565
vary: Accept-Encoding
content-length: 69711
cf-request-id: 08a4fd84db000005e9e32ed000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b5a3eed9-c01e-0069-3a3b-db874a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62b4feb49e7305e9-FRA
expires: Sat, 13 Mar 2021 17:16:56 GMT

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
211 B 119ms
43ms XHR
text/plain 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=5951D7D8CCC727DA-33EA7AA35C179FDF&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=27609064911973716632943517110110075323&_les_url=https%3A%2F%2Fwww.newsobserver.com%2F
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614964617.644704,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19124-FRA

GET
H2

200

sp.br.js Show response
js.matheranalytics.com/static/2_2_18-e/
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930332/sp.js?cb=1558
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js

78 KB
25 KB

44ms
43ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 04:32:37 GMT
content-encoding: br
last-modified: Sat, 20 Apr 2019 20:43:13 GMT
server: nginx
age: 45860
etag: "93626701087aa6ff39ccd5278fb9fd3b"
vary: Accept-Encoding
x-cache: HIT Sat, 20 Apr 2019 22:39:14 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: clear
content-length: 25418

Redirect headers

date: Fri, 05 Mar 2021 17:16:57 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 0-gc-euw1-10925

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/finalizestats.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6649
date: Fri, 05 Mar 2021 15:26:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 05 Mar 2021 17:26:07 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ 23 KB
9 KB 49ms
10ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/finalizestats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
content-encoding: gzip
etag: "/D8P7qgiWm3WmfjhiS2eTg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 12 Mar 2021 17:16:56 GMT

GET
H2 200 mi_content_tracker.js Show response
media2.newsobserver.com/mistats/ 4 KB
2 KB 83ms
80ms Script
text/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/mi_content_tracker.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
content-encoding: gzip
last-modified: Wed, 04 Jun 2014 15:41:43 GMT
server: Apache
etag: "11ff-4fb04771acb56"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1432

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1614964616584
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1614964616584&ja=1

44 B
336 B

53ms
50ms

Image
image/gif

54.77.118.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1614964616584&ja=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.118.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:57 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:57 GMT
server: nginx
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1614964616584&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 moment.min.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 41 KB
14 KB 75ms
69ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/moment.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 515793
content-length: 14306
last-modified: Tue, 09 Feb 2021 19:07:18 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"a337-1778830d670"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 110934328, 404905793 292110302
access-control-allow-origin: *
cache-control: max-age=252540
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 348 KB
102 KB 567ms
63ms Script
application/x-javascript 184.30.21.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-59.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b4ab0c9d469f5fc9747b8f7433e38ebcc71a9bde85103b9ed30606d37bdbc112

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:57 GMT
Content-Encoding: gzip
x-amz-request-id: 656FA0C7177A7760
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: +0nPNwjO5Kp81B3CgcCUcpBDMTJJonPJfy5ffXrS00eBzK5YEz06idMVQO/ejMkTCSdxlTpodtk=
Last-Modified: Fri, 05 Feb 2021 18:53:22 GMT
Server: AmazonS3
ETag: "f26986557d331d9bccef002058601094"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 327 KB
113 KB 47ms
42ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115081
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:16:56 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 191ms
31ms Script
application/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 01522e70e4807e89bf3303d4f2e01fb141b4ce91dba4023d23794e255028ed9e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:57 GMT
content-encoding: gzip
age: 74836
x-guploader-uploadid: ABg5-Uy58XXWjrQsaCAJ63gIK0SA47FY3X80DxgPxSIeOeJ81X2t5frqIRYzWopRa2ItiMeI8q5WWvjVVFxiEASMf54
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6459
x-served-by: cache-fra19143-FRA
last-modified: Thu, 25 Feb 2021 20:29:37 GMT
server: UploadServer
x-timer: S1614964617.137721,VS0,VE0
etag: "334dd94887922f13e29acca6ed203eb7"
vary: Origin
x-goog-hash: crc32c=kcQgZA==, md5=M03ZSIeSLxPimsym7SA+tw==
x-goog-generation: 1614284976930081
via: 1.1 varnish
expires: Fri, 26 Feb 2021 20:29:38 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6459
accept-ranges: bytes
content-type: application/javascript
x-scrolljs: 3
x-cache-hits: 9962

GET
H2 200 performance.98fa8351ff5d10ca575a.js Show response
www.newsobserver.com/static/yozons-lib/ 4 KB
2 KB 75ms
74ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/performance.98fa8351ff5d10ca575a.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ebedb1d98c3b561fc7cd582116c6fb322f3ddeaf4237d93e931929a97c105a3a

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:56 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 169
content-length: 1430
last-modified: Wed, 03 Mar 2021 14:32:45 GMT
server: MI
etag: W/"f8b-5bca2b969dd40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 186584681, 110627615 103826915
access-control-allow-origin: *
cache-control: max-age=422723
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 parsely.4d4541836fbcadaa80c2.js Show response
www.newsobserver.com/static/yozons-lib/ 1 KB
950 B 75ms
74ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/parsely.4d4541836fbcadaa80c2.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 02ddd405d4a4539b1b58962d9290667cabf81c941b888beb2f484c662cadb460

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:57 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 170
content-length: 569
last-modified: Wed, 03 Mar 2021 14:32:45 GMT
server: MI
etag: W/"4af-5bca2b969dd40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 186584683, 103499951 102818907
access-control-allow-origin: *
cache-control: max-age=422691
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 quarantine.dda53160293203c627e6.js Show response
www.newsobserver.com/static/yozons-lib/ 7 KB
3 KB 78ms
77ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/quarantine.dda53160293203c627e6.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e167572da8f55dc69519e18852e32d5b8a43110ac2a1ea34a1babdfbe691219b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:57 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 169
content-length: 2862
last-modified: Wed, 03 Mar 2021 14:32:45 GMT
server: MI
etag: W/"1de5-5bca2b969dd40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 102459927 111259361
access-control-allow-origin: *
cache-control: max-age=422609
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 182 KB
60 KB 189ms
45ms Script
application/javascript 35.244.220.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.edafd2fbcdad58785338.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.220.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 04:29:13 GMT
content-encoding: gzip
age: 996464
x-guploader-uploadid: ABg5-UxlAEQH0eD4uK4gKPxsEk5oHxcMgcisWZajcgztqZVA-du-N767nsFeA80fRoLiufUd2X1Dl_QWN4E8y86-Sys
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 60625
last-modified: Fri, 22 Jan 2021 08:44:43 GMT
server: UploadServer
etag: "cd29a4c3533e427f1b5c357933c3c1ec"
x-goog-hash: crc32c=NT+O6A==, md5=zSmkw1M+Qn8bXDV5M8PB7A==
x-goog-generation: 1611305083757651
cache-control: no-transform
x-goog-stored-content-length: 60625
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 22 Feb 2022 04:29:13 GMT

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 51 KB
12 KB 132ms
6ms Script
application/javascript 2600:9000:21f3:3a00:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3a00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa307e6d45a6be500a0af862d7a1b858a887685c6da9f557ec2b8bb6e678902b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 22:05:36 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 22:05:33 GMT
server: AmazonS3
age: 69082
etag: W/"751110cf0e93de7605644d0b7acd20c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control: max-age=84600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: J7esDQN9cWgg-CiTZJxHkvoSV8H7pRzD4RSlWZjD6oV197ADCcKxUg==

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/ 2 KB
694 B 141ms
16ms Script
application/json 2600:9000:20eb:be00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71e60c209c711e26a25b0f9c939057a1e8952eaa2fb4e1fdc4b7de405f010842

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:41 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 14:40:19 GMT
server: AmazonS3
age: 17
etag: "b396ad41eac4be858d9fc7f62ebcd004"
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 321
x-amz-cf-id: o6F130G1a-9AuL2CkO3TrNOrtaYOo67vgW-1IdA5R5zdg9vKFYdunQ==

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 93 KB
21 KB 151ms
33ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.edafd2fbcdad58785338.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5149e68ec22e4f9a5e8b97ba750eb650eb7024c3881211654ca3f35a77756fca

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:57 GMT
Content-Encoding: gzip
Age: 182
X-Cache: HIT
Connection: keep-alive
Content-Length: 21235
x-amz-id-2: yYpTax8uwGZhvF2BSK261Us2VCcdmQ4AVei5/9x3R8w9afMWcBi802h/Np0qGSaeCedGC4OSzqc=
X-Served-By: cache-hhn4081-HHN
Last-Modified: Fri, 05 Mar 2021 16:31:05 GMT
Server: AmazonS3
X-Timer: S1614964617.138626,VS0,VE0
ETag: "f0ffea04516f4a4b1b73f90420d0f597"
x-amz-request-id: QRQ3TF1GYHBP96GX
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 2

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 147ms
29ms Script
application/x-javascript 2600:9000:20d7:7c00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7c00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:14:54 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 02:03:13 GMT
server: nginx
age: 82923
etag: W/"60121b61-8e23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: AczVtuP3Bv2C3FolXkB6YUNtfWETj_f25-oddpEv6udEOfHp_ahnbw==
expires: Fri, 05 Mar 2021 18:14:54 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 57ms
56ms XHR
application/json 52.51.22.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_mid=27609064911973716632943517110110075323&d_coop_safe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=mcid%0127609064911973716632943517110110075323&ts=1614964617247

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.22.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-22-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6f7294eca5274eaeba773cb8c4f365d19ff1d15c1a50a56a9f1a08b780411708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v089-080432068.edge-irl1.demdex.com 5.80.6.20210202104731 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: zbAJWojPRP4=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 994
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s3847139141761 Show response
mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/ 2 KB
3 KB 70ms
69ms Script
application/x-javascript 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/s3847139141761?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F2%2F2021%2018%3A16%3A57%205%20-60&cid.&mcid.&id=27609064911973716632943517110110075323&.mcid&.cid&d.&nsid=0&jsonv=1&.d&sdid=5951D7D8CCC727DA-33EA7AA35C179FDF&mid=27609064911973716632943517110110075323&aamlh=6&ce=UTF-8&pageName=D%3Dv4&g=https%3A%2F%2Fwww.newsobserver.com%2F&cc=USD&ch=D%3Dv23&server=D%3Dv24&xact=mi_as_nao_27609064911973716632943517110110075323_1614964615621&events=event7%2Cevent62%3D684&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv54&v1=Unregistered&h1=NAO%7CNews%20and%20Observer%7C_HomePage%7C%7C%7C%7C%7CHomepage&c2=dev%3Aother&c3=D%3Dv7&v4=Home%3A%20Homepage&c5=meter%3Astorage_unsupported&c6=D%3Dh1&v7=Home&c10=%2F&c11=ecidfailed%3Ano%7Cecidtimeout%3Ano%7Cmicb%3Ayes%7ChasFocus%3Ayes%7Crefresh%3Ano&c12=pageview%3Anormal&v12=no%20referrer&c13=Unregistered&c14=D%3Dv16&c15=dev%3Aother&v15=New&c17=D%3Dv8&c18=D%3Dv15&c20=D%3Dv51&c21=_HomePage&v23=Homepage&v24=newsobserver.com&v25=Homepage&c26=D%3Dv26&v26=NAO&c27=D%3Dv27&v27=News%20and%20Observer&c28=Homepage%3A7041&v30=score%3A15&c33=12%3A16PM&c34=Friday&c35=D%3Dv13&c36=D%3Dv10&c39=D%3Dv14&c41=D%3Dv74&v41=_HomePage%7C%7C%7C%7C%7CHomepage&c43=D%3Dv55&c44=Entry%20Page&v45=loggedin%3Ano&c47=escenic%3Adesktop&v48=XT_CreditCardDecline_032320%3A%20Default&c49=D%3Dv12&v50=D%3Dv0&v54=https%3A%2F%2Fwww.newsobserver.com%2F&v55=Entry%20Page&c56=D%3Dv45&c58=core%3Ayes%7Cdl%3Ayes&v71=1&v74=Product%3A%20Escenic&v79=D%3Dmid&v84=684&v85=Unknown&v90=count%3A0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&AQE=1

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

4c8ea0bc1205703f2518cf183638c2718c5a0ad75f78aa196c5661d11fd28661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid: l5ZS6gL3RF4=
date: Fri, 05 Mar 2021 17:16:57 GMT
x-content-type-options: nosniff
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
content-length: 2490
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v089-0950fbd32.edge-irl1.demdex.com 5.80.6.20210202104731 7ms (+1ms)
pragma: no-cache
last-modified: Sat, 06 Mar 2021 17:16:57 GMT
server: jag
xserver: anedge-5955cb7dcf-wt4hs
etag: 3468110108772433920-4621711142965484699
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 04 Mar 2021 17:16:57 GMT

GET
BLOB 200
OK 5a7b69e7-edf3-44b3-9efa-d11aa0a34bbb
https://www.newsobserver.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/5a7b69e7-edf3-44b3-9efa-d11aa0a34bbb
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK us-jhu.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 317 B
973 B 69ms
65ms Fetch
application/json 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/us-jhu.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bac4311228bd8c579fc1da1d8a18e4b12192770ccaa365d458bdc981b5a27c51

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 17:00:04 GMT
Server: Apache
ETag: "13d-5bccd03f2977a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=108
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168

GET
H/1.1 200
OK 835000587-custom.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 177 B
968 B 220ms
216ms Fetch
application/json 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/835000587-custom.json?v=518
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: df20dfd1a82a2252bbc59cccf5d8060b12cf93498ead8b6194599cd6d8fea9fa

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 17:15:16 GMT
Server: Apache
ETag: "b1-5bccd3a58dbe9"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9E80 19 KB
11 KB 26ms
26ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubmV3c29ic2VydmVyLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&badge=inline&cb=w9gqoyqjp2q7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e5d0a3cbc34dfc18b9f17e13ebf19039923cc80c60dae9f5a6bbe17b14371b82

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y4lx1/t7/VnEFFVTkv06ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubmV3c29ic2VydmVyLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&badge=inline&cb=w9gqoyqjp2q7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=210=izeQj-BUgWZbFvxXEvfkR7nAsfUh2LBgl1NUNwPkwYjdgzBj6SdBopKKf0Bt0bccBw2ZZSPRgnG6iF3wxmJEXmwlgJMzWuGNxoUPc5ahldRQ7jIiWygPgUN-xewu9u3UEsnwqUKnuBrEzP-ALM5Spuxnk_Z-E73mQZkuBPJ2FI8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 Mar 2021 17:16:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y4lx1/t7/VnEFFVTkv06ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10540
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 566 KB
138 KB 110ms
27ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3581/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 24b759db03c41f27f7d10864f2d8a6126aa7b11625fcd44c6fc6f33e750bec40

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 19:17:27 GMT
content-encoding: gzip
age: 165570
x-guploader-uploadid: ABg5-UwbfAcg9vKXvDoz2hgD6ShXGIG-RFGiWUZW0Ug3a2-UX6NLKAcrVEJz6rk4_2fKyzgdRK8Of7eV1i3pVxvfD5A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 140749
last-modified: Mon, 01 Mar 2021 21:00:33 GMT
server: UploadServer
etag: "1265fed96568b59004c3abf1b993fb19"
vary: Accept-Encoding
x-goog-hash: crc32c=KvioxA==, md5=EmX+2WVotZAEw6vxuZP7GQ==
x-goog-generation: 1614632433415239
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 140749
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 03 Mar 2022 19:17:27 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/ 84 KB
13 KB 13ms
12ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61ca98b7cf1605903efe0b6d46e33e2a30fad4df3a99b637134a92f78fd986c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Mar 2021 17:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AAibTtKo+i5nOcHwmlqtnw==
age: 178
vary: Accept-Encoding
content-length: 13247
cf-request-id: 08a4fd89030000062d48231000000001
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 16:00:20 GMT
server: cloudflare
etag: 0x8D8452223A2FF4E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 473f4ed8-001e-011d-2e32-044759000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62b4febb3d4e062d-FRA

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/7447/ 38 KB
13 KB 228ms
76ms Script
text/javascript 65.9.187.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/7447/lt.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.edafd2fbcdad58785338.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ec930cc4c9a31087b58f4e8c9099b85198a14da06c95a5c87bc463f1d8fe3a7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:57 GMT
content-encoding: gzip
etag: W/"ea25a6519122baa79173b5ead1b9ef49"
last-modified: Mon, 15 Feb 2021 19:13:24 GMT
server: AmazonS3
x-amz-cf-pop: ZAG50-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 eaa5b4468d4ba37bc9733291d72738ec.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-id: g5GEmKBkyES7bmH3BB9Q-UU-xKhrxsSCwe6PyLCGMLQ8RbfoGLuZww==

GET
H2 200 1405 Show response
analytics-check.publishersite.xyz/check/ 26 B
392 B 294ms
186ms XHR
application/json 13.32.24.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-check.publishersite.xyz/check/1405
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.24.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-24-86.fra56.r.cloudfront.net
Software: /
Resource Hash: 0464b6125d6f9f3dc1dbe6ef7f1203ea4d60d28141fd98fef1e15004f265ec2e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:57 GMT
via: 1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 5b675f19-9103-485f-b4f1-5afa983cbb11
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60426789-20e2fef13aa3e04b5db94ece;Sampled=0
x-amz-apigw-id: buUdiGzKoAMF2DQ=
content-length: 26
x-amz-cf-id: bjWU-BM63Z3pO3VA_zmVmuXwUuXJdeJrT1br1KNZ8ZwnIW2Wwia7QQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 114 KB
37 KB 59ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:57 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-1c974"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 06 Mar 2021 17:16:57 GMT

