www.newsobserver.com Open in urlscan Pro
2.17.183.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.newsobserver.com/
Effective URL:
https://www.newsobserver.com/
Submission: On February 12 via manual (February 12th 2021, 8:37:19 pm UTC) from PH

Summary HTTP 277 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 91 IPs in 9 countries across 64 domains to perform 277 HTTP transactions. The main IP is 2.17.183.44, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.newsobserver.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 11th 2021. Valid for: a year.

This is the only time www.newsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 55	2.17.183.44 2.17.183.44	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:710... 2a02:26f0:7100:491::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2600:9000:212... 2600:9000:2127:1c00:15:d134:4e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
14	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	52.212.164.82 52.212.164.82	16509 (AMAZON-02) (AMAZON-02)
4	108.128.13.248 108.128.13.248	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.94.11 65.9.94.11	16509 (AMAZON-02) (AMAZON-02)
1	52.48.248.240 52.48.248.240	16509 (AMAZON-02) (AMAZON-02)
8	65.9.99.50 65.9.99.50	16509 (AMAZON-02) (AMAZON-02)
1	34.241.227.67 34.241.227.67	16509 (AMAZON-02) (AMAZON-02)
2	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 2	34.250.160.229 34.250.160.229	16509 (AMAZON-02) (AMAZON-02)
1	104.108.145.83 104.108.145.83	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3 13	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	199.232.198.217 199.232.198.217	54113 (FASTLY) (FASTLY)
1	35.244.220.155 35.244.220.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:2e00:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:ce00:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
2	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1	2600:9000:212... 2600:9000:2127:4400:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	52.212.193.208 52.212.193.208	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:2200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.94.50 65.9.94.50	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.94.33 65.9.94.33	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
3	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
8	65.9.98.193 65.9.98.193	16509 (AMAZON-02) (AMAZON-02)
1 3	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
3	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.61 65.9.95.61	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
1	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	54.198.41.31 54.198.41.31	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:803::2013	15169 (GOOGLE) (GOOGLE)
4	18.208.113.131 18.208.113.131	14618 (AMAZON-AES) (AMAZON-AES)
1	35.201.100.179 35.201.100.179	15169 (GOOGLE) (GOOGLE)
3	18.235.56.156 18.235.56.156	14618 (AMAZON-AES) (AMAZON-AES)
1	52.46.130.43 52.46.130.43	16509 (AMAZON-02) (AMAZON-02)
2	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
4	65.9.94.69 65.9.94.69	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
12	2a04:4e42:1b:... 2a04:4e42:1b::539	54113 (FASTLY) (FASTLY)
1	35.201.103.116 35.201.103.116	15169 (GOOGLE) (GOOGLE)
1	35.190.34.148 35.190.34.148	15169 (GOOGLE) (GOOGLE)
1	35.227.238.167 35.227.238.167	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1 2	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	213.155.156.184 213.155.156.184	1299 (TELIANET ...) (TELIANET Telia Carrier)
8	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.106 185.64.190.106	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 3	99.80.71.186 99.80.71.186	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1 1	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.227.229.34 35.227.229.34	15169 (GOOGLE) (GOOGLE)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	130.211.47.17 130.211.47.17	15169 (GOOGLE) (GOOGLE)
1	34.107.221.36 34.107.221.36	15169 (GOOGLE) (GOOGLE)
1	54.225.129.141 54.225.129.141	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
277	91

55 2.17.183.44 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-183-44.deploy.static.akamaitechnologies.com

www.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media2.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100:491::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2127:1c00:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ovp.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.164.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-164-82.eu-west-1.compute.amazonaws.com

mcclatchy.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.128.13.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.11 (United States)

ASN16509 (AMAZON-02, US)

mcclatchy-newsobserver.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.99.50 (United States)

ASN16509 (AMAZON-02, US)

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.227.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-227-67.eu-west-1.compute.amazonaws.com

mcclatchy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

mcclatchy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.160.229 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-160-229.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.83 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-83.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.217 (United States)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.220.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 155.220.244.35.bc.googleusercontent.com

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:2e00:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:ce00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:4400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.193.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com

mboxedge37.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:2200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.50 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.33 (United States)

ASN16509 (AMAZON-02, US)

analytics-check.publishersite.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.98.193 (United States)

ASN16509 (AMAZON-02, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.64.33 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.61 (United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.198.41.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

geo.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.208.113.131 (United States)

ASN14618 (AMAZON-AES, US)

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.100.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)

connect.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.235.56.156 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-56-156.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.130.43 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.94.69 (United States)

ASN16509 (AMAZON-02, US)

context.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.14.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.240 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

mcclatchy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42:1b::539 (United States)

ASN54113 (FASTLY, US)

manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.103.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.34.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.238.167 (Kansas City, United States)

ASN15169 (GOOGLE, US)

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.145.8 (Berlin, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.80.71.186 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-71-186.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.252 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.227 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.229.34 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eb3764f84be289d7493c45df205d73b6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.47.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.221.36 (Kansas City, United States)

ASN15169 (GOOGLE, US)

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.129.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	newsobserver.com 2 redirects www.newsobserver.com media2.newsobserver.com	1 MB
21	doubleclick.net 4 redirects pubads.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	144 KB
21	google.com www.google.com contributor.google.com fundingchoicesmessages.google.com adservice.google.com	125 KB
20	boltdns.net cf-images.us-east-1.prod.boltdns.net manifest.prod.boltdns.net	1 MB
16	googlesyndication.com 1 redirects pagead2.googlesyndication.com eb3764f84be289d7493c45df205d73b6.safeframe.googlesyndication.com tpc.googlesyndication.com	45 KB
16	pubmatic.com ads.pubmatic.com image6.pubmatic.com hbopenbid.pubmatic.com image2.pubmatic.com aud.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	38 KB
10	everesttech.net 9 redirects cm.everesttech.net lasteventf-tm.everesttech.net sync-tm.everesttech.net	2 KB
9	mcclatchy.com media.mcclatchy.com	123 KB
8	brightcove.com edge.api.brightcove.com	36 KB
8	iris.tv ovp.iris.tv context.iris.tv	62 KB
7	cookielaw.org cdn.cookielaw.org	112 KB
6	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	26 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	866 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	379 KB
5	demdex.net dpm.demdex.net mcclatchy.demdex.net	9 KB
4	openx.net 2 redirects mcclatchy-d.openx.net us-u.openx.net	1 KB
4	criteo.com bidder.criteo.com dis.criteo.com gum.criteo.com	734 B
4	adnxs.com 2 redirects ib.adnxs.com	4 KB
4	postrelease.com jadserve.postrelease.com	2 KB
4	omtrdc.net mcclatchy.tt.omtrdc.net mcclatchy.sc.omtrdc.net mboxedge37.tt.omtrdc.net	4 KB
3	googletagservices.com www.googletagservices.com	93 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	cdnbasket.net data.cdnbasket.net page.cdnbasket.net view.cdnbasket.net	1 KB
3	bounceexchange.com assets.bounceexchange.com api.bounceexchange.com	139 KB
3	chartbeat.net ping.chartbeat.net	505 B
3	amazon-adsystem.com c.amazon-adsystem.com	34 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	criteo.net static.criteo.net	38 KB
3	rlcdn.com ats.rlcdn.com geo.rlcdn.com api.rlcdn.com	60 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	onetrust.com geolocation.onetrust.com	1 KB
3	adobedtm.com assets.adobedtm.com	18 KB
2	cdnwidget.com ids.cdnwidget.com e.cdnwidget.com	240 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	1 KB
2	adform.net 2 redirects c1.adform.net	823 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	993 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	rubiconproject.com fastlane.rubiconproject.com pixel.rubiconproject.com	3 KB
2	google.de www.google.de	215 B
2	parsely.com cdn.parsely.com p1.parsely.com	24 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	78 KB
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	12 KB
2	scroll.com static.scroll.com connect.scroll.com	7 KB
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	903 B
2	quantserve.com edge.quantserve.com pixel.quantserve.com	9 KB
2	crwdcntrl.net ad.crwdcntrl.net tags.crwdcntrl.net	13 KB
1	ipify.org api.ipify.org	260 B
1	facebook.com www.facebook.com	464 B
1	mathtag.com 1 redirects sync.mathtag.com	680 B
1	simpli.fi um.simpli.fi	609 B
1	zeotap.com mwzeom.zeotap.com	387 B
1	2mdn.net s0.2mdn.net	11 KB
1	amazonaws.com sqs.us-east-1.amazonaws.com	658 B
1	wknd.ai tag.wknd.ai	3 KB
1	indexww.com js-sec.indexww.com	26 KB
1	publishersite.xyz analytics-check.publishersite.xyz	393 B
1	quantcount.com rules.quantcount.com	1 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	ntv.io s.ntv.io	102 KB
1	zeustechnology.com mcclatchy-newsobserver.zeustechnology.com	53 KB
1	googleadservices.com www.googleadservices.com	15 KB
277	64

