observer.com Open in urlscan Pro
192.0.66.160  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

• https://sb.scorecardresearch.com/cs/37161820/beacon.js HTTP 302
• https://sb.scorecardresearch.com/internal-cs/default/beacon.js

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response observer.com/	294 KB 39 KB	34ms 6ms	Document text/html	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / WordPress VIP <https://wpvip.com> Resource Hash 71c3d01c94ecefa40e4d69e8f9bc34155c14cf1f082d1a8ae8c053c3db027ac4 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 929 cache-control max-age=300, must-revalidate content-encoding br content-length 39486 content-type text/html; charset=UTF-8 date Fri, 22 Mar 2024 12:53:54 GMT host-header a9130478a60e5f9135f765b23f26593b link <https://observer.com/wp-json/>; rel="https://api.w.org/" <https://observer.com/wp-json/wp/v2/pages/1329211>; rel="alternate"; type="application/json" <http://nyob.co/N5PKir>; rel=shortlink server nginx strict-transport-security max-age=31536000;includeSubdomains;preload vary Accept-Encoding x-cache hit x-frame-options SAMEORIGIN x-hacker If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header. x-powered-by WordPress VIP <https://wpvip.com> x-rq hhn2 96 185 443
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	39ms 18ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9d5e418b5750653e02058cfa67d6b8f6311359cb276229f2d7307ffa05b3f840 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 22 Mar 2024 12:53:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 22 Mar 2024 12:53:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 22 Mar 2024 12:53:54 GMT
GET H2	200	flexslider-icon.woff2 observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/	748 B 1 KB	9ms 8ms	Font application/font-woff2	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/flexslider-icon.woff2 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 6eb7a18174bf6a3ba003999e45eecbb81059c52b2c7b2da91b85e944e948c6e6 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers Referer https://observer.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 185 443 last-modified Thu, 08 Dec 2022 11:26:07 GMT server nginx etag "6391c9cf-2ec" x-cache HIT content-type application/font-woff2 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control max-age=31536000 accept-ranges bytes content-length 748
GET H2	200	jquery.min.js Show response observer.com/wp-includes/js/jquery/	86 KB 31 KB	9ms 8ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 05 Mar 2024 22:47:01 GMT server nginx x-rq hhn2 96 184 443 etag W/"65e7a0e5-15601" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	main.min.css observer.com/wp-content/themes/newyorkobserver-2014/dist/css/	75 KB 14 KB	8ms 8ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 08137d731439f76c8cd0193d46327d52c4502db4021386720da4be5137edcb54 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Fri, 26 Jan 2024 19:00:59 GMT server nginx x-rq hhn2 96 185 443 etag W/"65b4016b-12dc3" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	style.css observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/	48 KB 8 KB	8ms 8ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/style.css?ver=1.9.10-1710256683 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash bc1718bf9b04dc8fcdf7c1ef4ed00516bbce6de5f8ee489669fc83e9d7c726ac Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 12 Mar 2024 15:18:03 GMT server nginx x-rq hhn2 96 184 443 etag W/"65f0722b-c061" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	amp-google-tag-manager-public.js Show response observer.com/wp-content/plugins/amp-google-tag-manager/public/js/	838 B 700 B	12ms 7ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/amp-google-tag-manager/public/js/amp-google-tag-manager-public.js?ver=1.0.0 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:06 GMT server nginx x-rq hhn2 96 185 443 etag W/"6391c9ce-346" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	widget.subscribe.js Show response observer.com/wp-content/plugins/sailthru-widget/js/	2 KB 950 B	13ms 7ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/sailthru-widget/js/widget.subscribe.js?ver=6.4.3 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 29 Aug 2023 13:59:22 GMT server nginx x-rq hhn2 96 185 443 etag W/"64edf9ba-622" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	htlbid.js Show response htlbid.com/v3/observer.com/	572 KB 136 KB	460ms 405ms	Script application/javascript	13.32.27.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-39.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b70d124cff0069777c0c5a1ea80ec8c9ce4298d294b288ff51a6fd02008fd3bb Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:55 GMT content-encoding br via 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront) last-modified Thu, 07 Mar 2024 19:39:41 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 x-amz-server-side-encryption AES256 etag W/"2559ec18088e329d098a1bc400415bca" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=600 x-amz-cf-id bxVv3Be8ReC05Y8-YusEsZcyX-4NJpzMfaTv_t3VA6OuSyGgxxCMOg==
GET H2	200	default.min.css observer.com/wp-content/themes/newyorkobserver-2014/dist/css/	66 KB 11 KB	21ms 17ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/default.min.css?ver=1.9.10 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 2cbc6c13af45bc311311531d579cd7e529376564ba3eef9af1f50e02f0998db0 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 09 Feb 2023 14:34:39 GMT server nginx x-rq hhn2 96 184 443 etag W/"63e5047f-1097b" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	print.min.css observer.com/wp-content/themes/newyorkobserver-2014/dist/css/	143 B 376 B	22ms 18ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/print.min.css?ver=1.9.10 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c0eb09d747f4cb0d61057afe50609d7419873b0bdbc56f6965f3098a1cf6d975 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 184 443 last-modified Thu, 08 Dec 2022 11:26:07 GMT server nginx etag "6391c9cf-8f" x-cache HIT content-type text/css cache-control max-age=31536000 accept-ranges bytes content-length 143
GET H2	200	style.min.css observer.com/wp-includes/css/dist/block-library/	108 KB 15 KB	22ms 18ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 05 Mar 2024 22:47:00 GMT server nginx x-rq hhn2 96 184 443 etag W/"65e7a0e4-1ae43" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	mediaelementplayer-legacy.min.css observer.com/wp-includes/js/mediaelement/	11 KB 3 KB	22ms 18ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 05 Mar 2024 22:47:01 GMT server nginx x-rq hhn2 96 185 443 etag W/"65e7a0e5-2bf8" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	wp-mediaelement.min.css observer.com/wp-includes/js/mediaelement/	4 KB 1 KB	22ms 19ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 05 Mar 2024 22:47:01 GMT server nginx x-rq hhn2 96 184 443 etag W/"65e7a0e5-105a" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	media-credit.min.css observer.com/wp-content/plugins/media-credit/public/css/	589 B 520 B	22ms 19ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/media-credit/public/css/media-credit.min.css?ver=4.3.0 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a7b23f357530667a4d5d574a7b9141f0858db9f3dc49ad1e676bd850b8093c22 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:06 GMT server nginx x-rq hhn2 96 184 443 etag W/"6391c9ce-24d" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	lasso-live.css observer.com/wp-content/plugins/lasso/admin/assets/css/	26 KB 4 KB	22ms 19ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/lasso/admin/assets/css/lasso-live.css?v=1670498766&ver=253 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 36e24dc06e51fdd9b13497039bf3c286b61476669c715a274b9a6703b4000a2b Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:06 GMT server nginx x-rq hhn2 96 185 443 etag W/"6391c9ce-698a" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	amp-google-tag-manager-public.css observer.com/wp-content/plugins/amp-google-tag-manager/public/css/	98 B 330 B	23ms 20ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/amp-google-tag-manager/public/css/amp-google-tag-manager-public.css?ver=1.0.0 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 185 443 last-modified Thu, 08 Dec 2022 11:26:06 GMT server nginx etag "6391c9ce-62" x-cache HIT content-type text/css cache-control max-age=31536000 accept-ranges bytes content-length 98
GET H2	200	widget.subscribe.css observer.com/wp-content/plugins/sailthru-widget/css/	2 KB 973 B	23ms 20ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/sailthru-widget/css/widget.subscribe.css?ver=6.4.3 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 29 Aug 2023 13:59:22 GMT server nginx x-rq hhn2 96 185 443 etag W/"64edf9ba-9a1" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	jetpack.css observer.com/wp-content/mu-plugins/jetpack-13.2/css/	105 KB 20 KB	23ms 20ms	Stylesheet text/css	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/mu-plugins/jetpack-13.2/css/jetpack.css?ver=13.2.1 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash d12394014afcdb75f7a413f63e39deea025e753b30f52e60b82bc0b9ad59f020 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Wed, 20 Mar 2024 16:04:51 GMT server nginx x-rq hhn2 96 184 443 etag W/"65fb0923-1a34b" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31536000
GET H2	200	js Show response www.googletagmanager.com/gtag/	290 KB 97 KB	72ms 29ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 829f518da4d1336f4253d850bab5c2111a6d545bf68ae180fd3ffce39649e640 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 98427 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 22 Mar 2024 12:53:54 GMT
GET H2	200	Illinoise_Chicago_06.jpg observer.com/wp-content/uploads/sites/2/2024/03/	62 KB 62 KB	6ms 6ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/Illinoise_Chicago_06.jpg?quality=80&w=635 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c95c3cdffcf73b15c4736cc975d3710a4c9485a3c7034d0cd9f529cf27a677d6 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 196 443 last-modified Wed, 20 Mar 2024 20:11:52 GMT server nginx etag "8ffcc6bd34f8b138" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 63458
GET H2	200	Neighborhood-3.jpeg observer.com/wp-content/uploads/sites/2/2024/03/	13 KB 13 KB	7ms 7ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/Neighborhood-3.jpeg?quality=80&w=300 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 1be17c8626349a2cef8f6d3789bf4c0189ce846014264a74ae50c70ec4439118 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 88 443 last-modified Wed, 20 Mar 2024 20:11:53 GMT server nginx etag "c1a25bd15e13c38b" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 13368