GET
H/1.1 200
OK 185522-118148292826456.js Show response
js-sec.indexww.com/ht/p/ 84 KB
26 KB 710ms
620ms Script
text/javascript 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a1bc519de7aeb90c4d8dc7c8dfe2e3d4db4c2447844bc3d57a62eccefcee6987

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 17:15:19 GMT
Server: Apache
ETag: "da4cee-14f94-5bccd3a7f97bf"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 26257
Expires: Fri, 05 Mar 2021 18:16:57 GMT

GET
H/1.1 200
OK userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 128ms
38ms Script
text/javascript 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:56:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300709-1d57-5b232e7ce6dc7"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=41546
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 2419
Expires: Sat, 06 Mar 2021 04:49:23 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 58ms
44ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

380ce1e1810ee511b59a76f4f8bba4a432ffc9dd86ce06c2abd112857450e1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "802 / 225 of 1000 / last-modified: 1614946432"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19862
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:16:57 GMT

POST
H2 200 pixel_599164fc Show response
www.newsobserver.com/akam/11/ 0
614 B 66ms
65ms XHR
text/html 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/11/pixel_599164fc
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/akam/11/599164fc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:57 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Fri, 05 Mar 2021 17:16:57 GMT

GET
H3-Q050 200 checksub Show response
contributor.google.com/scripts/7df76a16abfcab18:D:6e0e24bc1d03a6c9/ 392 B
904 B 40ms
35ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7df76a16abfcab18:D:6e0e24bc1d03a6c9/checksub

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.RQfB7reDkpk.es5.O/d=1/ct=zgms/rs=AJlcJMylb3lpeehGnCNbtPmwRapixn3AXw/m=contributor

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53dfec9f02a1b7cf64bb214a0bec4eac854435eba64e70176bac6fa44b10e18e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fvJoMt93ZAKbvXOVt11Kgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-fvJoMt93ZAKbvXOVt11Kgw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-fvJoMt93ZAKbvXOVt11Kgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-fvJoMt93ZAKbvXOVt11Kgw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I Show response
fundingchoicesmessages.google.com/f/ 80 KB
31 KB 69ms
35ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/gfc.32717c4b746b1baa40e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f0b2d260bd467a65a5d3b32ef2460fd0598bca56bddcea33a7431f1c645b01c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YX2AaDAHC39rSGlrirpcFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-YX2AaDAHC39rSGlrirpcFA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-YX2AaDAHC39rSGlrirpcFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-YX2AaDAHC39rSGlrirpcFA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="ContributorGlobalRouterHttp"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
74 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1653383239&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsobserver.com%2F&dh=newsobserver.com&ul=en-us&de=UTF-8&dt=Home%3A%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=970902814&gjid=2053816641&cid=469707977.1614964618&tid=UA-48279682-1&_gid=1520390879.1614964618&_r=1&_slc=1&cd1=NAO&cd2=News%20and%20Observer&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd5=Unregistered&cd6=Homepage&cg1=News%20and%20Observer&cg2=Homepage&z=309995348

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1653383239&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsobserver.com%2F&dh=newsobserver.com&ul=en-us&de=UTF-8&dt=Home%3A%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=1835141468&gjid=1117948452&cid=469707977.1614964618&tid=UA-48280268-1&_gid=1520390879.1614964618&_r=1&_slc=1&cd1=NAO&cd2=News%20and%20Observer&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd5=Unregistered&cd6=Homepage&cg1=News%20and%20Observer&cg2=Homepage&z=1411075824

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ 1 KB
1 KB 76ms
24ms Script
application/x-javascript 2600:9000:20d7:400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:49:12 GMT
content-encoding: gzip
last-modified: Mon, 26 Mar 2018 17:43:26 GMT
server: AmazonS3
age: 1706
etag: W/"eeeb10fbb8e6fc7fff11277347add08a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e25359babcc045566ea407b8f6ab0b65.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: gy-pM2nICeV_9Fa4SE3m8GSlqa8HiTql0fS7pkLaLfqn62TUDjFqLQ==

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEK6xZI7IMbI7nThohFP1HPU&google_cver=1
dpm.demdex.net/ Frame 357E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Mjc3ODI3NTI5MDI1NzcwMzYwODI4ODQ0NTY5MzIzNjUwOTQ0MTI=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK6xZI7IMbI7nThohFP1HPU&google_cver=1?gdpr=0&gdpr_consent=

42 B
915 B

63ms
56ms

Image
image/gif

52.51.22.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK6xZI7IMbI7nThohFP1HPU&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.22.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-22-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-04ef80184.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: +y1Uv4STQlc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK6xZI7IMbI7nThohFP1HPU&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 180ms
71ms Script
application/javascript 65.9.24.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.edafd2fbcdad58785338.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:15:21 GMT
content-encoding: gzip
server: Server
age: 96
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a0b6e5bd6cf5596d4f38f0df8fa929e1.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: 7KnjqYhn.fTYs_joiF9hMVX.bWg_6oV9
x-amz-cf-id: daqlT9j-7WKE9jvJJIruNaoX9KKLsUlwukiMP0_wIFPKqDopdd6ljQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 47ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-48279682-1&cid=469707977.1614964618&jid=970902814&gjid=2053816641&_gid=1520390879.1614964618&_u=YFDAAAAACAAAAC~&z=2129464186

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Mar 2021 17:16:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 1463ms
124ms Image
image/gif 34.192.62.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsobserver.com&p=%2F&u=BlGxEQCVqKEpCw3VSc&d=newsobserver.com&g=62447&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7090&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5821&t=BHSX7LBCHBZ2j3NAipD6R1BONwd-&V=122&i=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&tz=-60&sn=1&sv=DOijvoZuEOGDMV7LQB6DLmqjqGpn&sd=1&im=062b2f3e&_
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.62.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 check Show response
connect.scroll.com/embed/ 0
230 B 268ms
167ms XHR
application/json 35.201.100.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.scroll.com/embed/check

Requested by

Host: static.scroll.com
URL: https://static.scroll.com/js/scroll.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.100.179 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.30.v20200611) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https: http:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 Mar 2021 17:16:58 GMT
via: 1.1 google
server: Jetty(9.4.30.v20200611)
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
content-security-policy: frame-ancestors https: http:;
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202103031615/ 194 KB
58 KB 34ms
33ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202103031615/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aabea5b5dee65527277dcb7f9d3a3ec8521e65967c1790638dedea948057140b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:58 GMT
Content-Encoding: gzip
Age: 48
X-Cache: HIT
Connection: keep-alive
Content-Length: 59096
x-amz-id-2: Oef3i0jS/ds3YLDy9Ht2z4EEJBJeSfqjjl7I8xeZkiiXkKrAlBx170Y7hE+llX0fdi+4yMZy02U=
X-Served-By: cache-hhn4081-HHN
Last-Modified: Wed, 03 Mar 2021 22:17:01 GMT
Server: AmazonS3
X-Timer: S1614964619.663293,VS0,VE0
ETag: "481d8737743414a45248879fa987ab31"
x-amz-request-id: YVCMJ6QVYSWJNZXV
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 62

GET
H2 200 / Show response
geo.rlcdn.com/ 119 B
343 B 1066ms
124ms Fetch
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.rlcdn.com/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: f6f4b4586d702093c9cc07e981206978d58633f46da7c721f46513d4dcc71b11

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:00 GMT
content-encoding: gzip
etag: W/"77-cXC7RsophzXiswRXM3nplIMkqBo"
server: Google Frontend
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 1213b354a892f086da2114e414b1a9da
cache-control: private
content-length: 129

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 1088ms
266ms Script
text/javascript 54.183.247.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newsobserver.com%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: c240c840757662c0766715cc2cd14506fcb63a44e6890bcafff615a1a657d0b9

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:00 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 651
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK 6237297577001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 8 KB
9 KB 309ms
307ms Fetch
application/json 65.9.189.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6237297577001
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.189.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 676e6c945045c0cd42e1cf8c9036e4d0206f223d9988585e6968d8f74c3c76d3

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:00 GMT
Powered-From: eu-central-1c
Bcov-Request-Id: de8d9466-0aaf-40ae-b401-abe31e5a26fc
Age: 0
Policy-Key-Accountid: 5615998031001
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 7757
Via: 1.1 varnish, 1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
X-Served-By: cache-vie21638-VIE
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
X-Timer: S1614964620.061565,VS0,VE243
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: kRK7YtaY3DJ7ed4Y0Rh26Kk91anU8lpLb8B7UOmgpc1as9P1a8xseQ==
X-Cache-Hits: 0

GET
H/1.1 200
OK 6237038920001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 7 KB
9 KB 216ms
188ms Fetch
application/json 65.9.189.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6237038920001
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.189.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: db5f0bd337ca6226ee6fc069261b1bfcfa042db410f3d4a385ccf63c2183dc65

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:00 GMT
Powered-From: eu-central-1a
Bcov-Request-Id: 7cdeed85-b79a-4fa9-98a9-0cb3e85f4d06
Age: 0
Policy-Key-Accountid: 5615998031001
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 7525
Via: 1.1 varnish, 1.1 9680e9cb5cbc773ebfed1b7a558f7db6.cloudfront.net (CloudFront)
X-Served-By: cache-vie21625-VIE
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
X-Timer: S1614964620.129423,VS0,VE81
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: yMsef9SyzgEIVEtqSp4soOuofdG2dHtkgDDRCG8q9HjhsKF6BdBhNA==
X-Cache-Hits: 0

GET
H/1.1 200
OK 6236932532001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 8 KB
9 KB 191ms
188ms Fetch
application/json 65.9.189.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6236932532001
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.189.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8a111e85ad9579a84f785ef0aa885b97d76e5027d11004d1410aa23009369621

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:00 GMT
Powered-From: eu-central-1b
Bcov-Request-Id: df4f3a64-9e39-4181-a7c5-e63c1fc8fbaf
Age: 0
Policy-Key-Accountid: 5615998031001
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 7873
Via: 1.1 varnish, 1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
X-Served-By: cache-vie21642-VIE
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
X-Timer: S1614964620.101697,VS0,VE84
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: B8ixIUwnweMpJxrRvFx37q1c_ynRmYReXMWrPpaTr3UzJC87qsHTWg==
X-Cache-Hits: 0

GET
H/1.1 200
OK us-vaccinated.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 3 KB
1 KB 69ms
68ms Fetch
application/json 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/us-vaccinated.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0a0790bb667ca01b359475d64c4c43b91db616d837f4d57573e339b7274cf9c2

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 16:00:02 GMT
Server: Apache
ETag: "cc1-5bccc2d471d24"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=107
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 641

GET
H2 403 pdp.gif
www.newsobserver.com/static/yozons-lib/ 316 B
316 B 67ms
66ms Image
text/html 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX25hb18yNzYwOTA2NDkxMTk3MzcxNjYzMjk0MzUxNzExMDExMDA3NTMyM18xNjE0OTY0NjE1NjIxIiwiZG9tSW50ZXJhY3RpdmUiOjM5MzUsInJlcXVlc3RTdGFydCI6MTY3LCJ6ZXVzUmVxdWVzdGVkIjozNTkyfQ==
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 98fa602b458ac2bdb7135d6a1c933541559d7e216b318e1f4a5d73b512154220

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:59 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 316
expires: Fri, 05 Mar 2021 17:16:59 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/newsobserver.com/ 66 KB
23 KB 489ms
71ms Script
application/x-javascript 65.9.189.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/newsobserver.com/p.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/parsely.4d4541836fbcadaa80c2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.189.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d9fc07cf576192a26b36d6c48ec9a561be826ee1bc56f62c8a996d35d1f74812

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 05 Mar 2021 05:44:30 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 21:36:54 GMT
server: nginx
age: 41504
etag: W/"6019c5f6-10716"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 924bf9febd74cef2bda62c15c8441e00.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: lO2mqDFTjKQF4vXD-vaX0C7OgrYb0qPEpR8dOJM6zkXZenDFOswfUA==
expires: Sat, 06 Mar 2021 05:44:30 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 357E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVKbmh3QUFBSGN0SFNLdQ==

170 B
484 B

106ms
59ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVKbmh3QUFBSGN0SFNLdQ==

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:59 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614964620.968800,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVKbmh3QUFBSGN0SFNLdQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 550ms
122ms XHR
text/xml 52.46.131.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.46.131.203 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9388834b2060f3330e690a4fbf79f657ebd2c9f476f51e2ca4fc28574abd8fbf

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 05 Mar 2021 17:17:00 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 0de6bab3-9f8a-57dd-9c58-e20ff646be20
Content-Length: 378
Content-Type: text/xml

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 47ms
33ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-48279682-1&cid=469707977.1614964618&jid=970902814&_u=YFDAAAAACAAAAC~&z=1035810674

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 89ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-48279682-1&cid=469707977.1614964618&jid=970902814&_u=YFDAAAAACAAAAC~&z=1035810674

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:16:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
4 KB 12ms
11ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Mar 2021 17:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NgHQTHCGWwGmNE0ie37G8A==
age: 6009333
vary: Accept-Encoding
content-length: 3248
cf-request-id: 08a4fd91db0000062de69c6000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1b064c31-e01e-007e-293b-db4729000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62b4fec95aa2062d-FRA
expires: Sat, 13 Mar 2021 17:16:59 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 61 KB
15 KB 11ms
11ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Mar 2021 17:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ebGLXbyX4UjJx8DgFc7F7g==
age: 6009333
vary: Accept-Encoding
content-length: 14901
cf-request-id: 08a4fd91db0000062d1730c000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:17 GMT
server: cloudflare
etag: 0x8D84A3B55B1B344
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 85576d5e-101e-0164-583b-db2e13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62b4fec95aa9062d-FRA
expires: Sat, 13 Mar 2021 17:16:59 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 480ms
111ms Image
image/gif 54.164.147.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.newsobserver.com%2F&page=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&sec=Homepage&prem=0&ptype=Home&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=9d581f71-771e-4440-ad0d-1dc1e5f25b94&pid=6411624e-5884-4d27-a3b9-73cf45f52540&dtm=1614964619822&qnm=_matherq&vp=1600x1200&ds=1600x7017&tofa=1614964620&vid=1&duid=6698c68f52c3c454&fp=99543720&cid=ma12095&mrk=74930332&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJfSG9tZVBhZ2V8fHx8Il1dfSwicGVyZiI6eyJzdGFydCI6IjE2MTQ5NjQ2MTI3NjciLCJyZWRpckNudCI6IjAiLCJuYXZUeXBlIjoibGluayIsImhlYXBVIjoiMjQuNW1iIiwiaGVhcFQiOiIyOS40bWIiLCJmZXRjaFMiOiIyOCIsImRvbWFpblMiOiIzNCIsImRvbWFpbkUiOiI0MiIsImNvbm5TIjoiNDIiLCJjb25uRSI6IjE2NyIsInNzbFMiOiI1OSIsInJlcXVTIjoiMTY3IiwicmVzcFMiOiIxMDUxIiwicmVzcEUiOiIxMTExIiwiZG9tTG9hZCI6IjEwODAiLCJkb21JbnRlciI6IjM5MzUiLCJkb21Mb2FkUyI6IjQxOTIiLCJkb21Mb2FkRSI6IjQyMzcifSwia2V5d29yZHMiOlsibmV3cyIsImJyZWFraW5nIiwibGF0ZXN0IiwibG9jYWwiLCJSYWxlaWdoIiwiRHVyaGFtIiwiTm9ydGggQ2Fyb2xpbmEiXX0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.147.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:00 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 976E 1 KB
1 KB 150ms
35ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 06 Mar 2021 17:16:59 GMT

GET
H/1.1 200
OK states-vaccinated.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 36 KB
8 KB 81ms
79ms Fetch
application/json 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/states-vaccinated.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 29f8ffcb8425f5666a3c55fd5fee45f9404d6a384ccebffe4a34989aab3cdcbd

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:16:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 16:00:02 GMT
Server: Apache
ETag: "8f6d-5bccc2d3fe6e5"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=107
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7813

OPTIONS
H/1.1 200
Unknown Error 6237297577001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 626ms
72ms Preflight 65.9.189.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6237297577001
Protocol: HTTP/1.1
Server: 65.9.189.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.newsobserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Fri, 05 Mar 2021 17:16:59 GMT
Via: 1.1 varnish, 1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
X-Served-By: cache-vie21622-VIE
X-Cache-Hits: 0
X-Timer: S1614964620.985878,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: ZAG50-C1
X-Amz-Cf-Id: NL0zJmOPaGGIe7ndHTL28WTF-0EcIg6j_Ic-RAg0NJNGZgJI4dRhPg==

OPTIONS
H/1.1 200
Unknown Error 6237038920001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 629ms
88ms Preflight 65.9.189.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6237038920001
Protocol: HTTP/1.1
Server: 65.9.189.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.newsobserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Fri, 05 Mar 2021 17:17:00 GMT
Via: 1.1 varnish, 1.1 9680e9cb5cbc773ebfed1b7a558f7db6.cloudfront.net (CloudFront)
X-Served-By: cache-vie21648-VIE
X-Cache-Hits: 0
X-Timer: S1614964620.009534,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: ZAG50-C1
X-Amz-Cf-Id: IZnTjv6VK4GM89pSLlodJnUegADkhz1K1tH6n_IztTqTRdChbO55gA==