	Domain	Requested by
39	www.newsobserver.com	2 redirects www.newsobserver.com
14	fundingchoicesmessages.google.com	www.newsobserver.com
12	manifest.prod.boltdns.net	www.newsobserver.com
11	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net www.newsobserver.com tpc.googlesyndication.com
9	media.mcclatchy.com	www.newsobserver.com media.mcclatchy.com
8	sync-tm.everesttech.net	8 redirects
8	edge.api.brightcove.com	www.newsobserver.com
8	cf-images.us-east-1.prod.boltdns.net	www.newsobserver.com
7	securepubads.g.doubleclick.net	mcclatchy-newsobserver.zeustechnology.com securepubads.g.doubleclick.net www.newsobserver.com www.googletagservices.com
7	pubads.g.doubleclick.net	www.newsobserver.com media2.newsobserver.com imasdk.googleapis.com
7	cdn.cookielaw.org	www.newsobserver.com cdn.cookielaw.org
7	media2.newsobserver.com	www.newsobserver.com media2.newsobserver.com
5	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com www.newsobserver.com
5	cm.g.doubleclick.net	4 redirects www.newsobserver.com
5	imasdk.googleapis.com	www.newsobserver.com imasdk.googleapis.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ib.adnxs.com	2 redirects mcclatchy-newsobserver.zeustechnology.com www.newsobserver.com
4	context.iris.tv	ovp.iris.tv
4	jadserve.postrelease.com	s.ntv.io www.newsobserver.com
4	www.i.matheranalytics.com	www.newsobserver.com
4	fonts.gstatic.com	fonts.googleapis.com
4	dpm.demdex.net	media2.newsobserver.com www.newsobserver.com
4	ovp.iris.tv	www.newsobserver.com ovp.iris.tv
4	www.google.com	www.newsobserver.com
3	www.googletagservices.com	www.newsobserver.com securepubads.g.doubleclick.net
3	simage2.pubmatic.com	ads.pubmatic.com
3	match.adsrvr.org	2 redirects js-sec.indexww.com
3	ping.chartbeat.net	www.newsobserver.com
3	c.amazon-adsystem.com	www.newsobserver.com c.amazon-adsystem.com
3	sb.scorecardresearch.com	1 redirects www.newsobserver.com
3	ads.pubmatic.com	mcclatchy-newsobserver.zeustechnology.com ads.pubmatic.com
3	static.criteo.net	mcclatchy-newsobserver.zeustechnology.com www.newsobserver.com
3	www.google-analytics.com	media2.newsobserver.com www.google-analytics.com
3	geolocation.onetrust.com	cdn.cookielaw.org www.newsobserver.com
3	assets.adobedtm.com	www.newsobserver.com assets.adobedtm.com
2	sync.search.spotxchange.com	1 redirects www.newsobserver.com
2	us-u.openx.net	1 redirects www.newsobserver.com
2	ups.analytics.yahoo.com	2 redirects
2	c1.adform.net	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects www.newsobserver.com
2	mcclatchy-d.openx.net	1 redirects www.newsobserver.com
2	bidder.criteo.com	static.criteo.net
2	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
2	www.google.de	www.newsobserver.com
2	confiant-integrations.global.ssl.fastly.net	www.newsobserver.com confiant-integrations.global.ssl.fastly.net
2	secure-us.imrworldwide.com	1 redirects www.newsobserver.com
2	js.matheranalytics.com	1 redirects www.newsobserver.com
2	mcclatchy.sc.omtrdc.net	media2.newsobserver.com
2	contributor.google.com	www.newsobserver.com
1	gum.criteo.com	static.criteo.net
1	api.ipify.org	www.newsobserver.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	e.cdnwidget.com	www.newsobserver.com
1	ids.cdnwidget.com	assets.bounceexchange.com
1	eb3764f84be289d7493c45df205d73b6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.facebook.com	www.newsobserver.com
1	api.rlcdn.com	js-sec.indexww.com
1	api.bounceexchange.com	assets.bounceexchange.com
1	image4.pubmatic.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	adservice.google.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	pixel.rubiconproject.com	www.newsobserver.com
1	fastlane.rubiconproject.com	mcclatchy-newsobserver.zeustechnology.com
1	hbopenbid.pubmatic.com	mcclatchy-newsobserver.zeustechnology.com
1	image6.pubmatic.com	ads.pubmatic.com
1	p1.parsely.com	www.newsobserver.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	pixel.quantserve.com	www.newsobserver.com
1	connect.scroll.com	static.scroll.com
1	geo.rlcdn.com	ats.rlcdn.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	lasteventf-tm.everesttech.net	media2.newsobserver.com
1	tag.wknd.ai	media2.newsobserver.com
1	cdn.parsely.com	www.newsobserver.com
1	js-sec.indexww.com	mcclatchy-newsobserver.zeustechnology.com
1	analytics-check.publishersite.xyz	mcclatchy-newsobserver.zeustechnology.com
1	tags.crwdcntrl.net	www.newsobserver.com
1	rules.quantcount.com	edge.quantserve.com
1	mboxedge37.tt.omtrdc.net	www.newsobserver.com
1	static.chartbeat.com	media2.newsobserver.com
1	dyv1bugovvq1g.cloudfront.net	www.newsobserver.com
1	d15kdpgjg3unno.cloudfront.net	www.newsobserver.com
1	ats.rlcdn.com	www.newsobserver.com
1	static.scroll.com	www.newsobserver.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	s.ntv.io	www.newsobserver.com
1	edge.quantserve.com	media2.newsobserver.com
1	cm.everesttech.net	1 redirects
1	mcclatchy.demdex.net	media2.newsobserver.com
1	ad.crwdcntrl.net	www.newsobserver.com
1	mcclatchy-newsobserver.zeustechnology.com	www.newsobserver.com
1	www.gstatic.com	www.google.com
1	mcclatchy.tt.omtrdc.net	www.newsobserver.com
1	www.googleadservices.com	www.newsobserver.com
1	fonts.googleapis.com	www.newsobserver.com
277	106

This site contains links to these domains. Also see Links.

Domain
account.newsobserver.com
support.newsobserver.com
www.facebook.com
instagram.com
twitter.com
photostore.newsobserver.com
t.news.newsobserver.com
markets.financialcontent.com
kidstownnc.com
games.newsobserver.com
artsnownc.com
www.triangletoday.com
www.legacy.com
placead.mcclatchy.com
triangle.adperfect.com
placead2.newsobserver.com
jobs.newsobserver.com
www.legalnotice.org
covidtracking.com
gisanddata.maps.arcgis.com
policies.google.com
newsobserver.com
www.youtube.com
mcciservices.newscyclecloud.com
www.mcclatchy.com
k12nie.com
classifieds.newsobserver.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert SHA2 Secure Server CA	`2021-02-11` - `2022-01-31`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
iris.tv Amazon	`2020-10-10` - `2021-11-10`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.zeustechnology.com Amazon	`2020-06-13` - `2021-07-13`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.prod.boltdns.net Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-04` - `2021-04-03`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.scroll.com R3	`2021-01-03` - `2021-04-03`	3 months	crt.sh
ats.rlcdn.com GTS CA 1D2	`2021-01-12` - `2021-04-12`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
publishersite.xyz Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.api.brightcove.com Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
tag.wknd.ai R3	`2021-01-27` - `2021-04-27`	3 months	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-11` - `2021-04-20`	2 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
geo.rlcdn.com GTS CA 1D2	`2020-12-28` - `2021-03-28`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
queue.amazonaws.com Amazon	`2020-12-04` - `2021-12-03`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D2	`2020-12-24` - `2021-03-24`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
brightcove.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-28` - `2021-04-20`	7 months	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2020-07-29` - `2021-09-27`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
api.bounceexchange.com GTS CA 1D2	`2020-12-25` - `2021-03-25`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
ids.cdnwidget.com GTS CA 1D2	`2021-02-03` - `2021-05-04`	3 months	crt.sh
e.cdnwidget.com GTS CA 1D2	`2020-12-18` - `2021-03-18`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.newsobserver.com/
Frame ID: 5CD0DB1F9ECC842A6839C620F2409F15
Requests: 220 HTTP requests in this frame

Frame: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: 08AFB982FE98DB62906C446C7E61844D
Requests: 10 HTTP requests in this frame