GET H2	200	01-director-e1710951753685.jpg observer.com/wp-content/uploads/sites/2/2024/03/	5 KB 5 KB	6ms 6ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/01-director-e1710951753685.jpg?quality=80&w=300 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash d77fe7246804bf5258d44adbd31a3bab64e23311abc58b16ff2e3344cacf4a40 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 27 443 last-modified Wed, 20 Mar 2024 20:11:52 GMT server nginx etag "b31798bde5539558" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 4994
GET H2	200	spm.v1.min.js Show response ak.sail-horizon.com/spm/	103 KB 34 KB	62ms 8ms	Script application/javascript	18.66.112.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.84 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-84.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:47:37 GMT content-encoding gzip via 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront) last-modified Tue, 20 Feb 2024 06:45:39 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 378 x-amz-server-side-encryption AES256 etag W/"6a90e37d3f128291a2aab5a6b31ac0a6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=600; must-revalidate x-amz-cf-id tlMHFEa6WD13oEnhB5Ma0qj5SPuTx7op8nrQiRLSlhn3mEk1r_Hdcg==
GET H2	200	sailthru.js Show response observer.com/wp-content/plugins/hc-sailthru/assets/js/	761 B 653 B	12ms 8ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/hc-sailthru/assets/js/sailthru.js?ver=20211026 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b6cf23ed282a5cb25c43c5923908a43cc8c4c9e92b23a1f73eb7b0af46ef6534 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:06 GMT server nginx x-rq hhn2 96 184 443 etag W/"6391c9ce-2f9" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	wp-polyfill-inert.min.js Show response observer.com/wp-includes/js/dist/vendor/	8 KB 3 KB	13ms 8ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 05 Mar 2024 22:47:00 GMT server nginx x-rq hhn2 96 184 443 etag W/"65e7a0e4-1feb" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	regenerator-runtime.min.js Show response observer.com/wp-includes/js/dist/vendor/	6 KB 3 KB	13ms 8ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 05 Mar 2024 22:47:00 GMT server nginx x-rq hhn2 96 184 443 etag W/"65e7a0e4-19e1" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	hooks.min.js Show response observer.com/wp-includes/js/dist/	5 KB 2 KB	13ms 9ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 05 Mar 2024 22:47:00 GMT server nginx x-rq hhn2 96 185 443 etag W/"65e7a0e4-1213" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	i18n.min.js Show response observer.com/wp-includes/js/dist/	9 KB 4 KB	13ms 9ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 05 Mar 2024 22:47:00 GMT server nginx x-rq hhn2 96 185 443 etag W/"65e7a0e4-24e5" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	loader.js Show response observer.com/wp-content/mu-plugins/wp-parsely-3.14/build/	3 KB 2 KB	18ms 13ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/mu-plugins/wp-parsely-3.14/build/loader.js?ver=71d37502d12f3838b80d Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 1889f65ec8711c38d9f5789d2fcd4d2f13fa1d1e4b8b3bc4d4a7193c0fae5f1e Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 19 Mar 2024 21:18:42 GMT server nginx x-rq hhn2 96 184 443 etag W/"65fa0132-bf9" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	p.js Show response cdn.parsely.com/keys/observer.com/	56 KB 21 KB	50ms 7ms	Script application/javascript	18.173.155.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/observer.com/p.js?ver=3.14.2 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.155.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-155-56.muc50.r.cloudfront.net Software nginx / Resource Hash c46b033d7688f2f46e87a04634a1389db91ceea1be9cb70d1ae9205819739a7e Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public date Fri, 22 Mar 2024 01:12:38 GMT content-encoding gzip via 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront) last-modified Thu, 24 Mar 2022 17:02:52 GMT server nginx x-amz-cf-pop MUC50-P3 age 42076 etag W/"623ca43c-e05a" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400, public x-amz-cf-id w3LE6zziH36kCE_gYPS-w-F4HSJ3NFTooNFvChR37uRmCvqr89mZtw== expires Sat, 23 Mar 2024 01:12:38 GMT
GET H2	200	helpers.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/	922 B 728 B	18ms 13ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/helpers.js?ver=1.9.10 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c0472ab03b5cc819b6f3a01c3d0519af30215aed943bd77a11d9625f93b4ab55 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:07 GMT server nginx x-rq hhn2 96 185 443 etag W/"6391c9cf-39a" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	jquery.flexslider.min.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/	21 KB 7 KB	18ms 13ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/jquery.flexslider.min.js?ver=2.2.2 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:07 GMT server nginx x-rq hhn2 96 185 443 etag W/"6391c9cf-5429" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	theme.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/	7 KB 3 KB	21ms 16ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/theme.js?ver=1.9.10.04282045 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 2e256a180025855d8521b1aeacc337c5bc34f88865bbd09680c9f7192c937553 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 31 Jan 2023 17:07:48 GMT server nginx x-rq hhn2 96 185 443 etag W/"63d94ae4-1c48" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	sailthru-widget.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/	1 KB 772 B	21ms 16ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/sailthru-widget.js?ver=1.9.10 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 756dd7203be6457d7dd15085b51cb7fcee2efdc6e1e46792c7a5272775a82243 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:07 GMT server nginx x-rq hhn2 96 184 443 etag W/"6391c9cf-431" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	delay-load.js Show response observer.com/wp-content/plugins/xcurrent/assets/js/	3 KB 1 KB	21ms 17ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/xcurrent/assets/js/delay-load.js?ver=8f7693010179fc5007dacef632d329a6 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash ef5f8d6a9ea52bd9b20497b837b74bde31586062d5b0e16be75f8bbdffc29840 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:06 GMT server nginx x-rq hhn2 96 184 443 etag W/"6391c9ce-b50" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	lazy-load.js Show response observer.com/wp-content/plugins/xcurrent/assets/js/	8 KB 4 KB	22ms 17ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/xcurrent/assets/js/lazy-load.js?ver=6bd186b35f60946321703040eae7bccf Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 6c05e433ca10b433edfc856fd903cb5f2da848a54e4507642a48981deed8bb05 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:06 GMT server nginx x-rq hhn2 96 184 443 etag W/"6391c9ce-214a" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	e-202412.js Show response stats.wp.com/	7 KB 3 KB	47ms 6ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202412.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-minify-cache hit x-nc HIT hhn date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br server nginx x-minify t etag W/14377-1704402358485.9985 vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 alt-svc h3=":443"; ma=86400 expires Sun, 16 Mar 2025 08:56:34 GMT
GET H2	200	script-queue.js Show response observer.com/wp-content/plugins/xcurrent/assets/js/	3 KB 2 KB	22ms 17ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a384a78bc8bee6afceab3ff107315b1bdcc0fd2622246826d16b503e742a8cdf Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:06 GMT server nginx x-rq hhn2 96 184 443 etag W/"6391c9ce-dd9" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	48ms 7ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 22 Mar 2024 11:48:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3946 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 22 Mar 2024 13:48:08 GMT
GET H2	200	22bdf0221b6555de6cdadcba Show response truculentrate.com/scripts/3f92345fab9c/	68 KB 24 KB	77ms 19ms	Script text/javascript	2600:1901:0:7416::1 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://truculentrate.com/scripts/3f92345fab9c/22bdf0221b6555de6cdadcba Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software / Resource Hash dd9df6618b30fe8bd40f6860b8b2d937d7338e31e9d8c80d8a1740e773b5b298 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br via 1.1 google date Fri, 22 Mar 2024 12:53:54 GMT x-datacenter gce-europe-west1 etag "5133f8388a973095d454c7fe0141b0c212a8a70ee7d6042bbd34b2011585b6cb" x-buildname hoothoot vary Accept-Encoding, Accept-Language x-hostname fen-hoothoot-europe-west1-spot-ltqf content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 x-buildnumber 1205290244 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	advertising.js Show response www.npttech.com/	6 KB 3 KB	97ms 42ms	Script application/javascript	2606:4700:e4::ac40:a227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.npttech.com/advertising.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT x-amz-version-id AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id SH6G8ZFERCM6HDQQ age 4755 alt-svc h3=":443"; ma=86400 x-amz-id-2 /z5g8je4DQOCqdMqzkXoYONSLSpX1HRseB5BzGtw4LZy8mR3FGEZZT0f2Ut8Np07jDIr379Blqg= last-modified Tue, 18 Oct 2022 13:20:01 GMT server cloudflare etag W/"df0e1827cd8f289a645f38d8fecaf6e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XrRf7aAehkmIP8TZRxPgZwWgB9Md6mwtbCRx8EPp8g2lMN3DfqeMZliyF6LERh28CgwWF%2Fa%2BttxpAgOaui%2BQNPQyZNrKp%2FCb6WG%2F2QZVJfEwJMXBmRCy5RoFrn0wt%2BJFbZHemuQVs01gBvkPqsk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=28800 cf-ray 868653c6890b9be6-FRA