OPTIONS
H/1.1 200
Unknown Error 6236932532001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 584ms
83ms Preflight 65.9.189.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6236932532001
Protocol: HTTP/1.1
Server: 65.9.189.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.newsobserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Fri, 05 Mar 2021 17:17:00 GMT
Via: 1.1 varnish, 1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
X-Served-By: cache-vie21639-VIE
X-Cache-Hits: 0
X-Timer: S1614964620.004218,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: ZAG50-C1
X-Amz-Cf-Id: r53Ekh5-n_qtVQnnUcXsGBDa89kxBbB3bMD9N2Y9z7SMNpRejPv0QQ==

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 57 B
406 B 683ms
149ms XHR
application/json 35.186.239.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.239.74 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 777670ade19473c327eeefa99cf8b01f5a043ae77326c9c8493b2845075dca0b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:00 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 57 B
406 B 1379ms
165ms XHR
application/json 130.211.7.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.7.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e16defd62d2e44c7c30450d2a6e40d1a4265415c9622c7e7879402fcd758465c

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:01 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 57 B
406 B 1396ms
181ms XHR
application/json 35.201.89.125
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.89.125 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 64f90b1a90f1874b954bba2d4437b01540ce7d5832960ccdb880ba81ce6b206c

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:01 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 123ms
110ms Image
image/gif 34.192.62.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsobserver.com&p=%2F&u=BlGxEQCVqKEpCw3VSc&d=newsobserver.com&g=62447&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0.03&x=0&m=0&y=7017&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=5821&t=BHSX7LBCHBZ2j3NAipD6R1BONwd-&V=122&tz=-60&_acct=anon&sn=2&sv=DOijvoZuEOGDMV7LQB6DLmqjqGpn&sd=1&im=062b2f3e&_
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.62.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 pubads_impl_2021030101.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
99 KB 350ms
41ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 09:37:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101543
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:17:00 GMT

POST
H3-Q050 204 AGSKWxX4dBH9Wnj33mgq_AQtfzqu1EIy9Behoob_DSFzFZkZcvWFGjOYJIyJZb9jl-FNI-RW86PXHVWpVDuLNdlq Show response
fundingchoicesmessages.google.com/l/ 0
335 B 56ms
22ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxX4dBH9Wnj33mgq_AQtfzqu1EIy9Behoob_DSFzFZkZcvWFGjOYJIyJZb9jl-FNI-RW86PXHVWpVDuLNdlq?pvid=3A4ECA75-6231-4E52-8EB3-95647C8377F8&anonid=79D64A80-8DF4-48EB-B6CD-96CA6571C57C

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.SvauEk2q5wQ.es5.O/d=1/ct=zgms/rs=AJlcJMwt3VvsNbtkiCgEzGyq27azLfhZMg/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WaBNNO05p/5fmdm8SM3TFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WaBNNO05p/5fmdm8SM3TFw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-WaBNNO05p/5fmdm8SM3TFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WaBNNO05p/5fmdm8SM3TFw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxX4dBH9Wnj33mgq_AQtfzqu1EIy9Behoob_DSFzFZkZcvWFGjOYJIyJZb9jl-FNI-RW86PXHVWpVDuLNdlq Show response
fundingchoicesmessages.google.com/l/ 0
809 B 54ms
21ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vCMZfJAqcJQrLfkAKU8iqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-vCMZfJAqcJQrLfkAKU8iqQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-vCMZfJAqcJQrLfkAKU8iqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-vCMZfJAqcJQrLfkAKU8iqQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxX4dBH9Wnj33mgq_AQtfzqu1EIy9Behoob_DSFzFZkZcvWFGjOYJIyJZb9jl-FNI-RW86PXHVWpVDuLNdlq Show response
fundingchoicesmessages.google.com/l/ 0
335 B 21ms
21ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FqeO0Cil9IdbzEaJywT6VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-FqeO0Cil9IdbzEaJywT6VQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-FqeO0Cil9IdbzEaJywT6VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-FqeO0Cil9IdbzEaJywT6VQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxU6_uYaVt-AFYMTTFBhR01zjRD_sP53sL4r3nNMWcq9yyJmQ69TBtltzGa-mgzDWKDon0CRhKhwtSCjrr4Q Show response
fundingchoicesmessages.google.com/f/ 78 KB
30 KB 63ms
47ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU6_uYaVt-AFYMTTFBhR01zjRD_sP53sL4r3nNMWcq9yyJmQ69TBtltzGa-mgzDWKDon0CRhKhwtSCjrr4Q?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE0OTY0NjIwLDU5OTAwMDAwMF0sIjNBNEVDQTc1LTYyMzEtNEU1Mi04RUIzLTk1NjQ3QzgzNzdGOCIsIjc5RDY0QTgwLThERjQtNDhFQi1CNkNELTk2Q0E2NTcxQzU3QyIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c70d9a7220ad4e4bba58149d2a1500b4f5d980931c8b7336f44cdb4370ef29c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XEr5jmu3VHHpZu+mRTT4sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-XEr5jmu3VHHpZu+mRTT4sw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-XEr5jmu3VHHpZu+mRTT4sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-XEr5jmu3VHHpZu+mRTT4sw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 357E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEJnhwAAAHctHSKu&expires=90

0
239 B

287ms
35ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEJnhwAAAHctHSKu&expires=90
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:00 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614964621.651748,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEJnhwAAAHctHSKu&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 9E80 50 KB
25 KB 654ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubmV3c29ic2VydmVyLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&badge=inline&cb=w9gqoyqjp2q7

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
age: 2384
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Sat, 05 Mar 2022 16:37:17 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 9E80 331 KB
129 KB 656ms
16ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 17:10:05 GMT

GET
H2 200 pixel;r=282182960;labels=NAO;rf=0;uht=2;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.newsobserver.com%2F;fpan=1;fpa=P0-1038739006-1614964620735;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=...
pixel.quantserve.com/ 35 B
371 B 12ms
10ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=282182960;labels=NAO;rf=0;uht=2;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.newsobserver.com%2F;fpan=1;fpa=P0-1038739006-1614964620735;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=newsobserver.com;je=0;sr=1600x1200x24;dst=1;et=1614964620734;tzo=-60;ogl=site_name.Raleigh%20News%20%26%20Observer%2Ctitle.Raleigh%20NC%20News%252C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer%2Cimage.https%3A%2F%2Fwww%252Enewsobserver%252Ecom%2Fwps%2Fbuild%2Fimages%2Fnewsobserver%2Ffacebook%252Ejpg

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
548 B 512ms
49ms XHR
application/json 34.249.70.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185522
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 823d016f95e407edf4a7897062cd8177c1aa10bc820c6ec984f1ba5769a27b83

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 05 Mar 2021 17:17:01 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 04 Apr 2021 17:17:01 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
225 B 516ms
54ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 05 Mar 2021 17:17:01 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 89E7 37 KB
14 KB 38ms
38ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsobserver.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=129339
Expires: Sun, 07 Mar 2021 05:12:40 GMT
Date: Fri, 05 Mar 2021 17:17:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 162ms
54ms XHR
application/javascript 65.9.24.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:43:07 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 77635
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 06:42:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
via: 1.1 2646a167841368615f96564f373f8d21.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZAG50-C1
content-type: application/javascript
x-amz-cf-id: oDp-3JIJ9k8WlvZ9CsyJYYWUEMFNRMPCVe2Sv1PHyznxI3DQXb2JVw==

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 357E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEJnhwAAAHctHSKu
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEJnhwAAAHctHSKu&C=1

43 B
1002 B

216ms
188ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEJnhwAAAHctHSKu&C=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 05 Mar 2021 17:17:02 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEJnhwAAAHctHSKu&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Fri, 05 Mar 2021 17:17:01 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 976E
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1614964621255&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1614964621255&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=http...

0
248 B

33ms
31ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1614964621255&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c9=&cs_ak_ss=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1614964621255&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 463ms
115ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1614964621332&plid=70122913&idsite=newsobserver.com&url=https%3A%2F%2Fwww.newsobserver.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.newsobserver.com%2F&sref=&sts=1614964621298&slts=0&title=Raleigh+NC+News%2C+Sports+%26+Politics+%7C+Raleigh+News+%26+Observer&date=Fri+Mar+05+2021+18%3A17%3A01+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=74381614&u=pid%3D8f4ad7a797f677b6d0b1f4b88641eced
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:01 GMT
Cache-Control: no-cache
Last-Modified: Friday, 05-Mar-2021 17:17:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 188ms
174ms Image
image/gif 54.183.247.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=9de13897-dd86-4c14-a726-50e6246228b4&ntv_fl=7uDOAz88QViW5FhnhWWSVVJWfUVJQ-uiLvAjC-KTaIVju4Rleyqs6PO89VW79Rrp&ntv_ht=jGdCYAA&ntv_at=303,302&ntv_a=AAAAAAAAAAWK0QA&ord=1614964621362&ntv_dpl=1009,1011,1028,1016,1050,1003,1019,1007&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:01 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 186ms
175ms Image
image/gif 54.183.247.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092952&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:01 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 video_info Show response
context.iris.tv/ 113 B
456 B 187ms
69ms XHR
application/json 65.9.187.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998031001&platform_id=6236932532001
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Zer01ne /
Resource Hash: 618f1db2bc2543ac179ce61cfe3a106018f11993e61e8a0da1d9f8e3a5fa9be4

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:13:57 GMT
via: 1.1 7ec84fa8ea386135e27faa4bc393cabb.cloudfront.net (CloudFront)
server: Zer01ne
age: 184
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop: ZAG50-C1
x-robots-tag: noindex, follow
x-amz-cf-id: y5w8HfXvd7EtXkTDcfgcg929CN1Ex6qEdNGeLcgeQD93auG_whZObA==

GET
H2 200 video_info Show response
context.iris.tv/ 100 B
443 B 171ms
70ms XHR
application/json 65.9.187.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998031001&platform_id=6237038920001
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Zer01ne /
Resource Hash: 4b436d5481659036d00bd7d822ac71fbd8665f990e233b90f008402b1e9617f5

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:44 GMT
via: 1.1 7ec84fa8ea386135e27faa4bc393cabb.cloudfront.net (CloudFront)
server: Zer01ne
age: 17
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop: ZAG50-C1
x-robots-tag: noindex, follow
x-amz-cf-id: PqNm4C-aTFNSFINKuREh-vNvUxmg99RjiCwlN6LBWPvrPpJ7HZYr1g==

GET
H2 200 video_info Show response
context.iris.tv/ 113 B
454 B 168ms
68ms XHR
application/json 65.9.187.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998031001&platform_id=6237297577001
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Zer01ne /
Resource Hash: 20cc34e7ec4ffd60def4ed5b284340bd2ea94606f8c22d8f0e0759dc48afaec8

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:16:44 GMT
via: 1.1 7ec84fa8ea386135e27faa4bc393cabb.cloudfront.net (CloudFront)
server: Zer01ne
age: 17
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop: ZAG50-C1
x-robots-tag: noindex, follow
x-amz-cf-id: kMvmKlfLNusucltdevaTRdQA_aVh0adJElpk9bA0aYy-R8-TTpdGFA==

POST
H3-Q050 204 AGSKWxX4dBH9Wnj33mgq_AQtfzqu1EIy9Behoob_DSFzFZkZcvWFGjOYJIyJZb9jl-FNI-RW86PXHVWpVDuLNdlq Show response
fundingchoicesmessages.google.com/l/ 0
360 B 24ms
24ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SWKZD8UYxSztL5kq9H8svA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-SWKZD8UYxSztL5kq9H8svA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:01 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-SWKZD8UYxSztL5kq9H8svA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-SWKZD8UYxSztL5kq9H8svA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 302 B
1 KB 147ms
71ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

374de122d2dd1e22eefafdf5a16cd7a974559065bc4fad9bb24c83f1a044205e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:01 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid: cab5400b-32cf-4392-b30d-3e077a48fc99
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 302
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
150 B 135ms
43ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=105&profileId=184&cb=38247912799
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 05 Mar 2021 17:17:01 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

arj Show response
mcclatchy-d.openx.net/w/1.0/
Redirect Chain

https://mcclatchy-d.openx.net/w/1.0/arj?auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200...
https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600...

190 B
465 B

262ms
245ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200x24&tz=-60&nocache=1614964621491&us_privacy=1---
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 3c4bf00b10b58d22ffe90284d39b48dd25bb6ad296f79bd8b27c16584abfac1c

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:02 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newsobserver.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 177
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 05 Mar 2021 17:17:01 GMT
via: 1.1 google
server: OXGW/16.202.0
location: https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200x24&tz=-60&nocache=1614964621491&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 166ms
84ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 05 Mar 2021 16:31:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 347 B
3 KB 284ms
151ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80324&tk_flint=custom&slots=2&size_id=2%3B15&alt_size_ids=55%2C57%3B10&zone_id=493154%3B493154&rp_floor=0.01&us_privacy=1---
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3969530ee4db349ab34b744988cada7c45712c546bf74a39870b27b6334b4984

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:01 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 347
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
375 B 103ms
101ms XHR
text/javascript 65.9.24.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newsobserver.com%2F&pid=uNmwVMeGtznyW&cb=0&ws=1600x1200&v=7.60.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22960x30%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F7675%2FRAL.site_newsobserver%2F_HomePage%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F7675%2FRAL.site_newsobserver%2F_HomePage%22%7D%5D&cfgv=0&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:01 GMT
via: 1.1 a0b6e5bd6cf5596d4f38f0df8fa929e1.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZAG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: EHmT4JINe4gfNShppJ7yEq6iBsCLNMAsqXCuPwFYcixWv9eJVxN1ew==

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 357E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=YEJnjQAAAJ1MaToG
https://ib.adnxs.com/setuid?entity=158&code=YEJnjQAAAJ1MaToG&_test=YEJnjQAAAJ1MaToG

43 B
1 KB

40ms
39ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YEJnjQAAAJ1MaToG&_test=YEJnjQAAAJ1MaToG

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:02 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.250:80
AN-X-Request-Uuid: c5b79a80-4d9e-468e-b166-1ec6f3c2f370
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614964622.049229,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YEJnjQAAAJ1MaToG&_test=YEJnjQAAAJ1MaToG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 65 B
415 B 212ms
145ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=210842&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A9713696%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22577299%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22577300%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22577301%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22577308%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22577309%22%7D%2C%22id%22%3A%225%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2276c98613-85d3-45a8-ab05-47f63bdd4197%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-03-05T17%3A17%3A01%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e200ca6843c81edcce6539ff743845c1d247bc07fbb1ca9d9c1b10627469dc8a

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:01 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.newsobserver.com
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 85
x-ak-client-geo: 10
expires: Fri, 05 Mar 2021 17:17:01 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
150 B 49ms
49ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 05 Mar 2021 17:17:00 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 24ms
16ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:01 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 28 Feb 2022 17:17:01 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 18ms
17ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:01 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 28 Feb 2022 17:17:01 GMT

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/6745f64b-5666-4383-917c-7cfee7c21f52/10s/ 6 KB
7 KB 36ms
7ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/6745f64b-5666-4383-917c-7cfee7c21f52/10s/master.m3u8?fastly_token=NjA2NzU1ODRfNGYyZTg2MTRhZmMxMTFiNDE3OWM3M2UwZTAxMWE0YzBiYmE0MjIxNWIwZWVjOTQ3NzhjNzg0NWU4ZGEwODVlMQ%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: af4295b2e507dea2d3f97a27f2ddb84bcea537a0bbf787698c50f6db60efa69e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:01 GMT
via: 1.1 varnish
age: 32406
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-fra19157-FRA
x-device-group: desktop-chrome
x-timer: S1614964622.913530,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/788e66c0-a623-40ec-ba57-058541f2578f/10s/ 6 KB
7 KB 11ms
9ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/788e66c0-a623-40ec-ba57-058541f2578f/10s/master.m3u8?fastly_token=NjA2NzU2MmFfMzY3OTQ4ODU1MDNjNGViOTUwZTMwNzdhNmVkZThkNDJlYWE5NDk5MzJiMzQzOTg2N2EzZWM2NjFlN2VjODY0ZA%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 0d15e43025f0d2bdac730cc4a900841bee67a394ed76d59426aa8923a39cadd6

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:01 GMT
via: 1.1 varnish
age: 125862
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-fra19157-FRA
x-device-group: desktop-chrome
x-timer: S1614964622.917582,VS0,VE0
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 2

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 357E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEJnjQAAAJ1MaToG

43 B
122 B

61ms
59ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEJnjQAAAJ1MaToG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614964622.048960,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEJnjQAAAJ1MaToG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/da8e6cd3-5ad2-4bca-bd92-e638f676d4de/10s/ 5 KB
5 KB 27ms
7ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/da8e6cd3-5ad2-4bca-bd92-e638f676d4de/10s/master.m3u8?fastly_token=NjA2NzU1MzFfZjhlMWNhYjFiNTQ5M2IyOTEzOGRhZjVhNDc5MDZhMDEzMDIwYmU3NTMxNzZkZTA4ZDQ1NGM2YjI3NDAwZTA2Nw%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 584ed8f9afbb200b9a51020f8641784b82b454c995e2c140e7347c3206dc1d3e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 varnish
age: 98877
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 5199
x-served-by: cache-fra19157-FRA
x-device-group: desktop-chrome
x-timer: S1614964622.034684,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
BLOB 200
OK 8d8f343f-e755-4e50-b121-5873f9defa3f
https://www.newsobserver.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/8d8f343f-e755-4e50-b121-5873f9defa3f
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