Frame: https://sb.scorecardresearch.com/beacon.js
Frame ID: C1C4D1C187D3291E7D18FAE53E652CB5
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 246BC4D71EBE26C97A86A83E36D8FC50
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html
Frame ID: 7976E5EA094B250616266E611BA4FEC9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html
Frame ID: 8BC5C3CCF45D652C67B99D5A43FE5765
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html
Frame ID: 62C46D203A70391D598408EB9AC49188
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html
Frame ID: 09386E02BBE8CDFE384C229E13E6DE61
Requests: 2 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 1ACF787DC68B175A743F4537FAC5AEB5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7999128407811854055
Frame ID: CF842AEF069ABD76E4D30227B01E2F73
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 691C6939963233B076166C24EAB571AF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkdI0ph5qoWbDMdURC2rHkdCo1HxEjbxypR4whe9V0heVcoB9RqAuik7cIDneXiOcfvfLsOnIPCjJfVVbX6kcxAi-5YJIwovL0BZqNQSwZnDbWt7yACq-9tZ1f3uh5pnsVzs3zCLzZ5tTqlv7ZeBromttKTSth3kzn-QOIm6-6X2SggwdRJuboSK45A2u9NhadOG3wJn10n5wFUUWziKeATaCvQfRgrk4_WPHjoFS6MooL260oVXtr0oOPG6FpkBGV-w08n_W39ItbafSEFQcp9Gb6rPzYlYQsh7vKpowt3jAG2o5Ud5i3hU5D1jlAthu9M_kX&sig=Cg0ArKJSzGWh3Vp_DEwHEAE&adurl=
Frame ID: 5313671FE7B51DF2206BB538C1003B0C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/14221371079760943072
Frame ID: 3F5F6E3022AB86FA5B6172210E5B1384
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3MrFvDikpWmTRxpVg_Y4FBksNOG0CZ3cPgwcf7CRkUKCdMcaXNXu9nWUizUS51o2ewKDAzbwwnUUTkGJF9Virx_pYNmZleijfBXnnjy05kD9Y7Ipk6hkDHQW-q3ZzCJJ1_9E6e39ArU3LPAmOu674FqAwZJwcWcaIx2s1WTN2JMVT8Z6K6uFZtQO_wpb34rP3eUWuAhdHod0jIUekpFtUUof8kofHXWgHEkcCn-slKXRkwFEmjJYgpX6JnLAbLipEI_DJP5FUO8Ge49v0eyIeD7O8vpLHWqOGA8bn7dHKnQUhljfWuDfc9SE8KIhRWif-MIb9&sig=Cg0ArKJSzMclNK-WqoSyEAE&adurl=
Frame ID: 7B2D56B356F84500A669F7D1F6971C72
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.newsobserver.com
Frame ID: F61B41C9BD1F0DDCD87DA11E91042963
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 147BD77F9600A0FDA1762BFF9357B4A9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.newsobserver.com/ HTTP 301
https://www.newsobserver.com/ Page URL

Page Statistics

277
Requests

98 %
HTTPS

31 %
IPv6

64
Domains

106
Subdomains

91
IPs

9
Countries

4978 kB
Transfer

12038 kB
Size

58
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://account.newsobserver.com/static/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://account.newsobserver.com/static/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: http://support.newsobserver.com/#navlink=subnav
Title: Support

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsandobserver/#navlink=subnav
Title: Facebook

Search URL Search Domain Scan URL

URL: http://instagram.com/newsobserver/#navlink=subnav
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/newsobserver/#navlink=subnav
Title: Twitter

Search URL Search Domain Scan URL

URL: http://photostore.newsobserver.com/mycapture/index.asp#navlink=subnav
Title: Buy Photos

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://markets.financialcontent.com/mi.newsob/markets/#navlink=subnav
Title: Stocks Center

Search URL Search Domain Scan URL

URL: http://kidstownnc.com/#navlink=subnav
Title: Family

Search URL Search Domain Scan URL

URL: http://games.newsobserver.com/?arkpromo=site_subnav
Title: Games and Puzzles

Search URL Search Domain Scan URL

URL: http://artsnownc.com/#navlink=subnav
Title: ArtsNow

Search URL Search Domain Scan URL

URL: http://games.newsobserver.com/#navlink=subnav
Title: Games

Search URL Search Domain Scan URL

URL: http://www.triangletoday.com/#navlink=subnav
Title: Nightlife

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/newsobserver/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placead.mcclatchy.com/obits/raleigh/home/listItems.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: http://triangle.adperfect.com/?catid=198#navlink=subnav
Title: Apartments

Search URL Search Domain Scan URL

URL: http://triangle.adperfect.com/?catid=201#navlink=subnav
Title: Cars

Search URL Search Domain Scan URL

URL: http://triangle.adperfect.com/?catid=197#navlink=subnav
Title: Homes

Search URL Search Domain Scan URL

URL: http://triangle.adperfect.com/?catid=191#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: http://placead2.newsobserver.com/#navlink=subnav
Title: Obits/In Memoriams

Search URL Search Domain Scan URL

URL: https://jobs.newsobserver.com/#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: http://www.legalnotice.org/pl/newsobserver/landing1.aspx#navlink=subnav
Title: Legals

Search URL Search Domain Scan URL

URL: https://covidtracking.com/
Title: The COVID Tracking Project

Search URL Search Domain Scan URL

URL: https://gisanddata.maps.arcgis.com/apps/opsdashboard/index.html#/bda7594740fd40299423467b48e9ecf6
Title: Johns Hopkins University CSSE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Farticle249162825.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Farticle249162825.html&text=Wake%20educators%20prepare%20for%20students%20to%20return%20to%20the%20classroom%20amid%20pandemic

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.newsobserver.com%2Fsports%2Fcollege%2Facc%2Func%2Farticle249210505.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.newsobserver.com%2Fsports%2Fcollege%2Facc%2Func%2Farticle249210505.html&text=UNC%27s%20Roy%20Williams%20says%20maskless%20partying%20is%20not%20like%20storming%20the%20Capitol

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Fcrime%2Farticle249185580.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Fcrime%2Farticle249185580.html&text=Mother%20of%20slain%20UPS%20driver%20runs%20from%20Raleigh%20courtroom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fweather-news%2Farticle249147295.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fweather-news%2Farticle249147295.html&text=Freezing%20rain%20could%20make%20roads%20slick%20in%20the%20Triangle%20this%20weekend

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://newsobserver.com/mobile
Title: Raleigh News & Observer App

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsandobserver
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/newsobserver
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/newsobservertube
Title:

Search URL Search Domain Scan URL

URL: https://account.newsobserver.com/static/subscribe/#navlink=mi_footer
Title: Start a Subscription

Search URL Search Domain Scan URL

URL: https://mcciservices.newscyclecloud.com/cgi-bin/cmo_mcc-c-cmdb-est-01.sh/custservice/web/login.html?siteid=RAL#navlink=mi_footer
Title: Vacation Hold

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-observer/#navlink=mi_footer
Title: About Us

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://k12nie.com/?p=newsobserver/#navlink=mi_footer
Title: News in Education

Search URL Search Domain Scan URL

URL: http://www.legalnotice.org/pl/newsobserver/landing1.aspx#navlink=mi_footer
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://classifieds.newsobserver.com/#navlink=mi_footer
Title: Place a Classified

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.newsobserver.com/ HTTP 301
https://www.newsobserver.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://www.newsobserver.com/latest-news/wbq9um/picture249137440/alternates/LANDSCAPE_768/STATESYR08-020921-EDH.jpg HTTP 301
https://www.newsobserver.com/latest-news/6deexc/picture249137440/alternates/LANDSCAPE_768/STATESYR08-020921-EDH.jpg

Request Chain 68

https://cm.everesttech.net/cm/dd?d_uuid=78504185574958867700543501382980317037 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YCbm4wAAAJeanVxO

Request Chain 69

https://js.matheranalytics.com/s/ma12095/74930332/sp.js?cb=1556 HTTP 301
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js

Request Chain 74

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1613162211377 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1613162211377&ja=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Nzg1MDQxODU1NzQ5NTg4Njc3MDA1NDM1MDEzODI5ODAzMTcwMzc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI_fcqizTmUv1R6HSQATpPM&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 147

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1613162211911&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1613162211911&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c9=&cs_ak_ss=1

Request Chain 151

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUNibTR3QUFBSmVhblZ4Tw==

Request Chain 160

https://mcclatchy-d.openx.net/w/1.0/arj?auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200x24&tz=-60&nocache=1613162212191&us_privacy=1--- HTTP 302
https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200x24&tz=-60&nocache=1613162212191&us_privacy=1---

Request Chain 164

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YCbm4wAAAJeanVxO&expires=90

Request Chain 195

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCbm4wAAAJeanVxO HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCbm4wAAAJeanVxO&C=1

Request Chain 200

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7999128407811854055

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bMdWKWffQwqLPAjsk5rPWA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 204

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6CC75629-67DF-430A-8B3C-08EC939ACF58&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6CC75629-67DF-430A-8B3C-08EC939ACF58&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 205

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6CC75629-67DF-430A-8B3C-08EC939ACF58&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6CC75629-67DF-430A-8B3C-08EC939ACF58&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6CC75629-67DF-430A-8B3C-08EC939ACF58&addseg=17

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkNDNzU2MjktNjdERi00MzBBLThCM0MtMDhFQzkzOUFDRjU4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP6Zw8Uz8dkgujkU2cUDV5A&google_cver=1

Request Chain 209

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23

Request Chain 210

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1800316369878671084

Request Chain 211

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&gdpr=0&gdpr_consent=

Request Chain 212

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7937665806395004972&gdpr=0&gdpr_consent=