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	load Show response sandbox.tinypass.com/xbuilder/experience/	4 KB 1 KB	94ms 40ms	Script application/javascript	2606:4700::6812:eff8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d55f7c21f317b20841033125e19ef280ff06aba9c8cb5ee2d6065220d8e5a30 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status HIT last-modified Fri, 22 Mar 2024 12:44:17 GMT server cloudflare age 577 vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control public, max-age=1800 cf-ray 868653c6889a92c3-FRA alt-svc h3=":443"; ma=86400 x-request-id gx7kxwxkkf expires Fri, 22 Mar 2024 13:23:54 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/internal-cs/default/ Redirect Chain https://sb.scorecardresearch.com/cs/37161820/beacon.js https://sb.scorecardresearch.com/internal-cs/default/beacon.js	4 KB 2 KB	10ms 9ms	Script application/javascript	18.244.18.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/internal-cs/default/beacon.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Server 18.244.18.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-122.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 05:01:34 GMT content-encoding gzip via 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront) last-modified Thu, 07 Dec 2023 12:02:23 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 age 28341 x-amz-server-side-encryption AES256 etag W/"77ff4ede4693897337a38594321529a3" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id TjnLbLHQjxN1E7jfAoXQVcpFaP6-uum9g5ZTYkYoii8_zXPhnv9Isw== Redirect headers date Fri, 22 Mar 2024 12:53:54 GMT via 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop FRA56-P11 x-cache Miss from cloudfront location /internal-cs/default/beacon.js content-length 0 x-amz-cf-id niGK3i0vhHZq1GsmxZRX7ESzgp80ZMLmq79jrV0ZEdxnXGVN_UuInQ==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	216 KB 58 KB	35ms 9ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 22 Mar 2024 12:53:54 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57659 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=2784, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug TEj5fgr85T2hgPLgFnACgqE8yWkjGyCU4H/b9k0Frnw/QbYVvhHUeFTyFVgc5yJjaukI1CQD8fojRmd3CyGFOA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	search-ffffff.svg observer.com/wp-content/themes/newyorkobserver-2014/images/	2 KB 1 KB	21ms 21ms	Image image/svg+xml	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/images/search-ffffff.svg Requested by Host: observer.com URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Thu, 08 Dec 2022 11:26:07 GMT server nginx x-rq hhn2 96 184 443 etag W/"6391c9cf-960" vary Accept-Encoding x-cache HIT content-type image/svg+xml cache-control max-age=31536000
GET H2	200	observer-logo-white-2015.png observer.com/wp-content/themes/newyorkobserver-2014/images/	3 KB 3 KB	21ms 21ms	Image image/png	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/images/observer-logo-white-2015.png Requested by Host: observer.com URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 185 443 last-modified Thu, 08 Dec 2022 11:26:07 GMT server nginx etag "6391c9cf-b7d" x-cache HIT content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 2941
GET DATA	200 OK	truncated /	388 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9e6f27c1cafd285e55e9a7507489d02e2780f88d3cf5838b0965dbfed021c9f4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	source-serif-pro-v11-latin-regular.woff2 observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/	19 KB 20 KB	17ms 16ms	Font application/font-woff2	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/source-serif-pro-v11-latin-regular.woff2 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 97816b3ca3d676b5241a16fd6fb3f3e4050a3b99c914f0a66f0bcc074617ba80 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers Referer https://observer.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 185 443 last-modified Thu, 08 Dec 2022 11:26:07 GMT server nginx etag "6391c9cf-4df4" x-cache HIT content-type application/font-woff2 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control max-age=31536000 accept-ranges bytes content-length 19956
GET H2	200	source-serif-pro-v11-latin-600.woff2 observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/	20 KB 21 KB	17ms 17ms	Font application/font-woff2	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/source-serif-pro-v11-latin-600.woff2 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 94192424866461cfb1b0e1684654325dd00e5581cbb395d507d613bbb22fdbf9 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers Referer https://observer.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 96 184 443 last-modified Thu, 08 Dec 2022 11:26:07 GMT server nginx etag "6391c9cf-51d4" x-cache HIT content-type application/font-woff2 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control max-age=31536000 accept-ranges bytes content-length 20948
GET H2	200	jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 fonts.gstatic.com/s/librefranklin/v14/	28 KB 28 KB	32ms 8ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 19 Mar 2024 06:19:08 GMT x-content-type-options nosniff age 282886 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28224 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:23:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Mar 2025 06:19:08 GMT
OPTIONS H2	200	simple api.sail-personalize.com/v1/personalize/ Frame	0 0	316ms 100ms	Preflight text/plain	99.83.154.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.154.140 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aa7557bb34ea5624b.awsglobalaccelerator.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-lib-version,x-referring-url Access-Control-Request-Method GET Origin https://observer.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL access-control-allow-methods OPTIONS,GET,POST,PUT,DELETE access-control-allow-origin https://observer.com access-control-max-age 1800 allow HEAD,GET,OPTIONS content-length 18 content-type text/plain date Fri, 22 Mar 2024 12:53:54 GMT
GET H2	200	simple Show response api.sail-personalize.com/v1/personalize/	10 KB 2 KB	128ms 105ms	Fetch application/json	99.83.154.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0 Requested by Host: ak.sail-horizon.com URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.154.140 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aa7557bb34ea5624b.awsglobalaccelerator.com Software / Resource Hash 4b9ab55fac0deb8f1175b39fb6c814a17c6178af1646fe8521a5931c78ef2be8 Request headers x-lib-version v1.0.1 accept-language de-DE,de;q=0.9 authorization Bearer eddd21a32bf5284abd9bc8ac7ddeec34 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type application/json accept application/json Referer https://observer.com/ x-referring-url https://observer.com/ Response headers pragma no-cache date Fri, 22 Mar 2024 12:53:54 GMT content-encoding gzip allowedorigins * vary Accept-Encoding content-type application/json access-control-allow-origin * allowedmethods GET,OPTIONS cache-control no-store access-control-allow-credentials true allowedheaders Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin expires -1
GET H/1.1	200 OK	/ p1.parsely.com/plogger/	43 B 257 B	122ms 28ms	Image image/gif	54.155.18.159 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://p1.parsely.com/plogger/?rand=1711112034397&plid=94046715&idsite=observer.com&url=https%3A%2F%2Fobserver.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fobserver.com%2F&sref=&sts=1711112034395&slts=0&title=News%2C+data+and+insight+about+the+powerful+forces+that+shape+the+world.+%7C+Observer&date=Fri+Mar+22+2024+13%3A53%3A54+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=37245839&u=pid%3Df103143cdd2f64348adff7f90b9811f8 Requested by Host: observer.com URL: https://observer.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-155-18-159.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Fri, 22 Mar 2024 12:53:54 GMT Cache-Control no-cache Last-Modified Friday, 22-Mar-2024 12:53:54 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	g.gif pixel.wp.com/	50 B 177 B	11ms 6ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&blog=168679389&post=1329211&tz=-4&srv=observer.com&hp=vip&j=1%3A13.2.1&host=observer.com&ref=&fcp=0&rand=0.8680537520793501 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin * date Fri, 22 Mar 2024 12:53:54 GMT cache-control no-cache server nginx alt-svc h3=":443"; ma=86400 content-length 50 content-type image/gif
GET H2	200	js Show response www.google-analytics.com/gtm/	138 KB 53 KB	31ms 31ms	Script application/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-NXSTMDF&cid=1606062156.1711112034 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1988a930eb53a5a6f85a1cf47c06c5b3cf382146658405e36f72210ffe3f838c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54427 x-xss-protection 0 last-modified Fri, 22 Mar 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 22 Mar 2024 12:53:54 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	39ms 18ms	Script text/javascript	2a00:1450:4001:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?hl=en&render=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo Requested by Host: observer.com URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/theme.js?ver=1.9.10.04282045 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 697c5092883d0b0a17dcf7bd8c49ceac581f8dc4f532cde4f3f9336561c13c37 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 22 Mar 2024 12:53:54 GMT
GET H2	200	skeleton.gif static.adsafeprotected.com/	43 B 482 B	48ms 7ms	Image image/gif	2600:9000:223f:6800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_7396850 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:6800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 11 Dec 2023 17:29:44 GMT x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja via 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 8796251 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 last-modified Mon, 17 Aug 2020 23:55:15 GMT server AmazonS3 etag "45cf913e5d9d3c9b2058033056d3dd23" content-type image/gif cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id zHcQM-vUKzMb79hb06XfsqWfHk7-EaZDtLUn_I6Me-30qRL4h-NuhQ==
POST H2	204	collect region1.analytics.google.com/g/	0 252 B	34ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-T9PLB60R8S&gtm=45je43k0v878262212za200&_p=1711112034260&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1606062156.1711112034&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711112034&sct=1&seg=0&dl=https%3A%2F%2Fobserver.com%2F&dt=News%2C%20data%20and%20insight%20about%20the%20powerful%20forces%20that%20shape%20the%20world.%20%7C%20Observer&en=page_view&_fv=1&_ss=1&_ee=1&tfd=270 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 12:53:54 GMT server Golfe2 content-type text/plain access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 252 B	59ms 20ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T9PLB60R8S&cid=1606062156.1711112034&gtm=45je43k0v878262212za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 12:53:54 GMT server Golfe2 content-type text/plain access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	54ms 32ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T9PLB60R8S&cid=1606062156.1711112034&gtm=45je43k0v878262212za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=211632626 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 12:53:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	b sb.scorecardresearch.com/	0 225 B	8ms 7ms	Image text/plain	18.244.18.122 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b?c1=2&c2=37161820&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1711112034463&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2F&c8=News%2C%20data%20and%20insight%20about%20the%20powerful%20forces%20that%20shape%20the%20world.%20%7C%20Observer&c9= Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-122.fra56.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT via 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop FRA56-P11 x-amz-cf-id LT9MTxURA_ewHqSV2G1bb5itimdOWjJ-s_DGIaX70Xok9hh6JDy2BA== x-cache Miss from cloudfront