GET
H2 200 cstB55mjfY2YbXF4zMiTi8_RJiNq49RCIO7mHTWYDHA.js Show response
www.google.com/js/bg/ Frame 9E80 14 KB
6 KB 59ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/cstB55mjfY2YbXF4zMiTi8_RJiNq49RCIO7mHTWYDHA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72cb41e799a37d8d986d7178ccc8938bcfd126236ae3d44220eee61d35980c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubmV3c29ic2VydmVyLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&badge=inline&cb=w9gqoyqjp2q7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 01:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 141522
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6292
x-xss-protection: 0
expires: Fri, 04 Mar 2022 01:58:20 GMT

GET
H2 200 IrisUpNext.css
ovp.iris.tv/libs/adaptive/styles/v2/ 14 KB
14 KB 39ms
39ms Stylesheet
text/css 2600:9000:20d7:b000:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/v2/IrisUpNext.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:b000:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 04:18:29 GMT
via: 1.1 38a3f663851a0597e7026100a58b9b39.cloudfront.net (CloudFront)
last-modified: Thu, 10 Dec 2020 21:39:59 GMT
server: AmazonS3
age: 7217914
etag: "840c928a4f9a6d6ee5ca76af8031b7ea"
x-cache: Hit from cloudfront
x-amz-version-id: 8bGmSv38jufOtvTVvpCK84CQNHI2iGn8
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-type: text/css
content-length: 14368
x-amz-cf-id: TZbEwDxYaMuFgaevkG_rr2KJBkiorZjl-RBXE1CR4CGU8ea__HoGRQ==

GET
H2 200 IrisButtons.css
ovp.iris.tv/libs/adaptive/styles/ 6 KB
6 KB 41ms
40ms Stylesheet
text/css 2600:9000:20d7:b000:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/IrisButtons.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:b000:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Dec 2020 21:58:45 GMT
via: 1.1 38a3f663851a0597e7026100a58b9b39.cloudfront.net (CloudFront)
last-modified: Thu, 10 Dec 2020 21:56:44 GMT
server: AmazonS3
age: 7327098
etag: "e54832afd18f0ed157b8160ac7e4a9d2"
x-cache: Hit from cloudfront
x-amz-version-id: CcqFDVhLmj7fMBiS5W3t1iFW3PtkExjg
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-type: text/css
content-length: 6053
x-amz-cf-id: PqlkO4GioPz-eFOSOMNS2bfZzDVpUlMhX8TCNf-10QJLNSez_yupkA==

GET
H2 200 bridge3.445.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6FE4 577 KB
189 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.445.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193133
date: Fri, 05 Mar 2021 16:46:52 GMT
expires: Sat, 05 Mar 2022 16:46:52 GMT
last-modified: Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1810
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 123ms
45ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:17:02 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/6745f64b-5666-4383-917c-7cfee7c21f52/1a535947-d05f-4e8e-b0f9-ac28f40becb4/1280x720/match/ 465 KB
466 KB 124ms
36ms Image
image/jpeg 13.32.25.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/6745f64b-5666-4383-917c-7cfee7c21f52/1a535947-d05f-4e8e-b0f9-ac28f40becb4/1280x720/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-48.fra56.r.cloudfront.net
Software: / BC
Resource Hash: 05484a111af3419aa48bfcab404b892cfa1089aff16eb7332ac46e20026d5ddb

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 23:41:20 GMT
Via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 63342
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: mIEqqY_lANHZCEbI7Y7lfuFBHD2XjQZbMbROe1uFAyBAqmSaHOxDOA==
Expires: Fri, 04 Mar 2022 23:41:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 95ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsobserver.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 17:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
BLOB 200
OK d150f98f-c135-4fea-9961-6fb28caa2ff2
https://www.newsobserver.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/d150f98f-c135-4fea-9961-6fb28caa2ff2
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/6745f64b-5666-4383-917c-7cfee7c21f52/0263be8a-9141-4de2-a310-47cd51d4c913/10s/ 4 KB
4 KB 34ms
17ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/6745f64b-5666-4383-917c-7cfee7c21f52/0263be8a-9141-4de2-a310-47cd51d4c913/10s/rendition.m3u8?fastly_token=NjA2NmQ2ZjBfNGYxODIxZGUxMzZjOWE5NGU2NGI1NGYyNjZlNGNmNDM5NDJiZGQyMzIxOWRkNjZmNDQ5NDI4MDgwYjlhNmYyNQ%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: c70f901c35e0cf427c1f847e4fc2296784c0abe5ae06e7b5d89bfb9d5981aff0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 varnish
age: 32405
x-powered-by: BC
x-cache: HIT
content-length: 4053
x-served-by: cache-fra19157-FRA
x-device-group: desktop-chrome
x-timer: S1614964622.391500,VS0,VE2
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H3-Q050 200 bridge3.445.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame A85E 577 KB
189 KB 43ms
24ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.445.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193133
date: Fri, 05 Mar 2021 16:46:52 GMT
expires: Sat, 05 Mar 2022 16:46:52 GMT
last-modified: Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1810
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/788e66c0-a623-40ec-ba57-058541f2578f/2dd0543e-ce19-44bf-9cad-7aa468f252cb/1280x720/match/ 138 KB
139 KB 113ms
35ms Image
image/jpeg 13.32.25.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/788e66c0-a623-40ec-ba57-058541f2578f/2dd0543e-ce19-44bf-9cad-7aa468f252cb/1280x720/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-48.fra56.r.cloudfront.net
Software: / BC
Resource Hash: 76e3cdff5fef73c7c101c6fe81a797eeaa4fbe1d53f1aaded55f842435adba43

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 15:12:01 GMT
Via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 180301
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: 546Zl6RTPul9_imTeYRMjnpwmuMHw6MSgkY7UoGb3uZHPlgDs2BHfg==
Expires: Thu, 03 Mar 2022 15:12:01 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/788e66c0-a623-40ec-ba57-058541f2578f/3d2c978c-e4cb-486b-bd3b-d7103b22d6a7/10s/ 10 KB
10 KB 27ms
9ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/788e66c0-a623-40ec-ba57-058541f2578f/3d2c978c-e4cb-486b-bd3b-d7103b22d6a7/10s/rendition.m3u8?fastly_token=NjA2NTZhODVfMmU4OGI4YzY2MWNkZDhjZjRjYjAyZmJkM2FiODc0MTllZGQ0N2M2M2Q0NmIyODI5ODVjYThkZjY2ZDc2NjBlZA%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 024305e03f823cbd7d9030efe7ab6519e497a9284a7e56311b1945c67b4e8a67

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 varnish
age: 103219
x-powered-by: BC
x-cache: HIT
content-length: 9978
x-served-by: cache-fra19157-FRA
x-device-group: desktop-chrome
x-timer: S1614964622.451097,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H3-Q050 200 bridge3.445.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1F5C 577 KB
189 KB 10ms
9ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.445.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193133
date: Fri, 05 Mar 2021 16:46:52 GMT
expires: Sat, 05 Mar 2022 16:46:52 GMT
last-modified: Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1810
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/da8e6cd3-5ad2-4bca-bd92-e638f676d4de/2cf03db1-26b1-4bb2-a117-dcefe5492d05/1280x720/match/ 299 KB
299 KB 36ms
34ms Image
image/jpeg 13.32.25.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/da8e6cd3-5ad2-4bca-bd92-e638f676d4de/2cf03db1-26b1-4bb2-a117-dcefe5492d05/1280x720/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-48.fra56.r.cloudfront.net
Software: / BC
Resource Hash: fca1945c76a87b1c5cb7183af8d84962aa74fc5f63c858df92b4641b44ca9d7e

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 04:47:09 GMT
Via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 131393
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: v9eNbFoi2r0UGQYJe3PfTJDfVe0J7TIo75VQFIGgfj1u5OCvDQEqvw==
Expires: Fri, 04 Mar 2022 04:47:09 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 89E7 3 KB
4 KB 199ms
41ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36190351&p=159414&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e9833938fc956b6d8db49dc9f2abc18a7ab0fa2a87d407e545eb0c813e585af8

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:01 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
172 B 250ms
163ms XHR
application/json 130.211.47.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=5f9797070067e2895aa07caa21f31a78&SCH1=&GCS1=175176104&GCS2=&pe=false&wsid=3581&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3581%2C%22loadID%22%3A%22cLtIPmiCVwAvqD2%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A99%2C%22IDStageStart%22%3A100%2C%22obsReqdata%22%3A1191%2C%22obsReqpage%22%3A1780%2C%22obsReqview%22%3A1781%2C%22IDStagePrefire%22%3A2713%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.47.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-type: application/json

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 357E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEJnjQAAAJ1MaToG

1 B
1013 B

175ms
39ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEJnjQAAAJ1MaToG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:01 GMT
X-lat: Pug23033:0:262
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614964623.652567,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEJnjQAAAJ1MaToG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
BLOB 200
OK c2277504-fbb4-4e42-b3a5-1f27b15c7524
https://www.newsobserver.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/c2277504-fbb4-4e42-b3a5-1f27b15c7524
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9E80 102 B
240 B 17ms
15ms Other
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubmV3c29ic2VydmVyLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&badge=inline&cb=w9gqoyqjp2q7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 05 Mar 2021 17:17:02 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
318 B 341ms
139ms XHR
text/plain 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=210842&u=https%3A%2F%2Fwww.newsobserver.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:02 GMT
Server: Apache
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 05 Mar 2021 17:17:02 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/6745f64b-5666-4383-917c-7cfee7c21f52/61db94c3-be91-4522-9cf3-b35ec8c60418/10s/ 4 KB
4 KB 8ms
7ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/6745f64b-5666-4383-917c-7cfee7c21f52/61db94c3-be91-4522-9cf3-b35ec8c60418/10s/rendition.m3u8?fastly_token=NjA2NmQ2ZjBfMWMyZDAzZmIyNWIzMjg0MmQ5ODcxY2FjMTEwYThhNGQ4YTYxNWE5MDlmNDM5YzQ0YWI2ZWRmNzA5Y2IxYzkwNQ%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 2729036231304c874f71f2d88498dd09e20fb08e7ce27312078c7420f7de3612

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 varnish
age: 32405
x-powered-by: BC
x-cache: HIT
content-length: 4438
x-served-by: cache-fra19157-FRA
x-device-group: desktop-chrome
x-timer: S1614964623.713091,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/788e66c0-a623-40ec-ba57-058541f2578f/d24d143b-ebdd-4649-b6a1-c41652f0c2c4/10s/ 10 KB
10 KB 44ms
42ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/788e66c0-a623-40ec-ba57-058541f2578f/d24d143b-ebdd-4649-b6a1-c41652f0c2c4/10s/rendition.m3u8?fastly_token=NjA2NTZhODVfODFjZDI3NWUxYmRiMjA0NTNkMmNjZjdlYWE1NzQ4ZTYzNGFiNzZjNmMzODQwZTE5Y2I0N2ExYjZkNGUzMWU1OQ%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: bf8bbcd1dc40de1e1affff17c431cfc965679e0e3694569d0e8e32e01c707c66

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 varnish
age: 125862
x-powered-by: BC
x-cache: HIT
content-length: 9954
x-served-by: cache-fra19157-FRA
x-device-group: desktop-chrome
x-timer: S1614964623.721923,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 239ms
237ms Image
image/gif 54.183.247.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=9de13897-dd86-4c14-a726-50e6246228b4&ntv_a=AAAAAAAAAAWK0QA&ntv_ht=jGdCYAA&ntv_fl=7uDOAz88QViW5FhnhWWSVVJWfUVJQ-uiLvAjC-KTaIVju4Rleyqs6PO89VW79Rrp&ord=-546320661&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:02 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
15 KB 462ms
462ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2749357818159462&correlator=2282810290016598&output=ldjh&impl=fifs&eid=21064367%2C31060220%2C31060296&vrg=2021030101&ptt=17&sc=1&sfv=1-0-37&ecs=20210305&iu_parts=7675%2CRAL.site_newsobserver%2C_HomePage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C970x250%7C728x90%7C960x30%7C970x90%2C300x250%7C300x600&ists=4&prev_scp=slot%3D1%26zeus_rendercount%3D1%7Catf%3Dy%26pkg%3Da%26slot%3D2%26optimera%3DD4%2CSA2%2CTC4%2CTC2%2CTC0%2CTG7%2CE1%2CSA2%2CJ6%2CTC9%2CTC7%2CTC5%2CTH5%2CTH6%2CJ0%2CSA2%2CK2%2CTF9%2CTF7%2CTF5%2CTH7%2CTH8%2CIA1%2CIA2%2CB%2CA%2CL_74%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2%7Catf%3Dy%26pkg%3Db%26slot%3D4%26optimera%3DA6%2CSA2%2CJ1%2CA5%2CTA4%2CTA2%2CTA0%2CTG9%2CTH0%2CB3%2CSA2%2CJ2%2CB2%2CTA9%2CTA7%2CTA5%2CTH1%2CTH2%2CIA1%2CIA2%2CB%2CA%2CL_74%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=lpid%3D%26zeus%3Dapplied%26id%3D%26pl%3Dhomepage%26ref%3D%26sect%3Decefrontpage%26sids%3D%26swgt%3Dna%26top%3D%26vl%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1614964592&dt=1614964622791&dlt=1614964613847&idt=7567&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C800%2C410&adys=-12245933%2C117%2C1381&adks=2598206095%2C1226173487%2C1489354972&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newsobserver.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1%7C1600x280%7C360x250&msz=0x0%7C31x280%7C1x250&ga_vid=469707977.1614964618&ga_sid=1614964623&ga_hid=1653383239&fws=128%2C0%2C0&ohw=0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

bcbcbbbc0773dc73991523d73f6d9952fffc55d38a87c1be9b2d6efdb115effe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15139
x-xss-protection: 0
google-lineitem-id: 5479766553,-1,5630351206
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317917956,-1,138341574808
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a597164d6b9dc750211bc8129578d3ab.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 91ms
16ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a597164d6b9dc750211bc8129578d3ab.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 64ms
8ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/da8e6cd3-5ad2-4bca-bd92-e638f676d4de/097c3f99-44f9-45d3-b6ab-db07515f2e5f/10s/ 1 KB
1 KB 7ms
6ms XHR
application/x-mpegurl 2a04:4e42:3::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/da8e6cd3-5ad2-4bca-bd92-e638f676d4de/097c3f99-44f9-45d3-b6ab-db07515f2e5f/10s/rendition.m3u8?fastly_token=NjA2NWQyZjVfN2M4NjhiMGYxODdlMmNmY2ExMDQ5YjY3OTQyNDdjYWQxMWIxMDIwNTRkYjM3ODI3Y2RmNjJiODFhMDYwNjg4OA%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 6d4bfbe269cd1b37fe0eaf917d24f51b7e301f463bc7e308b1325c98f921364e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:02 GMT
via: 1.1 varnish
age: 98878
x-powered-by: BC
x-cache: HIT
content-length: 1295
x-served-by: cache-fra19157-FRA
x-device-group: desktop-chrome
x-timer: S1614964623.916062,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 357E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=YEJnjwAAAEtjJCzr
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEJnjwAAAEtjJCzr&img=1&_test=YEJnjwAAAEtjJCzr
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEJnjwAAAEtjJCzr&img=1&_test=YEJnjwAAAEtjJCzr&__user_check__=1&sync_id=9b33ba62-7dd6-11eb-a7b9-1a404fd51b06

43 B
549 B

32ms
30ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEJnjwAAAEtjJCzr&img=1&_test=YEJnjwAAAEtjJCzr&__user_check__=1&sync_id=9b33ba62-7dd6-11eb-a7b9-1a404fd51b06
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:04 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 112
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 05 Mar 2021 17:17:04 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YEJnjwAAAEtjJCzr&img=1&_test=YEJnjwAAAEtjJCzr&__user_check__=1&sync_id=9b33ba62-7dd6-11eb-a7b9-1a404fd51b06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 35
Connection: keep-alive
Content-Length: 0

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
38 B 240ms
167ms Image
image/png 34.107.221.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=Callback%20error&severity=Warning&error=TypeError%253A%2520Cannot%2520read%2520property%2520%27initPostDeviceGraph%27%2520of%2520undefined%250A%2520%2520%2520%2520at%2520Object._0x40318a.%253Ccomputed%253E.%253Ccomputed%253E%2520%255Bas%2520triggerClientCallback%255D%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js%253A1%253A511171)%250A%2520%2520%2520%2520at%2520Object._0x40318a.%253Ccomputed%253E.%253Ccomputed%253E%2520%255Bas%2520idGenError%255D%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js%253A1%253A512632)%250A%2520%2520%2520%2520at%2520https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js%253A1%253A550343%250A%2520%2520%2520%2520at%2520_0x3c2ac6%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js%253A1%253A555632)%250A%2520%2520%2520%2520at%2520Generator._0x14fddf.%253Ccomputed%253E%2520%255Bas%2520_invoke%255D%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js%253A1%253A555077)%250A%2520%2520%2520%2520at%2520Generator.forEach._0x2b9e08.%253Ccomputed%253E%2520%255Bas%2520throw%255D%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js%253A1%253A556505)%250A%2520%2520%2520%2520at%2520_0x266da8%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js%253A1%253A507131)%250A%2520%2520%2520%2520at%2520_0x271eac%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fijs_all_modules_cjs_min_88a03a964514a4a56eac32075f9712bd.js%253A1%253A507679)&cookieID=&deviceID=&BXWID=3581&warpspeed=2%5EHIykD&loadID=cLtIPmiCVwAvqD2&version=1.5.9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.221.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:03 GMT
via: 1.1 google
alt-svc: clear
content-type: image/png