Request Chain 213

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6CC75629-67DF-430A-8B3C-08EC939ACF58&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6CC75629-67DF-430A-8B3C-08EC939ACF58&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L2a9_bp1l2KuGfm8jNRJ9QQIf8ssVpM-&gdpr=0&gdpr_consent=

Request Chain 214

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YCbm4wAAAJeanVxO

Request Chain 216

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YCbm4wAAAJeanVxO HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YCbm4wAAAJeanVxO

Request Chain 221

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YCbm4wAAAJeanVxO

Request Chain 228

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YCbm4wAAAJeanVxO&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YCbm4wAAAJeanVxO&img=1&__user_check__=1&sync_id=0a5bd4c0-6d72-11eb-bb19-18b2794d1706

Request Chain 235

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YCbm4wAAAJeanVxO&t=2592000&o=0

Request Chain 244

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDnq7jUeBABGAEoATIIRCa0hO01vLpA1fzu7AU HTTP 301
https://tpc.googlesyndication.com/simgad/14221371079760943072

277 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.newsobserver.com/
Redirect Chain

http://www.newsobserver.com/
https://www.newsobserver.com/

187 KB
32 KB

83ms
34ms

Document
text/html

2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 040bec767bd32fa6cb0666f8e1080af77501353dc4c03d5b30bf228adcb28790

Request headers

:method: GET
:authority: www.newsobserver.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-proxy-forwarding-type: BlackList
mi-api: WPS
content-type: text/html;charset=utf-8
surrogate-control: varnish=ESI/2.1
x-varnish: 93359650, 144645961 146246370
last-modified: Fri, 12 Feb 2021 20:35:56 GMT
etag: W/"2e97e-Sm3U0vIZigy8aDhYduQtDvpjHW8"
content-encoding: gzip
x-mi-in-market: 0
server: MI
mi-cache-age: 31
vary: Accept-Encoding
mi-cache: HIT
x-akamai-transformed: 9 - 0 pmb=mTOE,2
expires: Fri, 12 Feb 2021 20:36:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 12 Feb 2021 20:36:50 GMT
content-length: 31634
set-cookie: ak_bmsc=DBAF2264A119BFEF20EF497D78E0894802148F94E12F0000E2E62660D36CBE16~plaH1zsDdUw+k0KNekjORavd5+pTORlrN6QBIERw4GlURtNhwF2p6OsnAsHrDbnd7OP1kpaK1usZzYz6VP19lXPKqSBurnksRVrR3tIk4HQVajudQvhb6Guvj3Kglw6n6/7nv0kn6ueQ63ju1/JjlG4GMknGl+qQ+PBmuCjj+pu9CP58yhPIX+4dSv3YczoVIogFtYcUivm1mOFfkmMjFR3WqjaKnNicM6OSTBONk9wTg=; expires=Fri, 12 Feb 2021 22:36:50 GMT; max-age=7200; path=/; domain=.newsobserver.com; HttpOnly bm_mi=8495512CDDDEFBAE13DDA7935F3F3387~KKeWfBhI0EDliY6b6exahgpeGljXLZv2qq2IH23Ke2GnBFMA4Ahi34q/qoFCe6x7AZayxv7MhebLrAwMvjKKSo8fAwdpf8t+g0oTSHZuqNiqab3crPka9NjXPF3zTrgnv0+8zOiGuESwA5u1M9yOy+dESjlB4jrhSHT2PbJJOebWKXl2zEQRsr4IMYCQM6y8Vj+tHNYdLuNHlHLGUAVciKJdyfFcKR7PU2Ym80IL46A=; Domain=.newsobserver.com; Path=/; Max-Age=0; HttpOnly
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.newsobserver.com/
Date: Fri, 12 Feb 2021 20:36:50 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *

GET
H2 200 core.js Show response
www.newsobserver.com/static/yozons-lib/ 51 KB
16 KB 28ms
25ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/core.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8abbdc3685d5a8bb7a9296219d5d5980a9f6ae052db807e99e90b154def4769d

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 210
content-length: 16062
last-modified: Wed, 03 Feb 2021 18:48:24 GMT
server: MI
etag: W/"cc2f-5ba730821ee00"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 122970715, 11566675 18252313
access-control-allow-origin: *
cache-control: max-age=123
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 newsobserver.js Show response
media2.newsobserver.com/misites/nao/ 2 KB
1 KB 62ms
58ms Script
text/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 18f9e6b96e326a7aa705c687fc8893c6b2df53acce477aefe2d0239d7b82fcb5

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 21:38:27 GMT
server: Apache
etag: "9f8-56b038eb73ac0"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1085

GET
H2 200 launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js Show response
assets.adobedtm.com/ 59 KB
17 KB 22ms
7ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 21856c91a409382f3b2eeec72e984ff71ffd7f3883c3f96c3b226793cf4db66e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 16:49:22 GMT
server: AkamaiNetStorage
etag: "541f738fded75f1d8b5793df038eb3d3:1611161362.798777"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.newsobserver.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 17389
expires: Fri, 12 Feb 2021 21:36:50 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 36ms
17ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XGEj0K3rTilYfgfnFZGB2g==
age: 6856
vary: Accept-Encoding
content-length: 4211
cf-request-id: 08398efe8900001f45b5bc0000000001
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:37:57 GMT
server: cloudflare
etag: 0x8D8C35FA1761C2B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 89c4d4e9-301e-0099-5a55-f55724000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62091aaa7a141f45-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 36ms
17ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mHlk9fiiqYjvq2V+HtACPg==
age: 6856
vary: Accept-Encoding
cf-request-id: 08398efe8900001f45bd960000000001
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jul 2020 15:45:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 35967221-501e-000a-11f4-bdc16f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 62091aaa7a181f45-FRA

GET
H2 200 vendor.bundle-af2280e5bf1fac00e2b0.js Show response
www.newsobserver.com/wps/build/webpack/ 395 KB
120 KB 44ms
42ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b468571983721e0e8522a0901f4a702584ec47df334a48ffc191617d1f3e21b1

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 43690
content-length: 122375
last-modified: Wed, 03 Feb 2021 19:08:07 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"62dbd-177694b6dd8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 52916343, 205213449 198217917
access-control-allow-origin: *
cache-control: max-age=283701
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-15539dde6db92a4565c1.js Show response
www.newsobserver.com/wps/build/webpack/ 13 KB
5 KB 44ms
42ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-header.bundle-15539dde6db92a4565c1.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 144214
content-length: 4394
last-modified: Wed, 03 Feb 2021 19:08:07 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"3412-177694b6dd8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 48335745, 209008757 186718534
access-control-allow-origin: *
cache-control: max-age=310287
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 10 KB
994 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52756abd619702a4516f7824a8dd53ab998c36020ffd1c9ec91069e960354f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 20:36:50 GMT
server: ESF
date: Fri, 12 Feb 2021 20:36:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 20:36:50 GMT

GET
H2 200 mi-styles.455493d63d213cbc34d9.css
www.newsobserver.com/wps/build/webpack/css/ 203 KB
42 KB 31ms
29ms Stylesheet
text/css 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.455493d63d213cbc34d9.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e512855bc21c496daaa4e36329e126ae4a3126f86388ea98d606dcad79bc101c

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 385
content-length: 42613
last-modified: Tue, 02 Feb 2021 19:49:35 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"32c9d-177644b0898"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 16429167, 457833 8181718
access-control-allow-origin: *
cache-control: max-age=336264
access-control-allow-credentials: false
mi-cache: HIT
content-type: text/css;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 guid.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 1 KB
964 B 52ms
50ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/guid.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 57220
content-length: 547
last-modified: Wed, 03 Feb 2021 19:06:05 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"505-17769499148"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 44154480, 56851831 73273240
access-control-allow-origin: *
cache-control: max-age=253078
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
643 B 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 1; mode=block
expires: Fri, 12 Feb 2021 20:36:51 GMT

GET
H2 200 2caf822c Show response
www.newsobserver.com/akam/11/ 32 KB
11 KB 26ms
26ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/11/2caf822c
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a821a1596f0eedef9126d3241364f52b91be45707587b636b375db1184e46b14

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:04:39 GMT
etag: "e5e0af7b84f30a91133efebabcf812793ebebebf455e6f8b6935d2984cf8c87c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 10444
expires: Fri, 12 Feb 2021 20:36:51 GMT

GET
H2 200 main.b65b1c70.css
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 5 KB
2 KB 68ms
64ms Stylesheet
text/css 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.b65b1c70.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d4b4384bb2207ab3d40f433ad82a808cfbba943114432667cf3d2b3b65c62ee4

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 18:19:30 GMT
server: Apache
etag: "1361-5bad735fe2caf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=579
accept-ranges: bytes
content-length: 1474

GET
H2 200 main.85ef961b.js Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 237 KB
56 KB 68ms
64ms Script
text/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82a074c62a609a3ada316e1f97ab72d89b9f050bf05dcb145cc340734053c122

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 18:19:30 GMT
server: Apache
etag: "3b3c7-5bad735fe1ee5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=528
accept-ranges: bytes
content-length: 56823