GET H2	200	tinypass.min.js Show response sandbox.tinypass.com/api/	391 KB 116 KB	36ms 36ms	Script application/javascript	2606:4700::6812:eff8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sandbox.tinypass.com/api/tinypass.min.js Requested by Host: sandbox.tinypass.com URL: https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d6d993845dbfff1bfed771045c06d4aa9e9f4562e35eb4d72fe4e964140e1a1 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT x-amz-version-id mCukb5e03k3X.EGi4o6BNXCgm3W.ddWi content-encoding br cf-cache-status HIT strict-transport-security max-age=86400; includeSubDomains x-amz-request-id 9HBESH34MKJ3VV8Z age 1194 x-amz-server-side-encryption AES256 x-amz-replication-status REPLICA alt-svc h3=":443"; ma=86400 x-amz-id-2 soqvop/bdiD7FzVYHW92XbcWvI0DXj/LtQd3wGMQXRhVTmN3VqtQzyd54/qwUEh9n3TUMxI7BOVdVWF4Yq+bOg== last-modified Fri, 22 Mar 2024 06:19:57 GMT server cloudflare etag W/"79389fe985c926d34c9aad447b274613" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 868653c769d092c3-FRA expires Fri, 22 Mar 2024 16:53:54 GMT
GET H2	200	618909876214345 Show response connect.facebook.net/signals/config/	54 KB 11 KB	65ms 65ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/618909876214345?v=2.9.150&r=stable&domain=observer.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1bf2129f251c6637cc0f66c0b9434b92abcb091199a245e703700142029da4e4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 22 Mar 2024 12:53:54 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1294, tbw=62795, tp=-1, tpl=-1, uplat=57, ullat=0 pragma public x-fb-debug c4jTRwPN6auNh/uCJRHGUTivtfcHHBZRza/lZrsNc8IOBcv0tlitHct71sfstgeaQVKPEsgBiOF9hfun9+z1Jg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/	496 KB 198 KB	28ms 8ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?hl=en&render=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://observer.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 08:33:05 GMT content-encoding gzip x-content-type-options nosniff age 15649 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 202152 x-xss-protection 0 last-modified Tue, 19 Mar 2024 18:14:50 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 22 Mar 2025 08:33:05 GMT
POST H2	200	execute Show response c2-sandbox.piano.io/xbuilder/experience/	2 KB 2 KB	224ms 196ms	XHR application/json	2606:4700::6811:c276 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c2-sandbox.piano.io/xbuilder/experience/execute?aid=CMrLcDjZsu Requested by Host: sandbox.tinypass.com URL: https://sandbox.tinypass.com/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ea9427ddef82113bde7c378296a4284c621bd2eacd5480f7e429ce95676e250 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 x-request-id jwbni9zp8d pragma no-cache server cloudflare vary Accept-Encoding, Origin access-control-allow-methods POST, GET, OPTIONS content-type application/json access-control-allow-origin https://observer.com access-control-expose-headers Composer-Request-Control-Policy cache-control no-cache, no-store access-control-allow-credentials true cf-ray 868653c80bdbbb7a-FRA
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 9B82	47 KB 30 KB	34ms 34ms	Document text/html	2a00:1450:4001:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=1cajhti7gpva Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 57a6548e6b7eb85b698b3b23a664a6551d7c360c2ffc61e645ec53ecccea7644 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-pTyNymsQ3CAJAYRuKzhGuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://observer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-pTyNymsQ3CAJAYRuKzhGuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 22 Mar 2024 12:53:54 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	/ www.facebook.com/tr/	0 273 B	39ms 8ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=618909876214345&ev=PageView&dl=https%3A%2F%2Fobserver.com%2F&rl=&if=false&ts=1711112034585&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711112034585.1843518757&ler=empty&cdl=API_unavailable&it=1711112034471&coo=false&rqm=GET Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 22 Mar 2024 12:53:54 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	Francis-Bacon-Portrait-of-George-Dyer-Crouching-1.jpg observer.com/wp-content/uploads/sites/2/2024/03/	8 KB 8 KB	9ms 8ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/Francis-Bacon-Portrait-of-George-Dyer-Crouching-1.jpg?resize=300,237 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e73c97450e1a70324eb05ba3def51d318e67df1d2dc360267697d20ea67108e8 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 196 443 last-modified Thu, 21 Mar 2024 20:59:03 GMT server nginx etag "ddcaa80299fbf967" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 7804
GET H2	200	IMG_8917.jpg observer.com/wp-content/uploads/sites/2/2024/03/	9 KB 9 KB	10ms 9ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/IMG_8917.jpg?resize=300,225 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 84dbddc1a625537ae22f632921fa607acefe70b7f52cf42166b083c01046647f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 88 443 last-modified Thu, 21 Mar 2024 19:27:18 GMT server nginx etag "f2cdcff59ce10191" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 8760
GET H2	200	GettyImages-2089846122.jpg observer.com/wp-content/uploads/sites/2/2024/03/	15 KB 15 KB	10ms 9ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/GettyImages-2089846122.jpg?resize=300,200 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash fad46f4d2b6d87ab5ebaa99e6189780a65185d639239ab95164be6befa66c659 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 30 443 last-modified Thu, 21 Mar 2024 16:14:22 GMT server nginx etag "f53da53832631abd" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 14916
GET H2	200	5Thomson-Three-Women.jpg observer.com/wp-content/uploads/sites/2/2024/03/	11 KB 11 KB	10ms 9ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/5Thomson-Three-Women.jpg?resize=300,273 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 3b1089eab995377a42524805ecff495f15f2869edfc4fcb6a98bd25772178897 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 200 443 last-modified Wed, 20 Mar 2024 00:03:25 GMT server nginx etag "3af474eff190002c" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 11074
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 9B82	55 KB 24 KB	29ms 7ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=1cajhti7gpva Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 08:33:06 GMT content-encoding gzip x-content-type-options nosniff age 15648 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 19 Mar 2024 18:14:50 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 22 Mar 2025 08:33:06 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 9B82	496 KB 197 KB	35ms 13ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=1cajhti7gpva Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 08:33:05 GMT content-encoding gzip x-content-type-options nosniff age 15649 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 202152 x-xss-protection 0 last-modified Tue, 19 Mar 2024 18:14:50 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 22 Mar 2025 08:33:05 GMT
GET H3	200	vTGbt0ba_6WFa6djDrDEz8hdvsDcG69SdtRJRDiJ66U.js Show response www.google.com/js/bg/ Frame 9B82	17 KB 7 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/vTGbt0ba_6WFa6djDrDEz8hdvsDcG69SdtRJRDiJ66U.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bd319bb746daffa5856ba7630eb0c4cfc85dbec0dc1baf5276d449443889eba5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=1cajhti7gpva User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 00:13:57 GMT content-encoding br x-content-type-options nosniff age 131997 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7396 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Mar 2025 00:13:57 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 9B82	2 KB 2 KB	22ms 16ms	Image image/png	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 19 Mar 2024 03:45:28 GMT x-content-type-options nosniff age 292106 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 26 Mar 2024 03:45:28 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 9B82	15 KB 15 KB	26ms 4ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=1cajhti7gpva Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 19:32:19 GMT x-content-type-options nosniff age 321695 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 18 Mar 2025 19:32:19 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 9B82	15 KB 15 KB	27ms 5ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=1cajhti7gpva Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 14:28:00 GMT x-content-type-options nosniff age 80754 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Mar 2025 14:28:00 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 9B82	102 B 135 B	27ms 23ms	Other text/javascript	2a00:1450:4001:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=1cajhti7gpva Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e218317cb912f66558792d0563e846a889f26258b7d564bcd24c3f02a7dbccaf Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=1cajhti7gpva User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 22 Mar 2024 12:53:54 GMT
POST H3	200	4a6f5a08187ebbcd1adb60c716a477ecfcddeba2fe Show response truculentrate.com/confirm/31e8075309/	303 B 330 B	68ms 44ms	Fetch application/json	2600:1901:0:7416::1 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://truculentrate.com/confirm/31e8075309/4a6f5a08187ebbcd1adb60c716a477ecfcddeba2fe Requested by Host: truculentrate.com URL: https://truculentrate.com/scripts/3f92345fab9c/22bdf0221b6555de6cdadcba Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software / Resource Hash 9b3767c7f7fb24e70c42be4120c54b421bcb502a1bb83065848afa19ee81ad7d Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload date Fri, 22 Mar 2024 12:53:54 GMT via 1.1 google x-buildnumber 1205290244 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 303 x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://observer.com x-hostname fen-hoothoot-europe-west1-spot-ltqf cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie expires Fri, 22 Mar 2024 12:53:53 GMT