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
68 B 232ms
161ms Image
image/png 34.107.221.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=3581&warpspeed=2%5EHIykD&loadID=cLtIPmiCVwAvqD2&version=1.5.9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.221.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:03 GMT
via: 1.1 google
alt-svc: clear
content-type: image/png

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 03B1 36 KB
13 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2980
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:27:23 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5E3E 36 KB
12 KB 25ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2980
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:27:23 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1858 36 KB
12 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2980
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:27:23 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame F4F4 43 B
284 B 172ms
41ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36190351&p=159414&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Fri, 05 Mar 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1196
date: Fri, 05 Mar 2021 17:17:02 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame EC9D
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3314724042105434289

42 B
973 B

40ms
40ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3314724042105434289
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36190351&p=159414&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_218=22978-YEJnjQAAAJ1MaToG&KRTB&23194-YEJnjQAAAJ1MaToG&KRTB&23209-YEJnjQAAAJ1MaToG&KRTB&23244-YEJnjQAAAJ1MaToG; PugT=1614964621; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Fri, 05 Mar 2021 17:17:03 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_336=5844-3314724042105434289; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 17:17:03 GMT; path=/ PugT=1614964623; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 17:17:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 03-Jun-2021 17:17:03 GMT; path=/
X-lat: Pug23027:0:648
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3314724042105434289
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 89E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BVS6wvL6R-qpKbKJB0DH0Q%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BVS6wvL6R-qpKbKJB0DH0Q%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

34ms
34ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=37628
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sat, 06 Mar 2021 03:44:12 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 89E7 95 B
596 B 276ms
229ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=0554BAC2-F2FA-47EA-A929-B2890740C7D1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 62b4fedefe3f3244-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08a4fd9f5f0000324414ae5000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 89E7
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0554BAC2-F2FA-47EA-A929-B2890740C7D1&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0554BAC2-F2FA-47EA-A929-B2890740C7D1&sInitiator=external&gdpr=0&gdpr_consent=

42 B
240 B

57ms
34ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0554BAC2-F2FA-47EA-A929-B2890740C7D1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
uip-response-status: Ok
date: Fri, 05 Mar 2021 17:17:02 GMT
frontend-id: 15
content-length: 42
routing-server-id: -1
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:01 GMT
frontend-id: 11
location: /pubmatic/1/info2?sType=sync&sExtCookieId=0554BAC2-F2FA-47EA-A929-B2890740C7D1&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 89E7
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&addseg=29

7 B
147 B

114ms
34ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&addseg=29
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:04 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Fri, 05 Mar 2021 17:17:03 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&addseg=29
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 89E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDU1NEJBQzItRjJGQS00N0VBLUE5MjktQjI4OTA3NDBDN0Qx&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDU1NEJBQzItRjJGQS00N0VBLUE5MjktQjI4OTA3NDBDN0Qx&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
709 B

40ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:04 GMT
X-lat: Pug23025:0:248
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 89E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ94xjpET6DY5GY-e8FoeFs&google_cver=1

42 B
855 B

81ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ94xjpET6DY5GY-e8FoeFs&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:04 GMT
X-lat: lhrpug005:0:451
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ94xjpET6DY5GY-e8FoeFs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 89E7 43 B
611 B 142ms
28ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 04 Mar 2021 17:17:03 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 89E7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...

35 B
233 B

19ms
18ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:03 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:03 GMT
server: nginx
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 89E7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:81186042-678e-4300-a026-29366f5e55a3&gdpr=0&gdpr_consent=

42 B
946 B

203ms
55ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:81186042-678e-4300-a026-29366f5e55a3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:03 GMT
X-lat: lhrpug015:0:842
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Fri, 05 Mar 2021 17:17:03 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:81186042-678e-4300-a026-29366f5e55a3&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Mar 2021 17:17:02 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 89E7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=29486bd9-8b90-4db0-8bc0-eb0366ce1e24

42 B
1 KB

40ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=29486bd9-8b90-4db0-8bc0-eb0366ce1e24
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:02 GMT
X-lat: Pug23039:0:271
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=29486bd9-8b90-4db0-8bc0-eb0366ce1e24
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 89E7
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=0&gdpr=0&gdpr_consent=

42 B
955 B

45ms
44ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:02 GMT
X-lat: Pug23040:0:261
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 17:17:04 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: e47f3b3c-a34e-43c8-a2f0-824a9f432e86
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=0&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 89E7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0554BAC2-F2FA-47EA-A929-B2890740C7D1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YhkLZKZ1l2IrDzcrRJdxCimzvWcJLP4-&gdpr=0&gdpr_consent=

0
742 B

238ms
40ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YhkLZKZ1l2IrDzcrRJdxCimzvWcJLP4-&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Fri, 05 Mar 2021 17:17:03 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Fri, 05 Mar 2021 17:17:04 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YhkLZKZ1l2IrDzcrRJdxCimzvWcJLP4-&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1893 7 KB
1 KB 28ms
20ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

911b9774a63edd66707fc39d1f35fcfd939f7960a3e4c6258d4df2ae0d6249d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pxptakiVqCMkl8t8EDol9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 Mar 2021 17:17:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-pxptakiVqCMkl8t8EDol9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1110
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

b.php
www.facebook.com/fr/ Frame 357E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEJnjwAAAEtjJCzr&t=2592000&o=0

43 B
235 B

42ms
38ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEJnjwAAAEtjJCzr&t=2592000&o=0

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
x-fb-debug: JJMdOTq66xDbin3Ghs1g/yr9saJPYOeOEIUxKCYXO32H9aIqRBqIWbyJdUZXQvHEX5o4kFz13erLVBNysU1d2g==
content-encoding: br
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 05 Mar 2021 09:17:03 PST
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
expires: Fri, 05 Mar 2021 09:17:03 PST

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614964623.305104,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEJnjwAAAEtjJCzr&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 07B2 185 KB
53 KB 118ms
0ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202103031615/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278610
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 07B2 12 KB
5 KB 110ms
0ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202103031615/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278610
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 07B2 87 KB
27 KB 121ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202103031615/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278610
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 07B2 3 KB
1 KB 99ms
0ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202103031615/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278610
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 07B2 40 KB
13 KB 113ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202103031615/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278610
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
DATA 200
OK truncated
/ Frame 07B2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81fbbe9007cb49e72d3c4b7ac2dab7b1c38e4a2cdf9a495146a3437c32262ce0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5527 0
0 98ms
74ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-RKVCwYbGZ6y5uIRhDT24Zmafb6xGG1iu7ax0uqmuKGCEWnxQHxGrmxn_0v8cwGf072TpwOoq7X1wzHvxMgskHfZl_IHC1oSTYyybk3xtuHRXruqKEW73A6ZZleRwoLnPBOXiMAUkDkrAx7AIXRL328Kab0im_3TjQ2YsJN-jqDu8ZaVRL3xXCJkdLjx3x2VYMfBUwFWgAOYvGrplfDLxjPtecYnOaMT2yL9ZeFxVqlGeSxeoaXQGCLc44Fc8T2CCNxqZr09GbRWpuMCneBQMbYxT3NU0ealq1vWZl6-IDs2LZXb-Kzbja97Qyd4AhTV6fN1531Vddk0fp4bk-DHW1KwazQwMkI0&sai=AMfl-YSQXCGMmERmVbSkTl2bVsmtTUkfWSrxA9B5CsaXSmTqKIoNJF87d2YvnjpfujOqzIqURWN4WmJCYPeRBMufohdDzEkEaENJzMUvNgLvKhTcKRmr6qJ7DiAs9vOUN3U&sig=Cg0ArKJSzFkCB066JWKFEAE&urlfix=1&adurl=

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 17:17:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:17:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5527 110 KB
34 KB 105ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:17:03 GMT

GET
H2 200 2772444484594254900
tpc.googlesyndication.com/simgad/ Frame 5527 92 KB
92 KB 43ms
21ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2772444484594254900?

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9cf4c7e12bbf4be47dc31e328a51e4c71ab4f8fdcedce75a9cccc0c18734f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 21:19:03 GMT
x-content-type-options: nosniff
age: 71880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93899
x-xss-protection: 0
last-modified: Mon, 08 Feb 2021 18:50:16 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 21:19:03 GMT

GET
H3-Q050

200

14221371079760943072
tpc.googlesyndication.com/simgad/ Frame D6B1
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDnq7jUeBABGAEoATIIRCa0hO01vLpA1fzu7AU
https://tpc.googlesyndication.com/simgad/14221371079760943072

43 B
206 B

8ms
7ms

Image
image/gif

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14221371079760943072

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 23:16:26 GMT
x-content-type-options: nosniff
age: 496838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
last-modified: Mon, 07 Oct 2019 22:37:26 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 23:16:26 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 12:36:37 GMT
x-content-type-options: nosniff
server: cafe
age: 16826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14221371079760943072
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Apr 2021 12:36:37 GMT

GET
H2 200 15696933429240936212
tpc.googlesyndication.com/daca_images/simgad/ Frame 07B2 87 KB
88 KB 34ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15696933429240936212

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981060307e32f940e64e08f7afb4a3b681dfac27ab79a48afb75153bdec126b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:39:40 GMT
x-content-type-options: nosniff
age: 207443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89417
x-xss-protection: 0
last-modified: Tue, 25 Jun 2019 20:20:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Mar 2022 07:39:40 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 07B2 2 KB
3 KB 33ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 32046
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 06 Mar 2021 08:22:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 07B2 295 B
520 B 32ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 64332
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 05 Mar 2021 23:24:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 07B2 0
0 39ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQi1R8GcwsZeiPfyrOlU2CZaotq5OxD4ZS3QukTy_-JyDCwAcUXagLd9lWP7Li6VO1KagLt
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 07B2 0
0 99ms
73ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CitL7jmdCYNqbNJHL7_UPiv2KSL_mrOZZp9bq_IgKyuLS4LIBEAEgmOLIG2DRgbmC0AegAc64koMDyAECqQKwsph6homFPuACAKgDAcgDCKoE3gFP0LhU9erQpTGhqZjNOg4Jkk5aX_gn-Eb-E01oxnb0yiHmuLpG3H-NDQd9IaMQIHx8Cmy-w_VYcbhO15KuqsxEkAUF5nYUgST5HhSDBdxHZy4JDQH9LDQS49lXupaCftMY6-9yUKj_UsZvqZ7w4BmHP9k233ahSCXmxKKkbgKJA6v7APs6PAveY5lw6VjOfIQhZ06uJ0Ah_wdFzMJWwohvT26XeZk8t5YRSN8iegb5aZ1_wTpM99pYqe7IJORpAQgBLwi_AKyXhbfGPNCtfEGgROIuTCld8iiojO3tHTvABML809KSAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeax-18qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJ6FI9IICQiA4YBwEAEYHYAKA8gLAdgTDbIXGgoYCAASFHB1Yi0zNDQ2MzA1ODU5MTU3MjQx&sigh=UMq3rWxue8s&tpd=AGWhJmss1WzxDZuxiOVlm29CMhCW6197g7usM3uKusKI2Hyvtg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 FREE.gif
www.newsobserver.com/static/img/placeholder/ 74 B
461 B 504ms
430ms Image
image/gif 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/static/img/placeholder/FREE.gif?mias===QfiUTMiojIzBnIsU2csFmZ6IycuJCLiEjM2UTM2QjN5QTM2EzXzIzM1cDMwETMwETM3ETNzQTOyMjN2EzNzcTOxETO0YDM5AjN3IzXvFmbfNXYflWbiojIpRnIsISZnFGcl12bIJiOig2YiwSf4YTNzIjN0YTO0EjNxojIlRmciwyN2UzMyYDN2kDNxYTM6IyckJnIsMDM4IjM2QjN5QTM2EjOiMXcyJCL1kzNyEjN0YTO0EjNxojIzdGcisnOiQnIs0XM6IiNwITM1MDMzYTNiwSM6ISOzAjMycTMyYTNiwSM6IyM1UjN2cTO3QTNisnOiMHZpJye
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6bd9eb4b281413efc78a042369f67bec93ba3d123f1b3bded7b62585e859a1ef

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:04 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 552292
content-length: 74
last-modified: Thu, 14 Jan 2021 23:28:40 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"74-1610666920000"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 110513561 56024377, 217566766 86401658
access-control-allow-origin: *
cache-control: max-age=122758
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 108ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:17:03 GMT

POST
H/1.1 200
OK pixels
protected-by.clarium.io/ 0
215 B 140ms
38ms Other
text/html 18.195.94.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protected-by.clarium.io/pixels
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202103031615/wrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.94.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 Mar 2021 17:17:04 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 20
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 117ms
112ms Image
image/gif 54.164.147.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTYzMDM1MTIwNiIsImVidXkiOiIyODI1MjMwNzc4IiwiZWFkdiI6IjI3MjE2MDU0IiwiZWNpZCI6IjEzODM0MTU3NDgwOCIsImVlbnYiOiJqIiwiZXBpZCI6IjEzNzA1MjU0IiwiZXNpZCI6IjEzNzA1MTM0In0&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=13095be1-3f59-4395-bf61-3a43f9aa475f&pid=6411624e-5884-4d27-a3b9-73cf45f52540&dtm=1614964624779&qnm=_matherq&vp=1600x1200&ds=1600x7370&tofa=1614964625&vid=1&duid=514095ce0b6ce524&fp=99543720&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.newsobserver.com%2F
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.147.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:04 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 5527 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9798c0e27c01d0f78af913138fd86cccf8d4546123594e6bdbf3bc78b1ea77de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 1893 50 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
age: 2387
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Sat, 05 Mar 2022 16:37:17 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 1893 331 KB
129 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 17:10:05 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5527 0
0 152ms
71ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3tNA4JQIbbUpGQxl99Ar_--rMU83RbEqyeVO0GDqUqvM614q5iJG_QoTlh3-THDy9fbi5OezAoRwco9MKQyLE_NvAXvGKgTD0GvXz6_wCXgIUnAy2nCDBTjOtqgzG1JpcmBkOq1nqKfk-WobHvaYtJ_MRRkaUUk0o5qAFFMEtk5amBKjP_YfzvwavbLo0GqxRB-kmM7j44uZJFmhv08qUL1200-Lq9SEI4yMHfttz8eDQIHSJdXPQml9DPcz6kmgDXRLwMsdfCe71vSAsfvuE8uby7_M0iS1YrBPQJ6PeJccS8q3Ddvp9rf7a_F7es4oOoNk_uGliTAh_Lpc&sai=AMfl-YTyQlOjQ3NuHJnpRuk9Mb7Kvp3f-Wmx-jqu8hxm6nyrOMh3OCwSXIz4AT3goFj5hJnicjR5x0BVYcQ3bvvLBpg1ggwAwO3AOxDDEB7oOclOc1zN5czx3tQK8eqZOl8&sig=Cg0ArKJSzIeibCZmxWeoEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 17:17:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:17:05 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 07B2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 05 Mar 2021 17:17:05 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 15696933429240936212
tpc.googlesyndication.com/daca_images/simgad/ Frame 07B2 87 KB
87 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15696933429240936212

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981060307e32f940e64e08f7afb4a3b681dfac27ab79a48afb75153bdec126b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:39:40 GMT
x-content-type-options: nosniff
age: 207445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89417
x-xss-protection: 0
last-modified: Tue, 25 Jun 2019 20:20:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Mar 2022 07:39:40 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 07B2 2 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 32048
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 06 Mar 2021 08:22:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 07B2 295 B
358 B 7ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 64334
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 05 Mar 2021 23:24:51 GMT

GET
H2 200 _.aspx Show response
fundingchoicesmessages.google.com/f/AGSKWxW0S5fkVfZ0CSOMA_FaUXQmwJ2wHGlKIDuWJLoG3w51t_Beq3fZG9sQizjjakd0J3LzNdDf7AXLM2f11VNs2I0GPzZ7SV0OkoSdVIKDyTQt_feGBBiCtjOGthcAnYg7nPoHmuvU565ssKvZsG1JDXpavDuma... 54 B
463 B 23ms
22ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0S5fkVfZ0CSOMA_FaUXQmwJ2wHGlKIDuWJLoG3w51t_Beq3fZG9sQizjjakd0J3LzNdDf7AXLM2f11VNs2I0GPzZ7SV0OkoSdVIKDyTQt_feGBBiCtjOGthcAnYg7nPoHmuvU565ssKvZsG1JDXpavDumayYlZLwX7gAerUlmPsUK3WplMJIhOkSJvQ43Pf-H50eVJ5EXQBbZr6o3Y8bOQj7egOW4xZDK9YFP0cdqbu8=/_.aspx?adid=/ad_serv./controller.ad./img/728_90/yourad1.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.UqvzHsQyYtc.es5.O/d=1/ct=zgms/rs=AJlcJMwXMxpaF4ibosyC9C-xn5eY3yHO4A/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ca495159a890afbb9acbbe7063d77600daacb65d03d29cddd31779d86e00f67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lOT8Rb43tYfq4jvFbY9WHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lOT8Rb43tYfq4jvFbY9WHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-lOT8Rb43tYfq4jvFbY9WHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lOT8Rb43tYfq4jvFbY9WHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
350 B 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 13:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Mar 2021 13:19:04 GMT