GET
H2 200 escenic_s_code.js Show response
media2.newsobserver.com/mistats/products/ 95 KB
32 KB 69ms
66ms Script
text/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 22:54:12 GMT
server: Apache
etag: "17b06-5b4555f9a663f"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 32672

GET
H2 200 escenic.js Show response
media2.newsobserver.com/mistats/products/ 63 KB
15 KB 73ms
70ms Script
text/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/products/escenic.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 92198135117fe1b0740d2e3b710d6f634379a74a7b0a8557152659636a08724c

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 18:38:09 GMT
server: Apache
etag: "fb3f-5b4ca7eed1826"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 15362

GET
H2 200 finalizestats.js Show response
media2.newsobserver.com/mistats/ 71 KB
19 KB 81ms
78ms Script
text/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/finalizestats.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ecd12fde65d51bd3c13094ebdb5f4570ca6a1ea6eeea58afca96c52634a5e059

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 16:46:37 GMT
server: Apache
etag: "11cc4-5b61eeb5fb911"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 18904

GET
H2 200 mi-footer.bundle-79c24024c08d7f0c7b17.js Show response
www.newsobserver.com/wps/build/webpack/ 11 KB
5 KB 84ms
81ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 306819
content-length: 4197
last-modified: Tue, 02 Feb 2021 19:49:23 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"2d5a-177644ad9b8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 8101185, 178330125 130778566
access-control-allow-origin: *
cache-control: max-age=122124
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 iris.adaptive.js Show response
ovp.iris.tv/libs/adaptive/v2/ 123 KB
35 KB 54ms
11ms Script
application/javascript 2600:9000:2127:1c00:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:1c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba8bbfe110629e3df60cffbcd75d2ea7627f5f6e13ef3ba0354221cab7b8e097

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Dec 2020 19:34:00 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 18:43:33 GMT
server: AmazonS3
age: 5533371
etag: W/"a5f9f8a7f66429858d67ad40caa225aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yNO4p54aN9wmQjMnpKaFPqqyZn6b5iAY
via: 1.1 d05dc840d6cf3901928326ad8b6d38c3.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: PRG50-C1
content-type: application/javascript
x-amz-cf-id: 50NhZ8-s0Yid822yeK4MEJZ8phvxLM-iJM6-AGpVHbetoxKcQKZxVw==

GET
H2 200 iris-context.min.js Show response
ovp.iris.tv/libs/context/ 13 KB
5 KB 54ms
11ms Script
application/javascript 2600:9000:2127:1c00:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:1c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9710dab6bb3447842cba847209148bd89fb928f55865b045105fa3aefa4fb51f

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5ZdiiNwZl43A.GuGAotRXH1LFI541fXN
content-encoding: gzip
last-modified: Thu, 18 Jun 2020 14:14:19 GMT
server: AmazonS3
age: 9897
etag: W/"1f6dcd0526f7505c7eb84fec71d5e468"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d05dc840d6cf3901928326ad8b6d38c3.cloudfront.net (CloudFront)
date: Fri, 12 Feb 2021 17:51:53 GMT
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: D-95k-14ntXOwpFhkXnuO2EuHjomPFrnI6e-BJw5A4T7LEbo3KKg_w==

GET
H2 200 vue.bundle-c7ea276fec8a7f119396.js Show response
www.newsobserver.com/wps/build/webpack/ 107 KB
38 KB 87ms
85ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vue.bundle-c7ea276fec8a7f119396.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d9505badaa1ef09e2237fa9094f474577f02ad805f5143afa078733f2ebfc9b8

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 280387
content-length: 38898
last-modified: Tue, 02 Feb 2021 19:49:49 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1ad47-177644b3f48"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 21503047, 56343485 14177831
access-control-allow-origin: *
cache-control: max-age=96287
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videojs.bundle-890a2e28dc5356b380ad.js Show response
www.newsobserver.com/wps/build/webpack/ 455 KB
120 KB 92ms
90ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videojs.bundle-890a2e28dc5356b380ad.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 81521a2a12208fb21d9c38a9f8c0b3cbb12b6c617d8ccfb946f131638e4ae70f

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 364926
content-length: 121808
last-modified: Wed, 03 Feb 2021 19:08:28 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"71b1f-177694bbfe0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 16187549, 186077666 128593195
access-control-allow-origin: *
cache-control: max-age=192655
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videoStory.bundle-d1c14c90e7de986bc0fd.js Show response
www.newsobserver.com/wps/build/webpack/ 208 KB
61 KB 103ms
102ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: da131b728f1b675d655b5a892cc529435a58f57e6fce1c1e4f999199054a9c83

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 394
content-length: 61540
last-modified: Tue, 02 Feb 2021 19:49:49 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"33f41-177644b3f48"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 15423477, 7994323 6288852
access-control-allow-origin: *
cache-control: max-age=336199
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 49ms
47ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

20346740bd647bbcdcdbbb778177fb0067df87709a6f0fb42a5c600628d3d284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 15125
x-xss-protection: 0
server: cafe
etag: 3656750336409988223
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 20:36:50 GMT

GET
H2 200 footer.bundle-0f76d0f6c06ab8062a97.js Show response
www.newsobserver.com/wps/build/webpack/ 10 KB
3 KB 106ms
105ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/footer.bundle-0f76d0f6c06ab8062a97.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3b7f0353b5e7f4898ea13784cb8d09a1d07381cc6082588dfb50c3b69c7c9757

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 259630
content-length: 2434
last-modified: Tue, 02 Feb 2021 19:49:23 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"265d-177644ad9b8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 13934252, 174391750 129571871
access-control-allow-origin: *
cache-control: max-age=77024
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 netdale.39e33f04f9ebc60b6629.js Show response
www.newsobserver.com/static/yozons-lib/ 68 KB
17 KB 34ms
34ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/netdale.39e33f04f9ebc60b6629.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d22a6bb9ce905a9dc000b05b1b3a2d2dcef345044035eaa78260434f7fa757ba

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 85
content-length: 17257
last-modified: Mon, 01 Feb 2021 19:41:06 GMT
server: MI
etag: W/"10fc0-5ba4b88eb7880"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 99910749, 1063004574 1059273171
access-control-allow-origin: *
cache-control: max-age=197461
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 0
710 B 104ms
50ms XHR
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=%2F7675%2Fral.site_newsobserver%2Fpropensity&sz=1x1&ref=&cookie=&c=406619124086827&tile=1&u_tz=60

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adobe.t2_3.js Show response
www.newsobserver.com/static/yozons-lib/ 91 KB
31 KB 76ms
76ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5fd8bc8f1abe2eca0f650c16cd0f04bea980adbc2f228e4bc7bb6357923a9c36

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 175190
content-length: 31126
last-modified: Wed, 03 Feb 2021 18:48:22 GMT
server: MI
etag: W/"16dbe-5ba7308036980"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 197376558, 106772716 75559999
access-control-allow-origin: *
cache-control: max-age=420751
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 gfc.4bde5ff03cc9c9ae95b4.js Show response
www.newsobserver.com/static/yozons-lib/ 10 KB
5 KB 31ms
31ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/gfc.4bde5ff03cc9c9ae95b4.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dc2ddf4647db568ada044777f9720a60c3f5b8470297bfa2e67120fe5eb30415

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 85
content-length: 4673
last-modified: Mon, 01 Feb 2021 19:41:06 GMT
server: MI
etag: W/"2853-5ba4b88eb7880"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 1061109004, 98017501 91252695
access-control-allow-origin: *
cache-control: max-age=197564
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

POST
H2 200 delivery Show response
mcclatchy.tt.omtrdc.net/rest/v1/ 189 B
449 B 114ms
38ms XHR
application/json 52.212.164.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=b7e1497394d84cff9859a13c143403a4&version=2.3.0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.164.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-164-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a732b8ad401f8934ba283ebc4e9a077a69cff3d42f1b761b3695dd07c9a8323e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 41c138fdff289965ee1aafe27a7dee23
content-type: application/json;charset=UTF-8

GET
H2 200 common.js Show response
media2.newsobserver.com/misites/all/ 4 KB
2 KB 30ms
29ms Script
text/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/misites/all/common.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 13:27:05 GMT
server: Apache
etag: "ee5-59232dc43bc40"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1412

GET
H2 200 micb.js Show response
media2.newsobserver.com/mistats/ 132 KB
36 KB 26ms
26ms Script
text/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/micb.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 227e7ddd78c606e6fc60ddbe51ce30d58e07922f691f1fb961b143f759ba7fb9

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 22:55:42 GMT
server: Apache
etag: "20ea3-5b9e9abac26b2"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 36871

GET
H3-Q050 200 pts Show response
pubads.g.doubleclick.net/subopt/ 150 B
231 B 204ms
174ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/subopt/pts?products=newsobserver.com&type=general&extrainfo=null&u_tz=-60&v=1&cdm=www.newsobserver.com&c=758984

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

dbba323b2b903c683ec481c8ebfd0e94ffa1f42a1cdb4a29ff87e78144772337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 12 Feb 2021 20:36:51 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 149ms
39ms XHR
application/json 108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_coop_safe=1&ts=1613162211110