GET H2	200	Milky-Way-1945-e1711106626382.jpg observer.com/wp-content/uploads/sites/2/2024/03/	26 KB 27 KB	11ms 2ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/Milky-Way-1945-e1711106626382.jpg?quality=80&w=300 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash fad57ed3b7d0a53a11b2683d7afecf9c4f060e48467008d6332e8437b36e5ae3 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 27 443 last-modified Fri, 22 Mar 2024 11:39:52 GMT server nginx etag "38b2916c3a3de0aa" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 27000
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	89 KB 29 KB	82ms 50ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: htlbid.com URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8ec63a9532188c75cc4875beb45fa930c2259fdd755751849c1b8afeeb6c5213 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29052 x-xss-protection 0 server cafe etag 458 / 19804 / 31082017 / config-hash: 166869955028549038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 22 Mar 2024 12:53:54 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	301 KB 75 KB	41ms 8ms	Script application/javascript	18.173.210.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: htlbid.com URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.210.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-210-128.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4fed25c522546f1b2e83ec7d466da2382d7ebac5c10ce2d77605b2796f3572eb Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:25:28 GMT content-encoding gzip via 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront) last-modified Thu, 21 Mar 2024 21:31:25 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P12 age 1707 etag W/"3bc15e34b43d9d067b221c136d54b522" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id OC26bTLEbj1gkBXekAsUqaKIzlicmjRL316WY3qsfuB8nOf1n-XD7A==
POST H3	200	75cd324d6b4b9fe5f1cf322f3303d291f8cee7df7b2cadfa7fa4 Show response truculentrate.com/	3 B 29 B	21ms 21ms	Fetch application/json	2600:1901:0:7416::1 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://truculentrate.com/75cd324d6b4b9fe5f1cf322f3303d291f8cee7df7b2cadfa7fa4 Requested by Host: truculentrate.com URL: https://truculentrate.com/scripts/3f92345fab9c/22bdf0221b6555de6cdadcba Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload date Fri, 22 Mar 2024 12:53:54 GMT via 1.1 google x-buildnumber 1205290244 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://observer.com x-hostname fen-hoothoot-europe-west1-spot-ltqf cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie expires Fri, 22 Mar 2024 12:53:53 GMT
OPTIONS H/1.1	200 OK	view overlay-track.sailthru.cloud/v1/overlay/ Frame	0 0	470ms 92ms	Preflight text/plain	52.20.235.245 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://overlay-track.sailthru.cloud/v1/overlay/view Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.20.235.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-235-245.compute-1.amazonaws.com Software envoy / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-lib-version Access-Control-Request-Method POST Origin https://observer.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Connection keep-alive Content-Length 13 access-control-allow-credentials true access-control-allow-headers Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://observer.com access-control-max-age 1800 allow POST,OPTIONS content-type text/plain date Fri, 22 Mar 2024 12:53:55 GMT server envoy x-envoy-upstream-service-time 0
POST H/1.1	200 OK	view Show response overlay-track.sailthru.cloud/v1/overlay/	17 B 422 B	92ms 92ms	Fetch application/json	52.20.235.245 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://overlay-track.sailthru.cloud/v1/overlay/view Requested by Host: ak.sail-horizon.com URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.20.235.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-235-245.compute-1.amazonaws.com Software envoy / Resource Hash 5f4871b277dbebec4d8490673a48154537dc6f1969140f67c333e85704b50564 Request headers Accept application/json Referer https://observer.com/ X-Lib-Version v1.0.1 accept-language de-DE,de;q=0.9 Authorization Bearer eddd21a32bf5284abd9bc8ac7ddeec34 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json Response headers date Fri, 22 Mar 2024 12:53:55 GMT allowedorigins * server envoy vary Origin content-type application/json access-control-allow-origin * allowedmethods GET,OPTIONS access-control-allow-credentials true allowedheaders Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin x-envoy-upstream-service-time 1 Connection keep-alive Content-Length 17
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	22ms 8ms	XHR application/javascript	18.173.210.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.210.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-210-128.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE content-encoding gzip via 1.1 b44afb2a44376871c20edb8c123ed47c.cloudfront.net (CloudFront) date Fri, 22 Mar 2024 05:22:28 GMT x-amz-cf-pop FRA56-P12 age 35267 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 29 Feb 2024 02:13:08 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id H_MtDJomMKDS4eAyo2ZA7WQVO6lrIsjJ9V5OotP4GEFgVWJiAP1HNg==
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/	438 KB 138 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082017 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 10:01:05 GMT content-encoding br x-content-type-options nosniff age 10369 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 141049 x-xss-protection 0 server cafe etag 7927512453849819874 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 22 Mar 2025 10:01:05 GMT
GET H2	200	.js Show response dyv1bugovvq1g.cloudfront.net/79/observer.com/	3 KB 1 KB	435ms 392ms	Fetch application/json	2600:9000:223e:ba00:5:82fd:2500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dyv1bugovvq1g.cloudfront.net/79/observer.com/.js Requested by Host: htlbid.com URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:ba00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f4dfb3b7c94e739225bf3a6531d353b438e6e353dc778ce580dd371fb57f135c Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type text/plain Response headers date Fri, 22 Mar 2024 12:53:56 GMT content-encoding gzip via 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 518 x-amz-expiration expiry-date="Wed, 22 May 2024 00:00:00 GMT", rule-id="cleanup" last-modified Fri, 22 Mar 2024 12:45:01 GMT server AmazonS3 etag "750ee20c0bec028237a339ffd1824d35" access-control-max-age 3000 access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://observer.com cache-control max-age=300 access-control-allow-credentials true vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id H_QkhR9uNaDp1578nypgGjjP-t4IOoViCnTfuOlp4JgZ8U4ohKRRVA==
GET H2	200	30787d05-7895-471e-9cdf-d931d7b5ea5d Show response config.aps.amazon-adsystem.com/configs/	563 B 839 B	43ms 8ms	Script application/javascript	18.66.112.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/30787d05-7895-471e-9cdf-d931d7b5ea5d Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-4.fra56.r.cloudfront.net Software CloudFront / Resource Hash d960ec924eb69e567c94f9ba13ed16056553c7ae133c0c489a5805307e04e3d0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:20:10 GMT via 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-P5 age 2025 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 563 x-amz-cf-id glia9osuIPt8mC-c9YJuRpbBM3cGLRIIxlVg8zPk5V7a0CDnPKImww==
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	1 KB 1 KB	7ms 7ms	XHR application/json	18.173.210.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.210.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-210-128.fra56.r.cloudfront.net Software Server / Resource Hash 5ae4511cca9105f1d4a785b54345acc66ba7a06dd9352fa9b5b280475cb05d63 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 07:32:45 GMT via 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P12 age 19268 x-cache Hit from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://observer.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 1029 x-amz-cf-id wEh7Y7gg7MVauvI_4KnDkRXklOaE-rCJZ9AfanV8LXRXUE7U1_iOVQ==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 356 B	103ms 52ms	XHR text/javascript	108.138.3.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fobserver.com%2F&pid=j59WCH5Jpgdnk&cb=0&ws=1600x1200&v=24.319.2210&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_leaderboard_atf%22%7D%5D&schain=1.0%2C1%21hashtag-labs.com%2C1010%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.3.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-3-46.fra56.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:54 GMT via 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://observer.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id v1bKnDZADBKmyFAel9havD-c9RjN9A9xdrfAI8vGDHOY-kKEKMOXxw==
GET H2	200	22133348250 Show response fundingchoicesmessages.google.com/i/	183 KB 61 KB	75ms 54ms	Script application/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/22133348250?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 465e36026e9205ccb6baeefbdbeb20723860a5deb808993eea6547e0a3c8934a Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X6iHM62JXm92HXGQlrj3kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:55 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X6iHM62JXm92HXGQlrj3kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaOry-ZJIBYDYj51k1nVQFizfXTWQOBOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAfHLBedaLQCzEzfH439f1bAIrPn6XBAD6QzbC" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	services.js Show response js.gumgum.com/	113 KB 42 KB	43ms 10ms	Script application/javascript	18.245.86.113 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.gumgum.com/services.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.113 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-113.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c3e5c01a2a5e92177a7a874b3912342018dd984aa1ea200e451d9a25e6e6a8e3 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id FDOXrd4ofqoqFzlxyyQfC0VdBkgGZ.cl content-encoding gzip via 1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront) date Fri, 22 Mar 2024 12:33:35 GMT x-amz-cf-pop FRA60-P6 age 2817 x-cache Hit from cloudfront x-amz-meta-access-control-allow-origin * last-modified Wed, 20 Mar 2024 20:53:14 GMT server AmazonS3 x-amz-meta-timing-allow-origin * etag W/"f5ba3e36a8a620371d2e193ccc295291" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 x-amz-cf-id a3R2HMXh6UzWQmqYVgzvVaCqwfjS7jl_Q3yZXMpEf9m6siL92ZG-0w==