POST
H2 204 AGSKWxUJfn5b6yQxdOYbKpiRPS2xVyOV4XF87jvPa1X7zUb45sd9oWbgcpllK22hJEG7bLVizfmakUQKATLM6ndMqr2HMnAJO1sZ8DnxhgiLtENyzSt-XugD57UFFHt34kUODH_v85T_hpy-A2bQh62940OS3vx7E5B1QgLuf-bvEcnf-ZpQkemPsDwXow== Show response
fundingchoicesmessages.google.com/l/ 0
823 B 43ms
19ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUJfn5b6yQxdOYbKpiRPS2xVyOV4XF87jvPa1X7zUb45sd9oWbgcpllK22hJEG7bLVizfmakUQKATLM6ndMqr2HMnAJO1sZ8DnxhgiLtENyzSt-XugD57UFFHt34kUODH_v85T_hpy-A2bQh62940OS3vx7E5B1QgLuf-bvEcnf-ZpQkemPsDwXow==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+g0RGwRKkr57+3af/i1zDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+g0RGwRKkr57+3af/i1zDw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:05 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-+g0RGwRKkr57+3af/i1zDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+g0RGwRKkr57+3af/i1zDw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1893 15 KB
12 KB 50ms
49ms XHR
application/json 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af452cef243478d5e61fc2723f6785c5e7548e4fcd92c7876fcbb27430e5c56d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 05 Mar 2021 17:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11536
x-xss-protection: 1; mode=block
expires: Fri, 05 Mar 2021 17:17:05 GMT

GET
H2 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1893 600 B
736 B 18ms
13ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 10:19:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 111448
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Thu, 11 Mar 2021 10:19:37 GMT

GET
H2 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1893 530 B
619 B 21ms
17ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 04:45:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 390681
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Mon, 08 Mar 2021 04:45:44 GMT

GET
H2 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1893 665 B
754 B 20ms
16ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:29:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 193682
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Wed, 10 Mar 2021 11:29:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1893 15 KB
15 KB 15ms
11ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 573910
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 27 Feb 2022 01:51:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1893 15 KB
15 KB 15ms
12ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 13:34:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
age: 358935
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
expires: Tue, 01 Mar 2022 13:34:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1893 15 KB
15 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 22:43:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 239641
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Wed, 02 Mar 2022 22:43:04 GMT

GET
H3-Q050 200 cstB55mjfY2YbXF4zMiTi8_RJiNq49RCIO7mHTWYDHA.js Show response
www.google.com/js/bg/ Frame 1893 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/cstB55mjfY2YbXF4zMiTi8_RJiNq49RCIO7mHTWYDHA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72cb41e799a37d8d986d7178ccc8938bcfd126236ae3d44220eee61d35980c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 01:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 141526
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6292
x-xss-protection: 0
expires: Fri, 04 Mar 2022 01:58:20 GMT

GET
H3-Q050 200 payload
www.google.com/recaptcha/api2/ Frame 1893 50 KB
50 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq24AZcloJp1O65dPH6dYlE9md5a3G0jzTDhQd1vAV1Mg3HOzaEG1yveaZzfnAVhIPYr7mqpXgjRgfVWGfXOGFrkaO1HS2E5c1caNIC392LDtwTIBoBZTFUFATlVbviMGqBWrhZtn8JBUJ8AJzrzU45NoMiroX8vPBnpzRDLe7npqBTQoqjvsHJ7V_7ihpDcU4YuYHHMevcN5enS08sCfEysqC0M6KA&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e47f6c4674a486632f958206eabaa5e6296a8f600860105c37aacf508239326f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=atnpzk8y38j3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51314
x-xss-protection: 1; mode=block
expires: Fri, 05 Mar 2021 17:17:06 GMT

POST
H3-Q050 204 AGSKWxUJfn5b6yQxdOYbKpiRPS2xVyOV4XF87jvPa1X7zUb45sd9oWbgcpllK22hJEG7bLVizfmakUQKATLM6ndMqr2HMnAJO1sZ8DnxhgiLtENyzSt-XugD57UFFHt34kUODH_v85T_hpy-A2bQh62940OS3vx7E5B1QgLuf-bvEcnf-ZpQkemPsDwXow== Show response
fundingchoicesmessages.google.com/l/ 0
358 B 28ms
28ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-38lA/X8R2OZ1d/C5S7iQJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-38lA/X8R2OZ1d/C5S7iQJQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-38lA/X8R2OZ1d/C5S7iQJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-38lA/X8R2OZ1d/C5S7iQJQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUJfn5b6yQxdOYbKpiRPS2xVyOV4XF87jvPa1X7zUb45sd9oWbgcpllK22hJEG7bLVizfmakUQKATLM6ndMqr2HMnAJO1sZ8DnxhgiLtENyzSt-XugD57UFFHt34kUODH_v85T_hpy-A2bQh62940OS3vx7E5B1QgLuf-bvEcnf-ZpQkemPsDwXow== Show response
fundingchoicesmessages.google.com/l/ 0
334 B 20ms
19ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-usLvmA3gN8BiEpFWziRrvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-usLvmA3gN8BiEpFWziRrvQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-usLvmA3gN8BiEpFWziRrvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-usLvmA3gN8BiEpFWziRrvQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxXeEfDEMwLXarrRlQyDVEL4Hy232EvCKUh20UAfIpcdYRlTjGyDHuxQrash7J-QtAOW5bFnXewA103435UR4Ra-YAMWHEtZEYLEvFoa-0M6vz9LItSLoX8GzpfYpbBCQDwIBT0AGwtT5HzOT6KpFkZifA-sWK4WWgFD77n7-Rcb9bJAZHc3Xblp4w== Show response
fundingchoicesmessages.google.com/f/ 60 KB
23 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXeEfDEMwLXarrRlQyDVEL4Hy232EvCKUh20UAfIpcdYRlTjGyDHuxQrash7J-QtAOW5bFnXewA103435UR4Ra-YAMWHEtZEYLEvFoa-0M6vz9LItSLoX8GzpfYpbBCQDwIBT0AGwtT5HzOT6KpFkZifA-sWK4WWgFD77n7-Rcb9bJAZHc3Xblp4w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCwyLFsxNjE0OTY0NjI2LDEzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5797134c2668436a980cb68cc341c5fe99372fd18f7df46d555fb7359a93dfaf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R8GKL75gaMeNqG8r08VRlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-R8GKL75gaMeNqG8r08VRlQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-R8GKL75gaMeNqG8r08VRlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-R8GKL75gaMeNqG8r08VRlQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUJfn5b6yQxdOYbKpiRPS2xVyOV4XF87jvPa1X7zUb45sd9oWbgcpllK22hJEG7bLVizfmakUQKATLM6ndMqr2HMnAJO1sZ8DnxhgiLtENyzSt-XugD57UFFHt34kUODH_v85T_hpy-A2bQh62940OS3vx7E5B1QgLuf-bvEcnf-ZpQkemPsDwXow== Show response
fundingchoicesmessages.google.com/l/ 0
1 KB 20ms
20ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cX3zgkQEwFxGLwIauxBBkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cX3zgkQEwFxGLwIauxBBkg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-cX3zgkQEwFxGLwIauxBBkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cX3zgkQEwFxGLwIauxBBkg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="ContributorGlobalRouterHttp"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6FE4 1 KB
951 B 72ms
71ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.newsobserver.com%2F&correlator=1903149391903765&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FRAL.site_newsobserver%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.newsobserver.com%2Fsports%2Fcollege%2Facc%2Func%2Farticle249703278.html&vid_t=Did%20coach%20Roy%20Williams%20use%20a%20shovel%20to%20try%20to%20correct%20UNC%E2%80%99s%20turnover%20problem%3F&vid=6237297577001&cust_params=sec_sect%3D11009%2C7041%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_64fc49f8c579ab08%26iris_context%3Dic_0381735%2Cic_8121076&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&sdki=44d&adk=4234945749&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.newsobserver.com%2F0800b633-305f-4e22-8c55-a31e767a3493&sid=CC19BBA5-933F-425B-AB60-95C3D46CBFE7&eid=44728150&dt=1614964626209&cookie_enabled=1&scor=483046217417930&ged=ve4_td12_tt3_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

38424d927f5b47ff43a6912dc25bfb52c75567c16a2d0851a7470caed66a637f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A85E 1 KB
910 B 68ms
68ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.newsobserver.com%2F&correlator=3112167587596709&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FRAL.site_newsobserver%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fcoronavirus%2Farticle249658573.html&vid_t=Dolly%20Parton%E2%80%99s%20COVID%20message%3A%20%E2%80%98Don%E2%80%99t%20be%20such%20a%20chicken%20squat%2C%20get%20out%20there%20and%20get%20your%20shot%E2%80%99&vid=6236932532001&cust_params=sec_sect%3D82751%2C10526%2C7041%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_078498d9a5412dcd%26iris_context%3Dic_3165844%2Cic_2002746&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&u_so=p&ctv=0&mpt=videojs-ima&mpv=1.8.0&sdki=44d&adk=1484760408&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.newsobserver.com%2F96803ce8-8a58-41d7-a38b-2870dea20927&sid=CC19BBA5-933F-425B-AB60-95C3D46CBFE7&eid=44728150&dt=1614964626221&cookie_enabled=1&scor=4428910959927578&ged=ve4_td12_tt3_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3285360e94d93321fab367945b4fd42aae7034f3db4cc9a4de1910ced01e82d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 836
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1F5C 1 KB
859 B 73ms
71ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.newsobserver.com%2F&correlator=1600723917605216&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FRAL.site_newsobserver%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.newsobserver.com%2Fsports%2Fcollege%2Facc%2Fnc-state%2Farticle249677813.html&vid_t=Photos%20from%20NC%20State%E2%80%99s%20victory%20over%20Notre%20Dame&vid=6237038920001&cust_params=sec_sect%3D11003%2C7041%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_66768cc6f3edde34%26iris_context%3Dic_0858141&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&u_so=p&ctv=0&mpt=videojs-ima&mpv=1.8.0&sdki=44d&adk=1397588983&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.newsobserver.com%2Fed5ec1eb-70d2-4c09-8aca-c0a4f5287c1d&sid=CC19BBA5-933F-425B-AB60-95C3D46CBFE7&eid=44728150&dt=1614964626230&cookie_enabled=1&scor=224796903641738&ged=ve4_td12_tt3_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

aa7730482088a675ea182e998a71dfd53cedff1a8c64ae6db88b6e16192a91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 785
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUii_SXMQ5n4wAqKJ9H1gDo5gEjyCyaBQCjCfQXbz5r47pPi8TzRO66voc8sXYqWF9AWXNOkRH2HFGXia5HEPWlOt4ii6LE419dD3XhMQ2OlyN3zti5wXy37oqEux23kWElwbo-fSxnumJH8Z3O7x19mbg2eHwq-XU22d4Xs1o-nBgpRaUwBYjyWg== Show response
fundingchoicesmessages.google.com/l/ 0
425 B 29ms
26ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUii_SXMQ5n4wAqKJ9H1gDo5gEjyCyaBQCjCfQXbz5r47pPi8TzRO66voc8sXYqWF9AWXNOkRH2HFGXia5HEPWlOt4ii6LE419dD3XhMQ2OlyN3zti5wXy37oqEux23kWElwbo-fSxnumJH8Z3O7x19mbg2eHwq-XU22d4Xs1o-nBgpRaUwBYjyWg==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.IAq-ejNKm5k.es5.O/d=1/ct=zgms/rs=AJlcJMw8K_ueBbJVfFsK0XvDQJqwV6LTDg/m=cookie_refresh

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4ehK1JbnUACijIvioeuwPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4ehK1JbnUACijIvioeuwPA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-4ehK1JbnUACijIvioeuwPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4ehK1JbnUACijIvioeuwPA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUii_SXMQ5n4wAqKJ9H1gDo5gEjyCyaBQCjCfQXbz5r47pPi8TzRO66voc8sXYqWF9AWXNOkRH2HFGXia5HEPWlOt4ii6LE419dD3XhMQ2OlyN3zti5wXy37oqEux23kWElwbo-fSxnumJH8Z3O7x19mbg2eHwq-XU22d4Xs1o-nBgpRaUwBYjyWg== Show response
fundingchoicesmessages.google.com/l/ 0
336 B 23ms
22ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LNzv7hfpwmM8ODSD6+uopQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-LNzv7hfpwmM8ODSD6+uopQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-LNzv7hfpwmM8ODSD6+uopQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-LNzv7hfpwmM8ODSD6+uopQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 push.428ecf7635f6b8caeabd.js Show response
www.newsobserver.com/static/yozons-lib/ 1 KB
994 B 68ms
63ms Script
application/javascript 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/push.428ecf7635f6b8caeabd.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1535190702fc4f2ed79cb287118ae068a7cfe3171aed758650b27f54500eec32

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 176
content-length: 622
last-modified: Wed, 03 Mar 2021 14:32:45 GMT
server: MI
etag: W/"58c-5bca2b969dd40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 180011862 172274700
access-control-allow-origin: *
cache-control: max-age=422675
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
259 B 4312ms
3918ms XHR
application/json 54.221.253.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.253.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: d9d998e89b1bf011b876875d1b145c3b59d426e4cf620c2ad8d728def13391f8

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:10 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newsobserver.com
Connection: keep-alive
Content-Length: 22

GET
H2 200 pdp.gif
www.newsobserver.com/static/yozons-lib/ 42 B
384 B 204ms
201ms Image
image/gif 104.83.177.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX25hb18yNzYwOTA2NDkxMTk3MzcxNjYzMjk0MzUxNzExMDExMDA3NTMyM18xNjE0OTY0NjE1NjIxIiwiZmlyc3RBZFJlcXVlc3QiOjEwMDM3LCJncHRSZXF1ZXN0ZWQiOjQ4MTUsImxvYWRFdmVudFN0YXJ0IjoxMzU5N30=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.83.177.146 Madrid, Spain, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-177-146.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 552318
content-length: 42
last-modified: Mon, 22 Feb 2021 18:04:25 GMT
server: MI
etag: "2a-5bbf0a1d21c40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 230196056 98110510
access-control-allow-origin: *
cache-control: max-age=604751
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F3CF 0
150 B 90ms
23ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.newsobserver.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.newsobserver.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 2532
date: Fri, 05 Mar 2021 17:17:06 GMT
content-length: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 23ms
22ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b57c1b852f0aa2c1e15995afe9c922cb06d42571e3f28e8007efa9465a293e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 17:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 5F57 91 KB
24 KB 143ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: WtZ3icwxi98YiBOFNTUS5D4G3QTEWO11MtJJpQQIN+oMjPmUWvrS8TDWny8nhKiTAZVGDrY/Hmf+He+kIeaCHg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 05 Mar 2021 17:17:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a-01ec.min.js Show response
b-code.liadm.com/ Frame 672C 25 KB
10 KB 65ms
34ms Script
application/javascript 2a02:26f0:7100::687e:244a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01ec.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:244a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 76d90c64c2f2c5ad98794810f443220dc3bf634594dbcc62685198185fa00bab

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:48:21 GMT
etag: "497f69493380a786e1e3a696a883e98e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=878
accept-ranges: bytes
content-length: 9831

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 103ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:17:06 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 342 KB
68 KB 211ms
69ms Script
application/javascript 65.9.187.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=VPoS70NkYCOk7Pck6gcFbSYfj8ni8X2OFRU1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/push.428ecf7635f6b8caeabd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e7fc0ebae007f326d861427c32594722b81a3a011874beb0e44e89fe2799d7e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:07:33 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 23:06:25 GMT
server: AmazonS3
age: 574
etag: W/"47099406e1206f21deb655bb196b419a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c49bda74c25f4f26cc20173eec28da1f.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: HzLz-VwDWGSoMshnFdgqxAruMc-SSY4XPZlUvw5ml5iQB_8tMfaOmA==

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ Frame 672C 6 KB
3 KB 8ms
8ms Script
application/javascript 2a02:26f0:7100::687e:244a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:244a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 09:48:23 GMT
etag: "ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-amz-meta-version: 0.2.0
content-type: application/javascript
cache-control: max-age=2295
accept-ranges: bytes
content-length: 2374

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 1D44 12 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 05 Mar 2021 15:44:13 GMT
expires: Sat, 05 Mar 2022 15:44:13 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5573
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1081709588515684 Show response
connect.facebook.net/signals/config/ Frame 5F57 241 KB
69 KB 35ms
31ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1081709588515684?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de231fa3251f47910a54811565b77240f6ef46dd99c7bd1aa616d0d4a99a30b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70989
x-fb-rlafr: 0
pragma: public
x-fb-debug: NwNzOoUb2l7jb2T6M7uon/54PXgHRJP1Xe2wfQ1QFbadys5UTYmKVZ0vaRk2OEApNVj4NwHrTRx0OCN3YA0UDg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 05 Mar 2021 17:17:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 5F57 44 B
326 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=PageView&dl=https%3A%2F%2Fwww.newsobserver.com%2F&rl=&if=true&ts=1614964626881&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614964626867.2105161342&it=1614964626722&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Mar 2021 17:17:06 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 5F57 44 B
214 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=ViewContent&dl=https%3A%2F%2Fwww.newsobserver.com%2F&rl=&if=true&ts=1614964626888&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614964626867.2105161342&it=1614964626722&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Mar 2021 17:17:06 GMT

GET
H2

200

j Show response
rp4.liadm.com/ Frame 672C
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.1&aid=a-01ec&wpn=lc-bundle&pu=https%3A%2F%2Fwww.newsobserver.com%2F&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&se=e30&dtstmp=1614964626902
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01ec&wpn=lc-bundle&pu=https%3A%2F%2Fwww.newsobserver.com%2F&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&se=e30&dtstmp=1614964626902&i6=MmEwMTo0Zjg6MTkyOjU...