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

120613b93e99ef9c2cf12075032c75281047083a617245aa9a2d7b7c81da549f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v089-055db968c.edge-irl1.demdex.com 5.80.6.20210202104731 2ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: DSlQ/pExTKI=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 994
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 204 data Show response
pubads.g.doubleclick.net/subopt/ 0
569 B 183ms
162ms XHR
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/subopt/data?states=newsobserver.com%3Aunknown&extrainfo=null&u_tz=-60&v=1&cdm=www.newsobserver.com&c=576936

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 89ec5922-1183-4866-8824-09f66181e549.json Show response
cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/ 3 KB
2 KB 44ms
31ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/89ec5922-1183-4866-8824-09f66181e549.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0827a540ffd8faac9bc0bcdcb724fdb6e0a4fb3d073d46ff9a93ea105e1613ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VEhEeWxZ9Hxrgg8t3QZJ7w==
age: 2256
vary: Accept-Encoding
content-length: 1277
cf-request-id: 08398eff4d00000610db14c000000001
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 15:58:01 GMT
server: cloudflare
etag: 0x8D84521D12CED36
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 70169d7c-701e-0034-18b3-b4774e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62091aabadfc0610-FRA

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 195 B
254 B 35ms
20ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f61efab99b6954d610afd5ced5c2a48d2c070e0fe6721d4b1d6dd86b6748dfd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 62091aabde17d729-FRA
cf-request-id: 08398eff6a0000d7297b153000000001

GET
H2 200 geofeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 195 B
547 B 34ms
20ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b3cadacd03244587456b85a7b38e23ddb4a17fe5edbec5382414bc2b2d4c1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 62091aabde19d729-FRA
cf-request-id: 08398eff6a0000d7291eaa0000000001

GET
H2 200 identityModulev3.min.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 35 KB
11 KB 30ms
29ms XHR
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/identityModulev3.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 60157
content-length: 11142
last-modified: Wed, 03 Feb 2021 19:06:05 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"8dbb-17769499148"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 43209811, 193107989 181809931
access-control-allow-origin: *
cache-control: max-age=208123
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v11/ 10 KB
10 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:58:43 GMT
server: sffe
age: 58266
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10116
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:45 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
fonts.gstatic.com/s/notoserif/v9/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:18:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:20 GMT
server: sffe
age: 127128
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13660
x-xss-protection: 0
expires: Fri, 11 Feb 2022 09:18:03 GMT

GET
H3-Q050 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v11/ 10 KB
10 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:55:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:50:56 GMT
server: sffe
age: 312078
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10292
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:55:33 GMT

GET
H2 200 logo.svg
www.newsobserver.com/wps/build/images/newsobserver/ 5 KB
3 KB 26ms
25ms Image
image/svg+xml 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/build/images/newsobserver/logo.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1270a862b7759b86d679ce76254e22bcd758959c10543bd38d451a9ef6c38004

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 285521
content-length: 2220
last-modified: Wed, 03 Feb 2021 19:08:07 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1479-177694b6dd8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 41180534, 107546367 62589957
access-control-allow-origin: *
cache-control: max-age=397510
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ 332 KB
332 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:05:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 05:06:45 GMT
server: sffe
age: 1896
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339515
x-xss-protection: 0
expires: Sat, 12 Feb 2022 20:05:15 GMT

GET
H3-Q050 200 ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
fonts.gstatic.com/s/notoserif/v9/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsobserver.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 16:19:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
age: 361049
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13192
x-xss-protection: 0
expires: Tue, 08 Feb 2022 16:19:22 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 197 B
257 B 26ms
26ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b25aa5eb92fee08d51add083e5c4fa22516e9d1ab61179734fbb1e27fb7f8063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 62091aac2e9dd729-FRA
cf-request-id: 08398eff9c0000d72968895000000001

GET
H/1.1 200
OK states-data.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 76 KB
10 KB 76ms
28ms Fetch
application/json 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/states-data.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d38b76e4b672e959f4b275073ad850276b23d5872e9145a325add838acc1d346

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2021 20:00:02 GMT
Server: Apache
ETag: "12e23-5bb2914e7932d"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=144
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9865

GET
H/1.1 200
OK us-data.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 622 B
1 KB 73ms
25ms Fetch
application/json 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/us-data.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b8831ec1633d1a20e81c0265dec3a771417e4fcbd28fb66a468098b20f6ea9a4

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2021 20:00:02 GMT
Server: Apache
ETag: "26e-5bb2914edb7ef"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=144
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 341

GET
H/1.1 200
OK NC-daily.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 461 KB
43 KB 78ms
30ms Fetch
application/json 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/NC-daily.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 218f074f10525b93b1b03430f5867b1c3f1a26abf38e7072c8b522c879ae4e14

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2021 07:15:13 GMT
Server: Apache
ETag: "732c9-5bb1e65b8631c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=144
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42873

GET
H2 200 loader.js Show response
contributor.google.com/scripts/7df76a16abfcab18/ 103 KB
36 KB 206ms
185ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7df76a16abfcab18/loader.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6e992644bee0957058fa5beec8fe1d81b69c7d478ea899412c1e1feb11fc07d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VQWQ+EGNaBtRZSsJLNsoIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-VQWQ+EGNaBtRZSsJLNsoIw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=86400
content-security-policy: script-src 'report-sample' 'nonce-VQWQ+EGNaBtRZSsJLNsoIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-VQWQ+EGNaBtRZSsJLNsoIw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:51 GMT

GET
H2 200 main.js Show response
mcclatchy-newsobserver.zeustechnology.com/ 199 KB
53 KB 155ms
49ms Script
application/javascript 65.9.94.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.39e33f04f9ebc60b6629.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23425925f24f35a94cde3e8e7664fd092258cfda4f60c0e3ea14d0fbbb93c38

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: E9uktLWQE.OpKfK_RJnWepc_9WSdl.ck
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 19:50:01 GMT
server: AmazonS3
age: 70074
etag: W/"6238c662edf036d0e87e6cded8531153"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
date: Fri, 12 Feb 2021 01:08:58 GMT
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: Yx2BctiU33C-nZxHLra0jxjqlV7ncC3kkCN8uK0xVQEopuRWQnpgqQ==

GET
H2 200 callback=mi.ads.extractPid Show response
ad.crwdcntrl.net/5/c=7436/pe=y/ 82 B
292 B 131ms
35ms Script
application/javascript 52.48.248.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=7436/pe=y/callback=mi.ads.extractPid
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.222
content-type: application/javascript;charset=UTF-8
content-length: 82
expires: 0

GET
H2 200 fontawesome-webfont.woff2
www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 27ms
27ms Font
font/woff2 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.455493d63d213cbc34d9.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.455493d63d213cbc34d9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 209
content-length: 56780
last-modified: Tue, 09 Feb 2021 19:07:18 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"ddcc-1778830d670"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 75284693, 228362174 217701808
access-control-allow-origin: *
cache-control: max-age=159
access-control-allow-credentials: false
mi-cache: HIT
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/f5fd195c-2e41-4f68-8421-f333a7238eb6/480x270/match/ 48 KB
48 KB 145ms
44ms Image
image/jpeg 65.9.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/f5fd195c-2e41-4f68-8421-f333a7238eb6/480x270/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: 2d0ac2907a4616fa011da479bfbe45c1cbb7cb4e097c5dfe436d56245d677030

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 16:28:06 GMT
Via: 1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 14925
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: OKG4D1uQgXrIRU504cnRsCflUsFN1lD_V8sHO7xpLxEPv8nKjOrNqA==
Expires: Sat, 12 Feb 2022 16:28:06 GMT

GET
H2 200 001.JPG
www.newsobserver.com/latest-news/dnn71r/picture249155525/alternates/LANDSCAPE_768/ 35 KB
35 KB 28ms
25ms Image
image/jpeg 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/dnn71r/picture249155525/alternates/LANDSCAPE_768/001.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f400853476ccde755c07d80568e60d7b3b24d9b7295a4a69793f8a78899b3026

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 546
content-length: 35626
last-modified: Wed, 10 Feb 2021 19:17:05 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "543441b543eff306877b55aa17fe731a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 129344015 125493203
access-control-allow-origin: *
cache-control: max-age=524811
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 RAL_GUSKIEWICZ10-121319-EDH.JPG
www.newsobserver.com/latest-news/jnyxms/picture238370988/alternates/LANDSCAPE_768/ 29 KB
30 KB 31ms
29ms Image
image/jpeg 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/jnyxms/picture238370988/alternates/LANDSCAPE_768/RAL_GUSKIEWICZ10-121319-EDH.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 37924aaa311bf769b494bfdd0f9277ebeecd3663e988cadde52e16f63a684a99