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	92 KB 27 KB	43ms 16ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80e66296a0e785e3cc19809ed93b74703d7e768c03d2eada3badca52dd27ef64 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:55 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT x-amz-request-id ZB5SP9ZA8F06KFHN age 19 x-amz-server-side-encryption AES256 x-amz-id-2 SZ9cmqmG7N2dVRU84ZVys6SzI/Iy7IjBtxX9g+3yvYqoRcQGCT1gZ6uwV4r9R99TubWZaBsz6ms= last-modified Wed, 20 Mar 2024 11:38:58 GMT server cloudflare etag W/"f162f0b97c89da6502a32c3c1206d74e" vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 868653caef39381b-FRA expires Fri, 22 Mar 2024 13:53:55 GMT
GET H2	200	AGSKWxVRCbQEYMCIcaBY5TwNc1iZ-00yHrC6YUvV6A0YDM0ykeVsisiqWVl6wZPwd_37wj28VpDCL9iIpSRvE8X0AvocQrpKu7egVafaU1o_1HVewRt2JGGE8HWHlqZvNU3CE4Uq3k5Vuw== Show response fundingchoicesmessages.google.com/f/	402 KB 61 KB	141ms 139ms	Script application/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVRCbQEYMCIcaBY5TwNc1iZ-00yHrC6YUvV6A0YDM0ykeVsisiqWVl6wZPwd_37wj28VpDCL9iIpSRvE8X0AvocQrpKu7egVafaU1o_1HVewRt2JGGE8HWHlqZvNU3CE4Uq3k5Vuw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMTEyMDM1LDExODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9vYnNlcnZlci5jb20vIixudWxsLFtbOCwiX0gzQ1FBVW1UZVEiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de._H3CQAUmTeQ.es5.O/am=wA/d=1/rs=AJlcJMwB5L0zrJGoujKlLP48oSQFMgDyDQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2227d102435fa8a24ca44b995705d12478e1bd48e6a241ee3141248b18c88a30 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9JgGa9knpgYoUhmHUqq0jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:55 GMT content-security-policy script-src 'report-sample' 'nonce-9JgGa9knpgYoUhmHUqq0jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTN8fjf1_VsAheufK0AAKxbMhQ" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/	107 KB 6 KB	25ms 24ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de._H3CQAUmTeQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx0iLwDCYe0EVVe9QxO82tVfizEOQ/m=web_iab_tcf_v2_wall_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 372c5fe7aaf2049c6b88109c13488bd84e20c6859986ddcdfad79b6507024dc7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 22 Mar 2024 12:53:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 22 Mar 2024 12:53:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 22 Mar 2024 12:53:55 GMT
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: observer.com URL: https://observer.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://observer.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 19 Mar 2024 08:10:53 GMT x-content-type-options nosniff age 276182 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Mar 2025 08:10:53 GMT
GET H3	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v140/	125 KB 125 KB	12ms 11ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: observer.com URL: https://observer.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://observer.com/ Origin https://observer.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 19 Mar 2024 07:55:46 GMT x-content-type-options nosniff age 277089 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Tue, 07 Mar 2023 19:51:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Mar 2025 07:55:46 GMT
POST H3	204	AGSKWxUo0ugXIF2p0dptQgzlrfOEjG4Juyni0HodJnAN2P_cT7z_oG3zdYIEQLZAM9-hUyWTp6YZdQgUo-l-2jLnPIiSTEAvUre9f8hAu-KiUPwqUbTSRaZpL2QF5WDYxiSumzgZbIVJYw== Show response fundingchoicesmessages.google.com/el/	0 29 B	39ms 22ms	XHR text/html	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUo0ugXIF2p0dptQgzlrfOEjG4Juyni0HodJnAN2P_cT7z_oG3zdYIEQLZAM9-hUyWTp6YZdQgUo-l-2jLnPIiSTEAvUre9f8hAu-KiUPwqUbTSRaZpL2QF5WDYxiSumzgZbIVJYw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de._H3CQAUmTeQ.es5.O/am=wA/d=1/rs=AJlcJMwB5L0zrJGoujKlLP48oSQFMgDyDQ/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-vqNuhxG1DwqBBI3ZuH3XmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers date Fri, 22 Mar 2024 12:53:55 GMT content-security-policy script-src 'report-sample' 'nonce-vqNuhxG1DwqBBI3ZuH3XmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1hDgFiIh-Pxv6_r2QR2bDiykhEAzGsM_Q" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://observer.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	oPS.js Show response d15kdpgjg3unno.cloudfront.net/	115 KB 116 KB	83ms 32ms	Script text/javascript	2600:9000:2490:8000:11:b309:9100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79 Requested by Host: htlbid.com URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:8000:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 981028ceb12c2df39feb219a11d9217ecf0478407fb962b3ec7b1a2d8bcc25b9 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id ZA9mHCzhj0VI1LxKMM8q4ZosyElX21Ng date Fri, 22 Mar 2024 00:00:09 GMT via 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 age 46427 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 117781 last-modified Wed, 13 Mar 2024 15:09:23 GMT server AmazonS3 etag "af64e1080c94a20a1a05c77f50ce5d6e" vary Accept-Encoding content-type text/javascript cache-control max-age=84600 accept-ranges bytes x-amz-cf-id 9SBFuT7a6LqJ-wzTvlme9ixJ96MjLsP7h2Tkzdji3aPI4ncgAkFtpQ==
GET H/1.1	200 OK	1x1-pixel.png ams-pageview-public.s3.amazonaws.com/	68 B 448 B	319ms 110ms	Image image/png	52.217.67.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1e511584efcb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.67.100 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Fri, 22 Mar 2024 12:53:57 GMT Last-Modified Mon, 26 Oct 2020 16:52:19 GMT Server AmazonS3 x-amz-request-id MEDGCVVG5B2YQGC3 ETag "91e42db1c66c0b276abf6234dc50b2eb" Content-Type image/png Cache-Control no-store Accept-Ranges bytes Content-Length 68 x-amz-id-2 aoJlLzT14tJenoZ6H6/CZKRtOY04FhmHL7xIAkc0wbAwhbPF9w+Meln1JrzoaLGSPCFaMSjMBOk=
POST H/1.1	200 OK	Test_oPS_Script_Loads Show response sqs.us-east-1.amazonaws.com/397719490216/	378 B 682 B	391ms 99ms	XHR text/xml	3.239.232.116 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D79%26bt%3Dnull Requested by Host: d15kdpgjg3unno.cloudfront.net URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.239.232.116 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-239-232-116.compute-1.amazonaws.com Software / Resource Hash 2ed25674cb5b8217393da428be3f6a1ee1a3311d8a064afb5e8e9b49d9723542 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Access-Control-Allow-Origin * Access-Control-Expose-Headers x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date Date Fri, 22 Mar 2024 12:53:56 GMT connection keep-alive x-amzn-RequestId f689e983-5008-55d1-a71c-b7f4d1ac3268 Content-Length 378 Content-Type text/xml
GET H2	200	v1 Show response lb.eu-1-id5-sync.com/lb/	33 B 272 B	36ms 7ms	Fetch application/json	141.95.98.65 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.98.65 , France, ASN16276 (OVH, FR), Reverse DNS ns3216659.ip-141-95-98.eu Software / Resource Hash 616a2688f01285eb25484240143f489c65082be13e6b182a9c9ea94c65401cf4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin https://observer.com date Fri, 22 Mar 2024 12:53:55 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin content-type application/json;charset=UTF-8
POST H2	200	v3 Show response id5-sync.com/gm/	319 B 512 B	37ms 8ms	XHR application/json	141.95.98.65 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/gm/v3 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.98.65 , France, ASN16276 (OVH, FR), Reverse DNS ns3216659.ip-141-95-98.eu Software / Resource Hash fbcea914366d407a04a6f91ee07cac2d56cdf5eb6efac403b68e8892cd75defa Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://observer.com date Fri, 22 Mar 2024 12:53:56 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin content-type application/json
GET H2	200	carama021005-1.jpg observer.com/wp-content/uploads/sites/2/2024/03/	13 KB 13 KB	7ms 7ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/carama021005-1.jpg?resize=300,200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 232188e1d6ce674973838e9a9614097a3ca9d4e1abdef0ef77419e003910cc85 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:56 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 139 443 last-modified Thu, 21 Mar 2024 14:38:17 GMT server nginx etag "68622ed8badf649a" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 13058
GET H2	200	candles-1_7a11dd.png observer.com/wp-content/uploads/sites/2/2024/03/	20 KB 20 KB	8ms 7ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/candles-1_7a11dd.png?resize=300,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash cdb75f649eef98e1739750681c86894c418c5bb6b685bb580ef6c75a0858340d Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:56 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 30 443 last-modified Thu, 21 Mar 2024 13:31:30 GMT server nginx etag "75383b7756911497" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 20300
GET H2	200	36472-Credit-FR-%C2%A9-Loic-Romer-Tourisme-Montreal-EN-Credit-%C2%A9-Loic-Romer-Tourisme-Montreal.jpg observer.com/wp-content/uploads/sites/2/2024/03/	13 KB 13 KB	8ms 8ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/36472-Credit-FR-%C2%A9-Loic-Romer-Tourisme-Montreal-EN-Credit-%C2%A9-Loic-Romer-Tourisme-Montreal.jpg?resize=300,225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 2b5e5ad69be6bf893b2b56fcc77f6ea99d7f3c1ec92488ac2097f417a2200d1d Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:56 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 195 443 last-modified Wed, 20 Mar 2024 11:52:33 GMT server nginx etag "e0ca3b801cac0f89" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 13080
GET H2	200	Fairmont-Miramar-2.jpeg observer.com/wp-content/uploads/sites/2/2024/03/	14 KB 14 KB	7ms 7ms	Image image/webp	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://observer.com/wp-content/uploads/sites/2/2024/03/Fairmont-Miramar-2.jpeg?resize=300,200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash d07f7e0381e6008cdc057b54db2808e00d49f6b70c7e57e3b44477fee48a0ef6 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:56 GMT strict-transport-security max-age=31536000;includeSubdomains;preload x-rq hhn2 109 195 443 last-modified Fri, 22 Mar 2024 11:58:27 GMT server nginx etag "463646cf5b29a39e" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 14550