13 B
568 B

350ms
115ms

XHR
application/json

3.213.73.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01ec&wpn=lc-bundle&pu=https%3A%2F%2Fwww.newsobserver.com%2F&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&se=e30&dtstmp=1614964626902&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.73.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:07 GMT
x-pixel-event-id: eeaf42ac-5816-4f3d-8c15-d7e2621fe98b
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 5421da703a48c220

Redirect headers

date: Fri, 05 Mar 2021 17:17:07 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01ec&wpn=lc-bundle&pu=https%3A%2F%2Fwww.newsobserver.com%2F&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&se=e30&dtstmp=1614964626902&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.newsobserver.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 12c432ce4470fd5a
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 07B2 42 B
71 B 53ms
47ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttAw8yvzmabkMwxGSu-HHAm5tb6bferDfThNbj2nLE-QXOlek0p73gejeCJytZOJ9jst8SaW13Sz8MFSZfkoYxxgoYZz8C4tCUwnqyVWKiJoeA6rR3BdAdFV910icj13Dn6voo1Ili60nEtCqsMncv&sai=AMfl-YQ39_6-Kv0pdQ_HKAxIEfGIb2Gr9zpUIfyIbNBzVeKGBr-64ody0GwyDDgGr7jShHlrnK_ythSuuwO7ol64oLy5lsCEfe4mIOJLct-4QpPlWSP_n-C2gdzBFDQ6b-I&sig=Cg0ArKJSzIBYOOO0YLkeEAE&cid=CAASPeRorL8gMZTg2Qh7WcLDNVFgqj_-JyxwUyGD0K7UgBk5nxF3UQwNNBpWMdXQS-JQG1O-b9IyQ71qM6hWDEY&id=ampim&o=315,117&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1024&mtos=0,0,0,1024,1024&tos=0,0,0,1024,0&tfs=929&tls=1953&g=100&h=100&tt=1953&r=v&avms=ampa&adk=1226173487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D44 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 14:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 181722
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5643
x-xss-protection: 0
expires: Thu, 03 Mar 2022 14:48:24 GMT

GET
H/1.1 200
OK Cookie set a-01ec Show response
i.liadm.com/s/c/ Frame 8050 1 KB
1 KB 465ms
125ms Document
text/html 54.221.51.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-01ec?s=&cim=&ps=true&ls=false&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.51.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

98978a3f71a533665a605bea943a1ae82a2fa92c189e4b95e4d33529bf4a7fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: i.liadm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsobserver.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: lidid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Mar 2021 17:17:09 GMT
ETag: 1.61803398874
Set-Cookie: _li_ss=MgUIBhDxDjIFCAoQ8Q4yBQh6EPAOMgYIiwEQ8Q4yBQgLEPEOMgUICxDxDjIFCHkQ8A4; Max-Age=2592000; Expires=Sun, 04 Apr 2021 17:17:09 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 640
Connection: keep-alive

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 47ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030101&jk=2749357818159462&bg=!u7iluPvNAAWsVXnBrDsAKQB2-DxaS-i04salQqgQ6-oa9lsDTwMsZAso8ICRwQB-zcRDFb934AtvAgAAAr5SAAAAGGgBBwoAxR0oJye0OmbBlo6UI0Dm2oaB5Wv-jOfzEILSv6tK94K0UZciSjbvJH9AsraWgtvFQThy-lmrhFw4wehRYIQCjAgqPjVclDkbkO8qHUz9jOQUMYwHLcvafLHHFiFLEdJ4EGu56Jw_K1VkXOdZv1taDCW8dNF8puTeHKVRoxoBUWRUyy7Rdk5JFn85JCmU2g2KWhSXtYyrqudXmcrQbaNKh_LzZt1JqY_MwauMJWpjhwzWxAfTz6DrDjN98q5n0M2gKVH0O6himQIeLgCwaQsgP2O2PDmYrC_hf5Gdm6-JTSdgFIoAOhTOXW9fmEPwHDl10U4Ta-i6CIlxVxAqgBbG3wx5MHeWkTZsIwBX-Y63a1p9a7OdASDl0MdT9vDiHuOqH3VZfTU7U-dXd76pXXSyhdxRTdArZ8M21ZW_mx040izx9idGNF2iMVpaf-WccSQYygys6c4INUlUGegc-YHyXEI4MfjTUZBh8eawrlmOEd0D7Bv-QB2YNBmfTmmCUvOWDwPg6O8ebPeYzx5A1fvalEDMfCefKVhVV_cSQPf4CO9hp3dFvUv4v6TMAyf33E50Q78-J8u5qF2OAcDuZRaLXXTyjTrSZs_Nog9idxXOqRxNqxGF-G_ZsppecigIXzXHTcPY7Y2kLvdcAPPkdGkAQWlgvd7hjs1FPzfSstYlGWR3jqt3RSsyihQWv7Sk70jrw5Iq5ba6hY_VOOg_RpmKC9u6Xx9jyg83WY_2nPzM5cIxlh6xK-y50EkrIphWJLXAN2AyTDgkfqhqjFvngqdnFZBLMppG1o6SbVtRvDJrZEHCHWKeOMtDIDsSeDoGnT-6tb-IMmvS42u1TSgm6uPjrDwzjUim8ClQ-dsIdYsKXoj9FvFKCLXOeEBV1frJtVrxtptcuPibUr5DWORsxHxYQMziGETN4yEeW39byg0GPBTITKSkdpfhdYtHM_elP-PWvWfD28p1Gr2Kb5_e02lL4uNSRSPzVvc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 175ms
175ms Image
image/gif 54.183.247.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=13450&ntv_r2=13450&ntv_r3=13669&ntv_r4=14206&ntv_pl=744326&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.247.206 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:08 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 5F57 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=Microdata&dl=https%3A%2F%2Fwww.newsobserver.com%2F&rl=&if=true&ts=1614964628402&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Facebook%20Pixel%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1614964626867.2105161342&it=1614964626722&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:17:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Mar 2021 17:17:08 GMT

GET
H/1.1

200
OK

a724c9b5483d46b2997cc9035f53922f
i.liadm.com/s/e/a-01ec/0/ Frame 8050
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01ec%2F0%2Fa724c9b5483d46b2997cc9035f53922f%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&4e6c09c1-c75f-4d9b-a4cf-bd7...
https://i.liadm.com/s/e/a-01ec/0/a724c9b5483d46b2997cc9035f53922f?mpid=7156&muid=1fd66042-6795-4a00-9421-adcfab76e893

43 B
257 B

117ms
112ms

Image
image/gif

54.221.51.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-01ec/0/a724c9b5483d46b2997cc9035f53922f?mpid=7156&muid=1fd66042-6795-4a00-9421-adcfab76e893

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ec?s=&cim=&ps=true&ls=false&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.51.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:09 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Fri, 05 Mar 2021 17:17:09 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/a-01ec/0/a724c9b5483d46b2997cc9035f53922f?mpid=7156&muid=1fd66042-6795-4a00-9421-adcfab76e893
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Mar 2021 17:17:08 GMT

GET
H/1.1

200
OK

35759
i6.liadm.com/s/ Frame 8050
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=97d7792c-bf98-4a4d-b06d-e50e14c0bf89
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=97d7792c-bf98-4a4d-b06d-e50e14c0bf89&_li_chk=true&previous_uuid=915e4df7b174488b81a298ffdab433cb
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=97d7792c-bf98-4a4d-b06d-e50e14c0bf89

43 B
419 B

594ms
99ms

Image
image/gif

2600:1f18:444a:4680:252d:a0d8:b19f:2c13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=97d7792c-bf98-4a4d-b06d-e50e14c0bf89

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:444a:4680:252d:a0d8:b19f:2c13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:10 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=97d7792c-bf98-4a4d-b06d-e50e14c0bf89
Date: Fri, 05 Mar 2021 17:17:09 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

a724c9b5483d46b2997cc9035f53922f
i.liadm.com/s/e/a-01ec/0/ Frame 8050
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01ec%2F0%2Fa724c9b5483d46b2997cc9035f53922f%3Fmpid%3D82775%26muid%3D%2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01ec%2F0%2Fa724c9b5483d46b2997cc9035f53922f%3Fmp...
https://i.liadm.com/s/e/a-01ec/0/a724c9b5483d46b2997cc9035f53922f?mpid=82775&muid=54709376488209288080362366750458304918

43 B
257 B

237ms
110ms

Image
image/gif

54.221.51.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-01ec/0/a724c9b5483d46b2997cc9035f53922f?mpid=82775&muid=54709376488209288080362366750458304918

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.51.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:09 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: RElVcjHzT9s=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-01ec/0/a724c9b5483d46b2997cc9035f53922f?mpid=82775&muid=54709376488209288080362366750458304918
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 8050
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&rd=Y

43 B
604 B

228ms
223ms

Image
image/gif

23.79.152.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&rd=Y

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-152-128.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:09 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 05 Mar 2021 17:17:09 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&rd=Y
pragma: no-cache
date: Fri, 05 Mar 2021 17:17:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 05 Mar 2021 17:17:09 GMT

GET
H/1.1

200
OK

52176
i.liadm.com/s/ Frame 8050
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae&_li_chk=true&previous_uuid=5bef0957dd8048cf93898d5dcddee429

43 B
419 B

154ms
137ms

Image
image/gif

54.221.51.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae&_li_chk=true&previous_uuid=5bef0957dd8048cf93898d5dcddee429

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.51.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:09 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: /s/52176?bidder_id=5298&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae&_li_chk=true&previous_uuid=5bef0957dd8048cf93898d5dcddee429
Date: Fri, 05 Mar 2021 17:17:09 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

52164
i.liadm.com/s/ Frame 8050
Redirect Chain

https://x.bidswitch.net/sync?ssp=liveintent&user_id=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=4e6c09c1-c75f-4d9b-a4cf-bd7beccb9ea5
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_user_id=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_user_id=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=dadb7bc7-943b-4f7c-9f63-94e3a69ca8cc&ssp=liveintent
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae

43 B
419 B

158ms
138ms

Image
image/gif

54.221.51.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.51.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:09 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

location: //i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a73e93e6-f0f2-4702-8dd0-c1c7189f1eae
date: Fri, 05 Mar 2021 17:17:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 8050 43 B
240 B 183ms
102ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ec?s=&cim=&ps=true&ls=false&duid=287830b26e9e--01f01p95c4p81dg64x3tttenet&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 62
pragma: no-cache
date: Fri, 05 Mar 2021 17:17:09 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614964629.424693,VS0,VE62
x-served-by: cache-fra19155-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 210ms
115ms Image
image/gif 54.164.147.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_privb=n%2Fa&tid=3f448fab-c87a-4458-94a9-7bc82b52900c&pid=6411624e-5884-4d27-a3b9-73cf45f52540&dtm=1614964629807&qnm=_matherq&vp=1600x1200&ds=1600x7370&tofa=1614964630&vid=1&duid=e423cb1ec299b1bd&fp=99543720&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.newsobserver.com%2F&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxNDk2NDYxMjc2NyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNC41bWIiLCJoZWFwVCI6IjI5LjRtYiIsImZldGNoUyI6IjI4IiwiZG9tYWluUyI6IjM0IiwiZG9tYWluRSI6IjQyIiwiY29ublMiOiI0MiIsImNvbm5FIjoiMTY3Iiwic3NsUyI6IjU5IiwicmVxdVMiOiIxNjciLCJyZXNwUyI6IjEwNTEiLCJyZXNwRSI6IjExMTEiLCJkb21Mb2FkIjoiMTA4MCIsImRvbUludGVyIjoiMzkzNSIsImRvbUxvYWRTIjoiNDE5MiIsImRvbUxvYWRFIjoiNDIzNyIsImRvbUNtcGx0IjoiMTM1OTciLCJsb2FkUyI6IjEzNTk3IiwibG9hZEUiOiIxMzY0NSJ9fQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.147.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:17:09 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 108ms
108ms Image
image/gif 34.192.62.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsobserver.com&p=%2F&u=BlGxEQCVqKEpCw3VSc&d=newsobserver.com&g=62447&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=7370&o=1600&w=1200&j=30&R=1&W=0&I=0&E=6&e=5&r=&b=5821&t=BHSX7LBCHBZ2j3NAipD6R1BONwd-&V=122&tz=-60&_acct=anon&sn=3&sv=DOijvoZuEOGDMV7LQB6DLmqjqGpn&sd=1&im=062b2f3e&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.62.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:17:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

484 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/recaptcha	1970-01-19 20:55:16	Name: _GRECAPTCHA Value: 09AEBTA81McMZ3dVn2kN6pRBLjVxeSIS0MZG5P19AMBeedsxvTUhJc2plxT0m1F0O9msHjJak_vRMgBGrh7fTNVW8
			.newsobserver.com/	1970-01-20 01:57:40	Name: FCCDCF Value: [["AKsRol-F_3Gt2mP_CbQGEmVkmbFceq-bdtlKAITILGL3o0xae--rbspVnE3a1c-MNHJHfaTLHe8EVDJg47KF200cDviAVGAhl5lFNBXdM626yg5gSYigUk3YBEXqMe8NBMoDx4EY2cYQMR3ejpnHi7glM1w4lt9PUA=="],null,["[[],[],[],[],null,null,true]",1614964626338]]

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 240) Message: mistats_subdata ready
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1641) Message: mistats bx_waiting
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11340) Message: JQMIGRATE: Migrate is installed with logging active, version 3.1.0
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1641) Message: mistats bx_waiting
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 129) Message: mistats_gpscore: 15
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1641) Message: mistats bx_waiting
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1646) Message: mistats bx_init
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_target ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_propensity ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_cta_widget ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_subdata ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1822) Message: mistats request queued
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: JQMIGRATE: 'ready' event is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: JQMIGRATE: jQuery.fn.resize() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: JQMIGRATE: jQuery.fn.mouseleave() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: JQMIGRATE: jQuery.fn.hover() is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355) Message: console.trace
console-api	log	URL: https://ovp.iris.tv/libs/context/iris-context.min.js(Line 1) Message: [Iris Context API] v1.0.5
console-api	log	URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js(Line 190) Message: mistats request sent
console-api	log	(Line 71) Message: recaptcha rendering: window.grecaptcha.render is not a function
console-api	debug	URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js(Line 2) Message: [customSSP] Registering custom bidder [object Object]
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1721) Message: mistats cb_loaded
console-api	log	URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js(Line 137) Message: mistats request postback present
console-api	log	URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js(Line 138) Message: mistats request succeeded
console-api	error	URL: https://tags.crwdcntrl.net/lt/c/7447/lt.min.js(Line 1) Message: LT.JS: Client 7447 cannot run lt.min.js because it has no domains whitelisted.
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1666) Message: mistats_bx_inactive
console-api	debug	URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js(Line 2) Message: [Zeus] CCPA string set to 1---
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js(Line 5) Message: getIrisContext - Response acting
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js(Line 5) Message: getIrisContext - Response acting
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js(Line 5) Message: getIrisContext - Response acting
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1) Message: [IRIS.TV][Info]: * Iris Adaptive Plugin version 2.0.16 *
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1) Message: [IRIS.TV][Info]: * Iris Adaptive Plugin version 2.0.16 *
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1) Message: [IRIS.TV][Info]: * Iris Adaptive Plugin version 2.0.16 *
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1070) Message: mistats_as send
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://www.newsobserver.com/
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	(Line 3) Message: Skipping WebGL fingerprinting because it is not supported in this browser