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 64461
content-length: 30141
last-modified: Fri, 13 Dec 2019 22:59:37 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "e3fcd1153e5be10c0837177f11ea4942"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 257332673, 137585608 125272025
access-control-allow-origin: *
cache-control: max-age=597080
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 020821_NEVILLE_TEL_02.JPG
www.newsobserver.com/latest-news/t8i3uj/picture249106785/alternates/LANDSCAPE_768/ 27 KB
27 KB 35ms
33ms Image
image/jpeg 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/t8i3uj/picture249106785/alternates/LANDSCAPE_768/020821_NEVILLE_TEL_02.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4ca40998b8349f65cb18f19c8cc6844e050e83bdd5bfaeaebe2df51deb40f5e3

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 296
content-length: 27160
last-modified: Mon, 08 Feb 2021 23:21:27 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "c3484693d11813bd1f764a949512be1a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 267000184 259254783
access-control-allow-origin: *
cache-control: max-age=590792
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/2e51c426-adde-4324-8364-cfff4db3fa0c/a387e8bf-1490-475e-bd2a-ced5c9be4b57/320x180/match/ 18 KB
18 KB 145ms
44ms Image
image/jpeg 65.9.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/2e51c426-adde-4324-8364-cfff4db3fa0c/a387e8bf-1490-475e-bd2a-ced5c9be4b57/320x180/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: 237eaf1d1ebd12019780eda8ff12a3d3b3dbe33eb18dc5675fcd1aa588c9df0a

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 04:05:49 GMT
Via: 1.1 4614c36172b2854b1e1e94af37435c8f.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 232262
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: VJRl7DVH1lcC_PpYp-WlHMDZ3lacWZtW35GbahHb0tL-IWJMAyWmBQ==
Expires: Thu, 10 Feb 2022 04:05:49 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/1bb306c4-1e57-4953-85ae-74339c4eb8d9/859e8b48-95b9-4ea7-8f99-ab6c721c1da3/480x270/match/ 41 KB
42 KB 144ms
43ms Image
image/jpeg 65.9.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/1bb306c4-1e57-4953-85ae-74339c4eb8d9/859e8b48-95b9-4ea7-8f99-ab6c721c1da3/480x270/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: c0de67f0e8f4974c45848483991b0aa9b4b2637fa795c25e47f3bdaaa5608f33

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 19:07:29 GMT
Via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 5362
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: DE5Fn8Mwv9egbUHck7c-Ohbm7n4J5GcGvjyg2BgweZMDfPYDeiE0WQ==
Expires: Sat, 12 Feb 2022 19:07:29 GMT

GET
H2 200 xHARNETTVACCINATE-NE-021221-RTW.jpg
www.newsobserver.com/latest-news/9tn0vh/picture249214140/alternates/LANDSCAPE_768/ 38 KB
38 KB 38ms
36ms Image
image/jpeg 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/9tn0vh/picture249214140/alternates/LANDSCAPE_768/xHARNETTVACCINATE-NE-021221-RTW.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a0da736ffa9696bca2524001635c1cba5a446be381e43b46a2f8c646e702b99f

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 503
content-length: 38614
last-modified: Fri, 12 Feb 2021 19:44:22 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "f030df6d82affc18302d4cc8b0bd1c32"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 143800723 137620600
access-control-allow-origin: *
cache-control: max-age=604750
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/596c95a3-ac81-452e-9393-59fbddcb2195/79a294d5-ac78-4684-8298-6e4b21b302e7/480x270/match/ 35 KB
36 KB 149ms
48ms Image
image/jpeg 65.9.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/596c95a3-ac81-452e-9393-59fbddcb2195/79a294d5-ac78-4684-8298-6e4b21b302e7/480x270/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: afec0d4cdce1520b6a212417955487b04f6c8e069a10c8edb6af42f0e89a4db8

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 02:05:00 GMT
Via: 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 239511
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: DFKjr8O8zXDbAf9aPPhrzNXexZINVjoTA-zWJHof4k3DA3DlXPz9Zw==
Expires: Thu, 10 Feb 2022 02:05:00 GMT

GET
H2 200 RAL_COOPERCOHEN-NE-091720-RTW_7.JPG
www.newsobserver.com/latest-news/i4yxaz/picture248307495/alternates/LANDSCAPE_768/ 26 KB
26 KB 41ms
40ms Image
image/jpeg 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/i4yxaz/picture248307495/alternates/LANDSCAPE_768/RAL_COOPERCOHEN-NE-091720-RTW_7.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 219af86bf60fa46952ce96b2c3a5eb90ae29f8a15347a81362721ade3a321e27

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2736
content-length: 26363
last-modified: Wed, 06 Jan 2021 15:11:47 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "19a22df7b9a78100588b4b72656a0ccf"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 748723479 745685476
access-control-allow-origin: *
cache-control: max-age=160408
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 Josh%20Ellis%20Greene
www.newsobserver.com/latest-news/gcgvi9/picture249068185/alternates/LANDSCAPE_768/ 37 KB
37 KB 47ms
45ms Image
image/jpeg 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/gcgvi9/picture249068185/alternates/LANDSCAPE_768/Josh%20Ellis%20Greene
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ece4a7d40f30903641984e4f61837fcced499eba5d215819bbc8b4cca5926302

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1382
content-length: 37700
last-modified: Sun, 07 Feb 2021 16:37:03 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "ce28d1e0ef145349abc156cbf8cc31f8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 91582051, 215722328 215559348
access-control-allow-origin: *
cache-control: max-age=338983
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2

200

STATESYR08-020921-EDH.jpg
www.newsobserver.com/latest-news/6deexc/picture249137440/alternates/LANDSCAPE_768/
Redirect Chain

https://www.newsobserver.com/latest-news/wbq9um/picture249137440/alternates/LANDSCAPE_768/STATESYR08-020921-EDH.jpg
https://www.newsobserver.com/latest-news/6deexc/picture249137440/alternates/LANDSCAPE_768/STATESYR08-020921-EDH.jpg

45 KB
46 KB

27ms
26ms

Image
image/jpeg

2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/6deexc/picture249137440/alternates/LANDSCAPE_768/STATESYR08-020921-EDH.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1522de80cc30ced2e37ae10529e7d112f13e3d5d7d030ca8b4084e532474215d

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 385
content-length: 46331
last-modified: Wed, 10 Feb 2021 00:45:52 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "cbd5df272c9d64722ea924268445db54"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 99039565 96551830
access-control-allow-origin: *
cache-control: max-age=360957
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

Redirect headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 69652
content-length: 0
location: https://www.newsobserver.com/latest-news/6deexc/picture249137440/alternates/LANDSCAPE_768/STATESYR08-020921-EDH.jpg
last-modified: Fri, 12 Feb 2021 00:48:31 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "604e7143-2d64-4ccf-b2c6-9348685a8670"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 254855765, 144283893 130542005
access-control-allow-origin: *
cache-control: max-age=84753
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 1.JPG
www.newsobserver.com/latest-news/v1ps8g/picture249061795/alternates/LANDSCAPE_768/ 80 KB
80 KB 55ms
54ms Image
image/jpeg 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/v1ps8g/picture249061795/alternates/LANDSCAPE_768/1.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 322d4cbc154d3ccb6ef8aeea1fc1a4b74ed58fe08124fa8e833d3724cb76235a

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 81841
last-modified: Tue, 09 Feb 2021 13:48:55 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "be64d7b0cf6f81fc4f6578d4c0dd5ff5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 208645924 211763018
access-control-allow-origin: *
cache-control: max-age=321145
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 STATEUVA33-020321-EDH.jpg
www.newsobserver.com/latest-news/dpggpi/picture249007965/alternates/LANDSCAPE_768/ 35 KB
36 KB 58ms
57ms Image
image/jpeg 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/dpggpi/picture249007965/alternates/LANDSCAPE_768/STATEUVA33-020321-EDH.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 76c2d52c9a8d80f15a466ec50414189678b8370bdc630c2cd5be9088081955de

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1060
content-length: 36155
last-modified: Thu, 04 Feb 2021 17:09:57 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "1f2af37c0366f1703c145d4a36442051"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 118378440, 243689595 250812365
access-control-allow-origin: *
cache-control: max-age=507627
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H/1.1 200
OK Cookie set dest5.html Show response
mcclatchy.demdex.net/ Frame 08AF 7 KB
3 KB 135ms
35ms Document
text/html 34.241.227.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.demdex.net/dest5.html?d_nsid=0

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.227.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-227-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: mcclatchy.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsobserver.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=78504185574958867700543501382980317037
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 11 Feb 2021 14:59:32 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=78504185574958867700543501382980317037;Path=/;Domain=.demdex.net;Expires=Wed, 11-Aug-2021 20:36:51 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: 5VATJ0GHS+M=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
mcclatchy.sc.omtrdc.net/ 2 B
321 B 102ms
30ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=77947693581772195890528109572487141594&ts=1613162211328

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5955cb7dcf-dj7sz
vary: Origin
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YCbm4wAAAJeanVxO
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=78504185574958867700543501382980317037
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YCbm4wAAAJeanVxO

42 B
915 B

36ms
36ms

Image
image/gif

108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YCbm4wAAAJeanVxO

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0df8f7b71.edge-irl1.demdex.com 5.80.6.20210202104731 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: z/YL+1NlRWU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YCbm4wAAAJeanVxO
Date: Fri, 12 Feb 2021 20:36:51 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2