GET H/1.1	200 OK	load.js Show response s.ntv.io/serve/	657 KB 172 KB	150ms 103ms	Script application/x-javascript	23.56.203.202 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.ntv.io/serve/load.js?ver=1.0.0 Requested by Host: observer.com URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.56.203.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-203-202.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 44ef32a2e1cfdae6e173b5f86afa2e8ba0351a3c7cb8a6eb372c7c466076c5b9 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Fri, 22 Mar 2024 12:53:56 GMT Content-Encoding gzip x-amz-request-id V31P2BT0PYEZNPPT x-amz-server-side-encryption AES256 Transfer-Encoding chunked Connection keep-alive, Transfer-Encoding x-amz-id-2 9RkVyrO+dMo5oIm/R9+k9mWNI7eLdo+QbSwyWOYMkIYN6Wv5m/Qsu293Qf+Sv0l6JGQhjsSyvNo= Last-Modified Fri, 22 Mar 2024 01:59:05 GMT Server AmazonS3 ETag "bf66718241ebc9e1c20d5087e94fc61d" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	200	t Show response jadserve.postrelease.com/	268 B 601 B	314ms 101ms	Script text/javascript	44.196.244.253 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fobserver.com%2F&ntv_mvi Requested by Host: s.ntv.io URL: https://s.ntv.io/serve/load.js?ver=1.0.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.244.253 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-244-253.compute-1.amazonaws.com Software nginx / Resource Hash f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip server nginx content-type text/javascript;charset=UTF-8 access-control-allow-origin * p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 190 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	app.js Show response observer.com/wp-content/themes/newyorkobserver-2014/dist/js/	5 KB 2 KB	10ms 9ms	Script application/javascript	192.0.66.160 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/app.js?ver=1.9.10 Requested by Host: observer.com URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 7b56af893358318f9825834c44e15ba72af5dd08fda34a56c0bd7b6ef1d9f355 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubdomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:56 GMT content-encoding br strict-transport-security max-age=31536000;includeSubdomains;preload last-modified Tue, 07 Mar 2023 10:48:04 GMT server nginx x-rq hhn2 96 185 443 etag W/"64071664-15f6" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31536000
GET H2	200	gtm.js Show response www.googletagmanager.com/	290 KB 92 KB	44ms 43ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6 Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0f6260c1e6a6cdb1fd920c7c6d62b5f85119efd390eee6d4f71a1ea1d2035193 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:56 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 93660 x-xss-protection 0 last-modified Fri, 22 Mar 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 22 Mar 2024 12:53:56 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	23 KB 9 KB	81ms 13ms	Script application/javascript	2620:116:800d:21:5ed4:8d5d:fed7:f5ef AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip etag "bvEECQq4Zy6gU9J/qv1O6Q==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Fri, 29 Mar 2024 12:53:57 GMT
GET H2	200	hotjar-3537567.js Show response static.hotjar.com/c/	9 KB 4 KB	375ms 324ms	Script application/javascript	18.245.86.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3537567.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-5.fra60.r.cloudfront.net Software / Resource Hash 1a8651fda79599ae76c1b989e7551bdc8da75eaad8ccfeb974cefde3ecae8907 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Fri, 22 Mar 2024 12:53:57 GMT via 1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P6 etag W/8389e72e1e2d6cd21371a9abcd486c4f vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id BVc9CR8USnlNHdJ9MrKENIaQAgsEioIadOb5lmqXLJzU9LvKDmhY2A==
GET H3	200	832096553515722 Show response connect.facebook.net/signals/config/	29 KB 5 KB	61ms 60ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/832096553515722?v=2.9.150&r=stable&domain=observer.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101%2C178%2C177%2C179%2C184%2C185%2C186%2C182%2C174%2C117%2C173%2C175%2C108%2C139%2C130%2C134%2C114%2C169%2C209%2C145%2C102%2C210%2C147%2C106%2C128%2C121%2C109 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 574257158f8975391edb5a888bb212822ef3402b4985fca24da3a1e56e419169 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 22 Mar 2024 12:53:57 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4658, tp=12, tpl=0, uplat=49, ullat=0 pragma public x-fb-debug JpAcvi+8ANsHbXJTgMcFdpnUZ5V0Tt8O9NRdnFcDxKZSmVMSD3cMBA1wGKFGYAuZCqWte1nCtacSEfpuTP9BSA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	4 KB 2 KB	8ms 8ms	Script application/javascript	18.244.18.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-122.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 00:42:38 GMT content-encoding gzip via 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront) last-modified Thu, 07 Dec 2023 12:13:41 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 age 43879 etag W/"a06e7a176f40dc26aa5e9567ac9d2d5e" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id 6ADkrFVEBdO298CbuEropEsVkgBp5ahRMmlCk5g0J269Jxbi5YiPlw==
GET H3	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 722 B	10ms 10ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:34:58 GMT content-encoding br x-content-type-options nosniff age 1138 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 22 Mar 2024 13:34:58 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 22 Mar 2024 11:48:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3948 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 22 Mar 2024 13:48:08 GMT
POST H3	200	collect www.google-analytics.com/	35 B 55 B	23ms 23ms	Ping image/gif	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 22 Mar 2024 12:53:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 149 B	27ms 27ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1212249-1&cid=1606062156.1711112034&jid=1449234161&uid=1606062156.1711112034&gjid=1426278910&_gid=1254766855.1711112034&npa=1&_u=aGDAgUAjQAAAAEAEK~&z=2094919423 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 22 Mar 2024 12:53:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect www.google-analytics.com/	35 B 55 B	23ms 23ms	Ping image/gif	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 22 Mar 2024 12:53:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://observer.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	35ms 35ms	Image image/gif	2a00:1450:4001:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1212249-1&cid=1606062156.1711112034&jid=1449234161&npa=1&_u=aGDAgUAjQAAAAEAEK~&z=161464640 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 22 Mar 2024 12:53:57 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 126 B	13ms 12ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=832096553515722&ev=PageView&dl=https%3A%2F%2Fobserver.com%2F&rl=&if=false&ts=1711112037036&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711112034585.1843518757&ler=empty&cdl=API_unavailable&cs_est=true&it=1711112034471&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1294, tbw=3128, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 22 Mar 2024 12:53:57 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	rules-p-UtaLhd9K6h6Mf.js Show response rules.quantcount.com/	160 B 643 B	65ms 10ms	Script application/javascript	2600:9000:237d:b400:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-UtaLhd9K6h6Mf.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3afad7944608ccb8f39bb022444e73be0d7d2bc03ade1aebd436d17c3c2eefc4 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:25:31 GMT via 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 age 3187 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Fri, 14 Oct 2022 00:57:38 GMT server AmazonS3 etag "5e639fe6c85b0bcfca5ebb1b7d3b3dec" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id lYa_qB1jO-g1Rvv9rJMLZXyEqvV9Ff1LmCjSyRuEFCfzP3IuJoeyYw==
GET H2	200	modules.0ce9b654b0ac7fef3cf0.js Show response script.hotjar.com/	220 KB 55 KB	31ms 9ms	Script application/javascript	13.32.27.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.0ce9b654b0ac7fef3cf0.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3537567.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-21.fra56.r.cloudfront.net Software / Resource Hash a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 15:15:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 77931 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55498 last-modified Thu, 21 Mar 2024 15:14:32 GMT etag "115ac93274d69bd2c455fda9dea090c8" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id Y97oCLxKdIwz4reYiOOuWAxH7LAu7Kkn1Y5IoqXP_ddRFBvH_HGcTQ==
GET H2	200	browser-perf.8417c6bba72228fa2e29.js Show response script.hotjar.com/	5 KB 2 KB	12ms 11ms	Script application/javascript	13.32.27.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.0ce9b654b0ac7fef3cf0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-21.fra56.r.cloudfront.net Software / Resource Hash 70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 24 Jan 2024 14:32:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 5005310 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 1782 last-modified Wed, 24 Jan 2024 14:31:37 GMT etag "b83b61bc5871e9a23a0434e2c539f4f3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id bIU96fiXjbsggIB8Wg-H-awCWEBbfphzIPsY8n_exMPujnMS7giYFQ==
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	45ms 26ms	Script application/javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 /RTAD1TAPuPWblD15GN1pg== age 76857 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6842 x-ms-lease-status unlocked last-modified Wed, 20 Mar 2024 16:03:51 GMT server cloudflare etag 0x8DC48F7561F532F vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 19d928c2-a01e-008f-4ce0-7ab0e9000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 868653da6e9d1999-FRA
GET H2	200	3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Show response cdn.permutive.com/	365 KB 87 KB	70ms 39ms	Script application/javascript	2606:4700::6811:7711 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Requested by Host: observer.com URL: https://observer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39727f9b7aca589784dccb043e74ad342e0e12d51574a6c56805258391383019 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:57 GMT content-encoding br cf-cache-status HIT x-goog-meta-oid 3b5c18b9-96b7-48e4-a3ef-011eb84a970d age 0 x-guploader-uploadid ABPtcPoN_Y3LgSzJxxaBy3MweMDSGo6OEOX2_CiMitTCqEKO9Gj00kZcDpdF9IeORf3JUQ6qjg x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br content-length 88221 last-modified Mon, 04 Dec 2023 18:06:56 GMT server cloudflare etag "7f7c522a45dee2d28cc83565b3c530ae" vary Accept-Encoding x-goog-generation 1701713216013437 content-type application/javascript x-goog-hash crc32c=SOUSNA==, md5=f3xSKkXe4tKMyDVls8Uwrg== cache-control public, max-age=900 x-goog-stored-content-length 88221 accept-ranges bytes timing-allow-origin * cf-ray 868653da8dfd1992-FRA expires Fri, 22 Mar 2024 13:08:57 GMT