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a597164d6b9dc750211bc8129578d3ab.safeframe.googlesyndication.com
ad.crwdcntrl.net
ads.pubmatic.com
adservice.google.com
analytics-check.publishersite.xyz
api.ipify.org
api.rlcdn.com
as-sec.casalemedia.com
assets.bounceexchange.com
ats.rlcdn.com
aud.pubmatic.com
b-code.liadm.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.cookielaw.org
cdn.p-n.io
cdn.parsely.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
connect.scroll.com
context.iris.tv
contributor.google.com
d15kdpgjg3unno.cloudfront.net
d5p.de17a.com
data.cdnbasket.net
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dyv1bugovvq1g.cloudfront.net
e.cdnwidget.com
edge.api.brightcove.com
edge.quantserve.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.rlcdn.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ids.cdnwidget.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
lasteventf-tm.everesttech.net
manifest.prod.boltdns.net
match.adsrvr.org
mboxedge37.tt.omtrdc.net
mcclatchy-d.openx.net
mcclatchy-newsobserver.zeustechnology.com
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
mcclatchy.tt.omtrdc.net
media.mcclatchy.com
media2.newsobserver.com
mwzeom.zeotap.com
ovp.iris.tv
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
protected-by.clarium.io
pubads.g.doubleclick.net
rp.liadm.com
rp4.liadm.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ntv.io
s0.2mdn.net
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sqs.us-east-1.amazonaws.com
static.chartbeat.com
static.criteo.net
static.scroll.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
tag.wknd.ai
tags.crwdcntrl.net
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
view.cdnbasket.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.heraldsun.com
www.i.matheranalytics.com
www.newsobserver.com
x.bidswitch.net
x.dlx.addthis.com
104.83.177.146
107.178.250.234
13.32.24.86
13.32.25.48
130.211.47.17
130.211.7.115
142.250.186.34
142.250.186.66
151.101.113.194
151.101.114.49
151.101.13.44
151.101.14.217
151.101.14.49
159.253.128.188
178.250.0.163
178.250.0.165
18.185.46.229
18.195.94.99
184.30.20.198
184.30.20.241
184.30.21.59
185.29.132.68
185.33.220.145
185.64.189.112
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
185.94.180.125
213.155.156.167
23.37.38.181
23.37.53.17
23.79.152.128
2600:1f18:444a:4680:252d:a0d8:b19f:2c13
2600:1f18:730:b120:1f6b:b8df:cda6:ffc4
2600:9000:20d7:400:6:44e3:f8c0:93a1
2600:9000:20d7:7c00:18:1fcd:34e:d2a1
2600:9000:20d7:b000:15:d134:4e40:93a1
2600:9000:20eb:be00:5:82fd:2500:21
2600:9000:21f3:3a00:11:b309:9100:21
2606:4700:10::6814:b944
2606:4700:10::6816:1957
2606:4700::6810:9540
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2004
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2006
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2013
2a00:1450:4001:80f::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:400c:c0c::9c
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:7100::687e:244a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::539
3.126.56.137
3.213.73.156
34.107.221.36
34.120.133.55
34.120.253.250
34.192.62.151
34.249.70.28
34.98.64.218
34.98.72.95
35.157.13.31
35.181.18.61
35.186.239.74
35.201.100.179
35.201.89.125
35.201.96.126
35.244.220.155
37.157.3.29
52.205.167.202
52.212.164.82
52.46.131.203
52.48.248.240
52.50.19.208
52.51.22.62
54.164.147.252
54.171.42.33
54.183.247.206
54.221.253.252
54.221.51.83
54.77.118.208
65.9.187.67
65.9.187.76
65.9.187.8
65.9.189.204
65.9.189.60
65.9.24.128
65.9.58.60
69.173.144.140
69.173.144.165
77.243.60.138
01522e70e4807e89bf3303d4f2e01fb141b4ce91dba4023d23794e255028ed9e
024305e03f823cbd7d9030efe7ab6519e497a9284a7e56311b1945c67b4e8a67
02ddd405d4a4539b1b58962d9290667cabf81c941b888beb2f484c662cadb460
0464b6125d6f9f3dc1dbe6ef7f1203ea4d60d28141fd98fef1e15004f265ec2e
04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1
05484a111af3419aa48bfcab404b892cfa1089aff16eb7332ac46e20026d5ddb
064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0827a540ffd8faac9bc0bcdcb724fdb6e0a4fb3d073d46ff9a93ea105e1613ba
0a0790bb667ca01b359475d64c4c43b91db616d837f4d57573e339b7274cf9c2
0a8fcb1d48ebeba1a1d89d0fd53c64f5ae022dbbfea93635ce3408bf94307352
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca495159a890afbb9acbbe7063d77600daacb65d03d29cddd31779d86e00f67
0d15e43025f0d2bdac730cc4a900841bee67a394ed76d59426aa8923a39cadd6
0d6aa0d1df9cfdddb4ba1c2e84627fbae84624b959ac448e02057a26df5c89ad
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1270a862b7759b86d679ce76254e22bcd758959c10543bd38d451a9ef6c38004
1535190702fc4f2ed79cb287118ae068a7cfe3171aed758650b27f54500eec32
1745e853c656440ee792667b3962cf794f31971fb9c2b66779561e67445ee3a3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18f9e6b96e326a7aa705c687fc8893c6b2df53acce477aefe2d0239d7b82fcb5
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
20cc34e7ec4ffd60def4ed5b284340bd2ea94606f8c22d8f0e0759dc48afaec8
238c04813fbba34a775c6a2dbf3626154f51a3e85a0bffc93798c987476f6842
24b759db03c41f27f7d10864f2d8a6126aa7b11625fcd44c6fc6f33e750bec40
2729036231304c874f71f2d88498dd09e20fb08e7ce27312078c7420f7de3612
28624340a60b7488e2bf28f112ec8d00dcef5b16c6be7a732e77c995c4e2748b
28c63584eb4027625b9506290596df5504421ad97552510c6057e8485e171441
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
29f8ffcb8425f5666a3c55fd5fee45f9404d6a384ccebffe4a34989aab3cdcbd
2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2f0b2d260bd467a65a5d3b32ef2460fd0598bca56bddcea33a7431f1c645b01c
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
2fadd9d3bd97439af1e5f2bce0c0215cd0cde410dbad50f9248712fd314dc4be
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
318fd391dc5361f08bff2ae57af7e4eb1261f436d8a44b1ef0e0553cf3298297
3285360e94d93321fab367945b4fd42aae7034f3db4cc9a4de1910ced01e82d2
33cfa9935e8b0eaee675b85c9648ca5cab9e371e890dc5bca482dbe32dd2ec16
33fd701129b974fc9b1585525b99f3fb169b86b8cc5415aedc29125aa851cad1
3476c08cec250146dcdfd0cfbab2e721a7ca1fd5ba590e9075658a79b3b99524
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
374de122d2dd1e22eefafdf5a16cd7a974559065bc4fad9bb24c83f1a044205e
380ce1e1810ee511b59a76f4f8bba4a432ffc9dd86ce06c2abd112857450e1d7
38424d927f5b47ff43a6912dc25bfb52c75567c16a2d0851a7470caed66a637f
388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044
3969530ee4db349ab34b744988cada7c45712c546bf74a39870b27b6334b4984
3aaff2c9e6db25bd0a28edbe850cd8168e6b30fb771f6de229d950f8b499a2ad
3c4bf00b10b58d22ffe90284d39b48dd25bb6ad296f79bd8b27c16584abfac1c
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
420972042521b177c4c8e7b2f1122a17976a3e354dad9b946a1f5e99846152bc
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
48fe692ef18a6935b89833a7242c6ad22d50aeec1647cce98fe73468e71e171a
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b436d5481659036d00bd7d822ac71fbd8665f990e233b90f008402b1e9617f5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c68b33fa7b31e5829c075d2bf524c7982d12b8364970aece613fdb4e1915998
4c8ea0bc1205703f2518cf183638c2718c5a0ad75f78aa196c5661d11fd28661
4d9cf4c7e12bbf4be47dc31e328a51e4c71ab4f8fdcedce75a9cccc0c18734f9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec930cc4c9a31087b58f4e8c9099b85198a14da06c95a5c87bc463f1d8fe3a7
5149e68ec22e4f9a5e8b97ba750eb650eb7024c3881211654ca3f35a77756fca
53dfec9f02a1b7cf64bb214a0bec4eac854435eba64e70176bac6fa44b10e18e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5575eca2e0efd5124d75ee84804dbc6828de11b01de335cc2d10b421acef8030
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5797134c2668436a980cb68cc341c5fe99372fd18f7df46d555fb7359a93dfaf
582a7c610f3fffe0455704b14c6f4b8a157ecdf0ae71911d8a6be481f87d52bf
584ed8f9afbb200b9a51020f8641784b82b454c995e2c140e7347c3206dc1d3e
586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454
5cb4514e117d67aa8609b1e40d3d465f8344810761949a3807a442cf26b5cced
5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fd8bc8f1abe2eca0f650c16cd0f04bea980adbc2f228e4bc7bb6357923a9c36
618f1db2bc2543ac179ce61cfe3a106018f11993e61e8a0da1d9f8e3a5fa9be4
61ca98b7cf1605903efe0b6d46e33e2a30fad4df3a99b637134a92f78fd986c6
64f90b1a90f1874b954bba2d4437b01540ce7d5832960ccdb880ba81ce6b206c
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
676e6c945045c0cd42e1cf8c9036e4d0206f223d9988585e6968d8f74c3c76d3
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6bd9eb4b281413efc78a042369f67bec93ba3d123f1b3bded7b62585e859a1ef
6d4bfbe269cd1b37fe0eaf917d24f51b7e301f463bc7e308b1325c98f921364e
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
6dccae2152e9894d5c6b806825afa1148a18f8a53b316149dbb0e876fb0b7ae0
6f7294eca5274eaeba773cb8c4f365d19ff1d15c1a50a56a9f1a08b780411708
71e60c209c711e26a25b0f9c939057a1e8952eaa2fb4e1fdc4b7de405f010842
72cb41e799a37d8d986d7178ccc8938bcfd126236ae3d44220eee61d35980c70
73c741a6273524a35f7e1d086bb7913ccf587fb0d495c131a782683b4f6fc1bc
74471d2c1b4f67e7d2d598b4941cc968ee248bf36c10921c25e5bcea805af6e8
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76d90c64c2f2c5ad98794810f443220dc3bf634594dbcc62685198185fa00bab
76e3cdff5fef73c7c101c6fe81a797eeaa4fbe1d53f1aaded55f842435adba43
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
777670ade19473c327eeefa99cf8b01f5a043ae77326c9c8493b2845075dca0b
7922642e4e612b07fbff97ee74353807c51643533b13c1acd1aea43e08e0e223
7be93782718b63bdf0478467dbae39879064f603eb44d42a90a6c6fee1ee81a3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d5150cb5b2d0d699d3d5233541ec06379a8f974dbc72a09d77f69bc376cfbdf
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81fbbe9007cb49e72d3c4b7ac2dab7b1c38e4a2cdf9a495146a3437c32262ce0
823d016f95e407edf4a7897062cd8177c1aa10bc820c6ec984f1ba5769a27b83
82a074c62a609a3ada316e1f97ab72d89b9f050bf05dcb145cc340734053c122
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851b081bf8d06d4d71b7085b7f6760a4bcac9fe03d87ee5ba883da3ba0edfe49
85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
899090d9abbe42bf8e5503ac6f145a4cf9346250a3171a3bca8f6ad20f27e6d9
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a111e85ad9579a84f785ef0aa885b97d76e5027d11004d1410aa23009369621
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79
8e79e41b43dfffe5d1cc409d0ab4269d92c26a2e8a947a455cb384d93aea55df
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
911b9774a63edd66707fc39d1f35fcfd939f7960a3e4c6258d4df2ae0d6249d1
9123dd764cdf6640af32405dd1e50798fd994ae1b6243da5ea1ce7546d4d5ade
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01
9388834b2060f3330e690a4fbf79f657ebd2c9f476f51e2ca4fc28574abd8fbf
9710dab6bb3447842cba847209148bd89fb928f55865b045105fa3aefa4fb51f
9798c0e27c01d0f78af913138fd86cccf8d4546123594e6bdbf3bc78b1ea77de
981060307e32f940e64e08f7afb4a3b681dfac27ab79a48afb75153bdec126b3
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
98978a3f71a533665a605bea943a1ae82a2fa92c189e4b95e4d33529bf4a7fac
98fa602b458ac2bdb7135d6a1c933541559d7e216b318e1f4a5d73b512154220
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c367b58a51d516df8732a7145826b90d0f3b6742e9ade0fa26629ae48ebdda7
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9e7fc0ebae007f326d861427c32594722b81a3a011874beb0e44e89fe2799d7e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1bc519de7aeb90c4d8dc7c8dfe2e3d4db4c2447844bc3d57a62eccefcee6987
a23425925f24f35a94cde3e8e7664fd092258cfda4f60c0e3ea14d0fbbb93c38
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a9cddb40a2981519d0dafa3dd4d10582726b5b2be473b2e23fc64c0b6db9ef
a8b79b3cc84d582960e0a22ed704b9a231748e52192fcfddd0dbeab3aea6a1f8
a8c0554545df5557bfbae4b60e272d4c68b10876874942ae276e8a3f927f5dd0
aa7730482088a675ea182e998a71dfd53cedff1a8c64ae6db88b6e16192a91dd
aa7b5487965f8ad73deb95b8c75fccf0aa9e42515da23be90cd1f3f91715e6ad
aabea5b5dee65527277dcb7f9d3a3ec8521e65967c1790638dedea948057140b
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4295b2e507dea2d3f97a27f2ddb84bcea537a0bbf787698c50f6db60efa69e
af452cef243478d5e61fc2723f6785c5e7548e4fcd92c7876fcbb27430e5c56d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ab0c9d469f5fc9747b8f7433e38ebcc71a9bde85103b9ed30606d37bdbc112
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd
b57c1b852f0aa2c1e15995afe9c922cb06d42571e3f28e8007efa9465a293e85
b6ed1c93753ced57f042c218d7ffcbf0bf9ca3c9eabdb428e84001f3f97d95a4
b9ff52733a78204eaa29c541b1e01a35c748fcdd3ccfe66aa06761108e42aaf1
ba8bbfe110629e3df60cffbcd75d2ea7627f5f6e13ef3ba0354221cab7b8e097
bac4311228bd8c579fc1da1d8a18e4b12192770ccaa365d458bdc981b5a27c51
bcbcbbbc0773dc73991523d73f6d9952fffc55d38a87c1be9b2d6efdb115effe
bf8bbcd1dc40de1e1affff17c431cfc965679e0e3694569d0e8e32e01c707c66
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34
c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4
c240c840757662c0766715cc2cd14506fcb63a44e6890bcafff615a1a657d0b9
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c70d9a7220ad4e4bba58149d2a1500b4f5d980931c8b7336f44cdb4370ef29c5
c70f901c35e0cf427c1f847e4fc2296784c0abe5ae06e7b5d89bfb9d5981aff0
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5e946c1508e9a17e9fa87a2e65eb15ee2f72721d207d64c11ce5d702738378
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d4b4384bb2207ab3d40f433ad82a808cfbba943114432667cf3d2b3b65c62ee4
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
d9d998e89b1bf011b876875d1b145c3b59d426e4cf620c2ad8d728def13391f8
d9fc07cf576192a26b36d6c48ec9a561be826ee1bc56f62c8a996d35d1f74812
db5f0bd337ca6226ee6fc069261b1bfcfa042db410f3d4a385ccf63c2183dc65
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
de231fa3251f47910a54811565b77240f6ef46dd99c7bd1aa616d0d4a99a30b9
df20dfd1a82a2252bbc59cccf5d8060b12cf93498ead8b6194599cd6d8fea9fa
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e167572da8f55dc69519e18852e32d5b8a43110ac2a1ea34a1babdfbe691219b
e16defd62d2e44c7c30450d2a6e40d1a4265415c9622c7e7879402fcd758465c
e200ca6843c81edcce6539ff743845c1d247bc07fbb1ca9d9c1b10627469dc8a
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e340562229e59781fbae588213f4c581b33050aab14b230d947ff13310d4b52f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f6c4674a486632f958206eabaa5e6296a8f600860105c37aacf508239326f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d0a3cbc34dfc18b9f17e13ebf19039923cc80c60dae9f5a6bbe17b14371b82
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e9833938fc956b6d8db49dc9f2abc18a7ab0fa2a87d407e545eb0c813e585af8
ebedb1d98c3b561fc7cd582116c6fb322f3ddeaf4237d93e931929a97c105a3a
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
ed0bf597b66e41afc3a6e661d0635227605da4099f82f75f4b92c73c1bc6ecc7
ee3a43f964c31dd0bd4d6e20c705987ec6e12af6585830573ce5061b8d5233bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0
f6f4b4586d702093c9cc07e981206978d58633f46da7c721f46513d4dcc71b11
fa307e6d45a6be500a0af862d7a1b858a887685c6da9f557ec2b8bb6e678902b
fca1945c76a87b1c5cb7183af8d84962aa74fc5f63c858df92b4641b44ca9d7e
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c
fedcc61597e7959d4fe9a00573d0b1464c9b53b5a174203d3f9f15ecdedfdc08

www.newsobserver.com Open in urlscan Pro 104.83.177.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

303 Requests

99 %HTTPS

33 %IPv6

72 Domains

118 Subdomains

100 IPs

10 Countries

5739 kBTransfer

13816 kBSize

2 Cookies

46 Outgoing links

Redirected requests

303 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newsobserver.com Open in urlscan Pro
104.83.177.146 Public Scan

Screenshot
Live screenshot

Full Image

303
Requests

99 %
HTTPS

33 %
IPv6

72
Domains

118
Subdomains

100
IPs

10
Countries

5739 kB
Transfer

13816 kB
Size

2
Cookies

303 HTTP transactions
4 data transactions