GET H2	200	6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json Show response cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/	3 KB 2 KB	56ms 36ms	XHR application/x-javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cc8f8f131774a8405d79658e64366f7044e6f439cfccaf977aecf0deb4c052e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 62537 content-md5 0CCuNb2oi4MBXRI3Igqd4w== content-length 1135 x-ms-lease-status unlocked last-modified Thu, 12 Nov 2020 16:47:25 GMT server cloudflare etag 0x8D8872AA28370D2 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 9ad88797-901e-0094-7055-148eea000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 868653dabff32c1c-FRA expires Sat, 23 Mar 2024 12:53:57 GMT
GET H2	200	pxid Show response 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/	46 B 382 B	57ms 17ms	XHR application/json	35.241.9.51 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/pxid?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 51.9.241.35.bc.googleusercontent.com Software Permutive / Resource Hash b5d58703479d25caed4fe4bc89e1532ade8d673b842f6203997da9e13b6b2cbc Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type text/plain Response headers date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66
GET H2	200	getuidj Show response ib.adnxs.com/	11 B 694 B	64ms 27ms	XHR application/json	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/getuidj Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type text/plain Response headers pragma no-cache date Fri, 22 Mar 2024 12:53:57 GMT an-x-request-uuid b768d303-eef0-4665-9541-30c4a712171c server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://observer.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.40; 81.95.5.40; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 11 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	68 B 306 B	51ms 31ms	XHR application/json	2606:4700:4400::6812:2089 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:57 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 868653db2c282bc5-FRA access-control-allow-headers Content-Type
GET BLOB	200 OK	ee5bd1a7-bd65-47f7-a5b0-23c125dee0cf https://observer.com/	76 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://observer.com/ee5bd1a7-bd65-47f7-a5b0-23c125dee0cf Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 2f0c89ae1b6ee5da942accbbf66c5853d64ff32b0d08247ebb4fb5fd025bc843 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Length 78105 Content-Type
GET BLOB	200 OK	624718f2-d068-452d-9cb3-91e200b72e70 https://observer.com/	76 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://observer.com/624718f2-d068-452d-9cb3-91e200b72e70 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 2f0c89ae1b6ee5da942accbbf66c5853d64ff32b0d08247ebb4fb5fd025bc843 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Length 78105 Content-Type
GET H2	204	services Show response g2.gumgum.com/publishers/13011/	0 244 B	113ms 34ms	XHR text/plain	54.154.163.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/publishers/13011/services?dp=https%3A%2F%2Fobserver.com%2F&pu=https%3A%2F%2Fobserver.com%2F&ogu=https%3A%2F%2Fobserver.com%2F&rf=&r=3.88.25&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A16%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.88.25%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=f4c0da3eb5a38cec46398122937de40e59f0be12&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1711112037606&to=-60&vpii=false&vph=1200&vpw=1600&productIds=1&gdprApplies=1 Requested by Host: js.gumgum.com URL: https://js.gumgum.com/services.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.154.163.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-163-59.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin https://observer.com date Fri, 22 Mar 2024 12:53:57 GMT access-control-allow-credentials true server nginx timing-allow-origin * etag "0d41d8cd98f00b204e9800998ecf8427e"
GET H2	200	geoip Show response api.permutive.com/v2.0/	265 B 365 B	49ms 19ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash a9f729f66cf1cf13090c497e6cd97aa0ef4e20863c3b25b4de8f6387d710841f Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type text/plain Response headers date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 182
POST H2	200	watson Show response api.permutive.com/v2.0/	307 B 275 B	61ms 31ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/watson?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 90d614055473a8d8bca4a7934c3b3cf482c6b8a021fdac29317880e499286eb5 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type text/plain Response headers date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 219
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.9.0/	341 KB 74 KB	20ms 20ms	Script application/javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 56jOXvghU3RiFIKiZ2Zh+g== age 68021 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 75725 x-ms-lease-status unlocked last-modified Fri, 20 Nov 2020 16:34:12 GMT server cloudflare etag 0x8D88D721D404CB2 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 037c5acf-b01e-0083-4e54-2327e1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 868653db680f1999-FRA
POST H2	200	identify Show response api.permutive.com/v2.0/	50 B 253 B	40ms 25ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/identify?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 396f89903135a84cac32222406ba9ffedfb6499c344a2926b65e1be7f9856d89 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type text/plain Response headers date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70
GET H2	200	en.json Show response cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/	73 KB 13 KB	37ms 37ms	Fetch application/x-javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c724c4cb202cda5ac3fc5dd433b3403995f9c2ddd9b45f52713de38a62deedd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 62536 content-md5 EBsOpg7Elu1REC0UgglQbw== content-length 12888 x-ms-lease-status unlocked last-modified Thu, 12 Nov 2020 16:47:33 GMT server cloudflare etag 0x8D8872AA6D573E5 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 276d6e86-b01e-0058-7432-0de1dc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 868653dba8e82c1c-FRA expires Sat, 23 Mar 2024 12:53:57 GMT
POST H2	200	segment Show response api.permutive.com/adv/v2/	36 B 91 B	26ms 26ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/adv/v2/segment?new-session=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 95ad89143c22c60442bfab4646c8a5e85cef5f091e0f26405a160e2197f73706 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type text/plain Response headers access-control-allow-origin * date Fri, 22 Mar 2024 12:53:57 GMT via 1.1 google server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36 content-type application/json
POST H2	200	audiences Show response api.permutive.com/audience-matching/v1/id/34cf360a-5c59-41b0-90ca-ef0b8d21c1f9/	12 B 64 B	80ms 80ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/audience-matching/v1/id/34cf360a-5c59-41b0-90ca-ef0b8d21c1f9/audiences?k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software / Resource Hash 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 22 Mar 2024 12:53:57 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12 content-type application/json
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.9.0/assets/	13 KB 4 KB	19ms 19ms	Fetch application/json	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 nLr4hEi4fuLY/p0DQsLcMA== age 62536 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3343 x-ms-lease-status unlocked last-modified Fri, 20 Nov 2020 16:34:03 GMT server cloudflare etag 0x8D88D721792550E vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 5b42768b-401e-004c-1da4-0ba9b3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 868653dbe9292c1c-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.9.0/assets/	62 KB 15 KB	21ms 21ms	Fetch application/json	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://observer.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 22 Mar 2024 12:53:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 ue/MTNcIjSCNWtleQfbrzg== age 62536 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 14986 x-ms-lease-status unlocked last-modified Fri, 20 Nov 2020 16:34:03 GMT server cloudflare etag 0x8D88D7217E98574 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 0a5af3cd-701e-0025-5690-1390ff000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 868653dbe92a2c1c-FRA
GET DATA	200 OK	truncated /	817 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	sdk-runtime-config.js Show response sandbox.tinypass.com/api/v3/anon/assets/	266 B 510 B	35ms 25ms	XHR application/json	2606:4700::6812:eff8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sandbox.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=CMrLcDjZsu Requested by Host: sandbox.tinypass.com URL: https://sandbox.tinypass.com/api/tinypass.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07d47d87c01acccf40beaa5f1f8fd0f94a0c4b9928929009b6694bb5697e3d7b Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 22 Mar 2024 12:53:57 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status HIT age 897 p3p CP="NON DSP COR OUR IND" x-forwarded-https on alt-svc h3=":443"; ma=86400 x-request-id S0t1rasvjwu wn sandbox-vx-dash-10-13-137-95 last-modified Fri, 22 Mar 2024 12:39:00 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * server-time 0.009 cache-control public, max-age=14400 cf-ray 868653dc4b6a30d6-FRA expires Fri, 22 Mar 2024 16:53:57 GMT
POST H3	200	events Show response api.permutive.com/v2.0/batch/	101 B 129 B	137ms 137ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash f7705a9f27676fc61245f26eefdf55b98ad1565f4b03479eda5d1407b842df4d Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type text/plain Response headers date Fri, 22 Mar 2024 12:53:58 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://observer.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111
POST H3	200	state Show response api.permutive.com/v1.0/	0 34 B	59ms 59ms	XHR text/plain	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v1.0/state?fetch_unseen=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400 Requested by Host: cdn.permutive.com URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://observer.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type text/plain Response headers access-control-allow-origin * date Fri, 22 Mar 2024 12:53:58 GMT content-encoding gzip via 1.1 google server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20