200

sp.br.js Show response
js.matheranalytics.com/static/2_2_18-e/
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930332/sp.js?cb=1556
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js

78 KB
25 KB

17ms
17ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:22:52 GMT
content-encoding: br
last-modified: Sat, 20 Apr 2019 20:43:13 GMT
server: nginx
age: 18839
etag: "93626701087aa6ff39ccd5278fb9fd3b"
vary: Accept-Encoding
x-cache: HIT Sat, 20 Apr 2019 22:39:14 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: clear
content-length: 25418

Redirect headers

date: Fri, 12 Feb 2021 20:36:51 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 1-gc-euw1-10929

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/finalizestats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4304
date: Fri, 12 Feb 2021 19:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 21:25:07 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ 23 KB
9 KB 28ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/finalizestats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 19 Feb 2021 20:36:51 GMT

GET
H2 200 mi_content_tracker.js Show response
media2.newsobserver.com/mistats/ 4 KB
2 KB 26ms
26ms Script
text/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media2.newsobserver.com/mistats/mi_content_tracker.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
last-modified: Wed, 04 Jun 2014 15:41:43 GMT
server: Apache
etag: "11ff-4fb047712bbc0"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1432

GET
H2 200 pageBottom.686b93e0d622ac24761e.js Show response
www.newsobserver.com/static/yozons-lib/ 1 KB
992 B 30ms
29ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/pageBottom.686b93e0d622ac24761e.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac7d92309c13258af795cb006ff8c84ab2a5d2c5d350cf09103c70f30e3dfa57

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 85
content-length: 619
last-modified: Mon, 01 Feb 2021 19:41:06 GMT
server: MI
etag: W/"47a-5ba4b88eb7880"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 1055226032 1061109001
access-control-allow-origin: *
cache-control: max-age=107750
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1613162211377
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1613162211377&ja=1

44 B
336 B

35ms
34ms

Image
image/gif

34.250.160.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1613162211377&ja=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.160.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-160-229.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
server: nginx
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.newsobserver.com/&rp=&ts=compact&rnd=1613162211377&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 moment.min.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 41 KB
14 KB 29ms
27ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/moment.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 17262
content-length: 14306
last-modified: Wed, 03 Feb 2021 19:06:05 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"a337-17769499148"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 22606386, 69014811 64304850
access-control-allow-origin: *
cache-control: max-age=166967
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 348 KB
102 KB 107ms
49ms Script
application/x-javascript 104.108.145.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.83 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-83.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b4ab0c9d469f5fc9747b8f7433e38ebcc71a9bde85103b9ed30606d37bdbc112

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
x-amz-request-id: F3B980A02252988C
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: ZtLMwtfuSO/vZ6meBltbLu7WDNWlnhBTzSCplJfnmZoppIlIZ3e4wgJ/wYYkqq0Iax2jHbANmEk=
Last-Modified: Fri, 05 Feb 2021 18:53:22 GMT
Server: AmazonS3
ETag: "f26986557d331d9bccef002058601094"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 322 KB
112 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fec14b132aa8f5c290a39129469655fb29aeed7faf69a4d628c34cc667812988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113725
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:51 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/968074018/ 2 KB
1 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968074018/?random=1613162211408&cv=9&fst=1613162211408&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.newsobserver.com%2F&tiba=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&hn=www.googleadservices.com&us_privacy=1---&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99041b7ab760bb2ece514e261afab87545a568f17335d99fc42c073f686c83a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1013
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 70ms
21ms Script
application/javascript 199.232.198.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 89f555437822d8ce86a52b409ce45cce077a2653f047f2b4c79ef52eb98a9ccd

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
age: 10038
x-guploader-uploadid: ABg5-Uxy9cnAUGUv9x3EtYt9Bmz33ooHv3HjZdnMa262437MMIYVMNrcd8i1Q17D4Pyho1LmKzZOq1pcM0fqq_qhFN3cLoHisA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6481
x-served-by: cache-ams21042-AMS
last-modified: Wed, 02 Dec 2020 17:49:10 GMT
server: UploadServer
x-timer: S1613162212.526371,VS0,VE0
etag: "3432e8d2c468c4485947c2893a297556"
vary: Origin
x-goog-hash: crc32c=CTsFlA==, md5=NDLo0sRoxEhZR8KJOil1Vg==
x-goog-generation: 1606931350096968
via: 1.1 varnish
expires: Thu, 03 Dec 2020 17:49:10 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6481
accept-ranges: bytes
content-type: application/javascript
x-scrolljs: 3
x-cache-hits: 2617

GET
H2 200 performance.711d5dadce5ab1e7fa9b.js Show response
www.newsobserver.com/static/yozons-lib/ 4 KB
2 KB 30ms
29ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/performance.711d5dadce5ab1e7fa9b.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 33da6672a4bc2d57bcf7713bec2748036fd2ccd2127523f357974db72ddcf30b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 85
content-length: 1414
last-modified: Mon, 01 Feb 2021 19:41:06 GMT
server: MI
etag: W/"f76-5ba4b88eb7880"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 94392264, 1058621345 1063360102
access-control-allow-origin: *
cache-control: max-age=197547
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 parsely.6be7edc22b4bac6fd9c0.js Show response
www.newsobserver.com/static/yozons-lib/ 1 KB
954 B 30ms
29ms Script
application/javascript 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/parsely.6be7edc22b4bac6fd9c0.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c4f536e4638f4e3176e97cca4d2e4ad1487f0be8bed1605b9144cdabdb43ab67

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 85
content-length: 574
last-modified: Mon, 01 Feb 2021 19:41:06 GMT
server: MI
etag: W/"4af-5ba4b88eb7880"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 1056012979, 94915059 91252702
access-control-allow-origin: *
cache-control: max-age=197572
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 182 KB
60 KB 50ms
16ms Script
application/javascript 35.244.220.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.39e33f04f9ebc60b6629.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.220.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 155.220.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 13:22:44 GMT
content-encoding: gzip
age: 198847
x-guploader-uploadid: ABg5-UwnjYJUimPMrtAYG2PlbObZD6jompwxVM3Mg66ur_0EqZfs4lw5ybGSdQm5I4CZVQFANIDSum7OL40CZgSqUIw
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 60625
last-modified: Fri, 22 Jan 2021 08:44:43 GMT
server: UploadServer
etag: "cd29a4c3533e427f1b5c357933c3c1ec"
x-goog-hash: crc32c=NT+O6A==, md5=zSmkw1M+Qn8bXDV5M8PB7A==
x-goog-generation: 1611305083757651
cache-control: no-transform
x-goog-stored-content-length: 60625
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 10 Feb 2022 13:22:44 GMT

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 46 KB
12 KB 32ms
10ms Script
application/javascript 2600:9000:2127:2e00:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9b5b26bd4c7e2fcf66e6dd960f711bea0da290df367f8b32fc008b27170b7c9

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 17:09:22 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:39:19 GMT
server: AmazonS3
age: 12450
etag: W/"58fbba601209b7936738abd01d4cfd5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
cache-control: max-age=84600
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: -d6zAa6qOb8KEYigl6M22ib0QIBMgQq7LGksIy4vqCtdiWZK8yNcrA==

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/ 2 KB
681 B 39ms
10ms Script
application/json 2600:9000:2127:ce00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ce00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80ec17111820d9192de1f9242669783c4fc7167734e1b4fa1df1182b682b64da

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:31 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 17:44:08 GMT
server: AmazonS3
age: 21
etag: "55f9c4841b62a22524efa8ee49921b6a"
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 306
x-amz-cf-id: XqWRaSD6RT569EkyDhpwAcCkqX4Biundk88zkGprp4ICDUBVoa0PzA==

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 89 KB
21 KB 71ms
23ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.39e33f04f9ebc60b6629.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34e04f21e210fdd8cbdf68e6746c47c3145ce8fc1ddfb9e06a4ebe2b99725a38

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Age: 499
X-Cache: HIT
Connection: keep-alive
Content-Length: 20387
x-amz-id-2: HTI896H+TdQ+heF9iVzY1FhKztF+PrBoncrca4ra+Ue8r8PuD+FmBofC2+OYHWIdZcgMFZoT0QY=
X-Served-By: cache-hhn4073-HHN
Last-Modified: Fri, 12 Feb 2021 20:22:40 GMT
Server: AmazonS3
X-Timer: S1613162212.552399,VS0,VE1
ETag: "8f44f295aa20942e4f884d308332a3f6"
x-amz-request-id: 2T2N7M2T7T9Y4G7J
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 1

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 35ms
12ms Script
application/x-javascript 2600:9000:2127:4400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:09:00 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 02:03:13 GMT
server: nginx
age: 8871
etag: W/"60121b61-8e23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 7vWtjQHp6fFrct8PaI0DYNaCstQzMwhXVwoMs7ncJeFHZdUaWU-_ow==
expires: Sat, 13 Feb 2021 18:09:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
69 KB 21ms
19ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 4207160
vary: Accept-Encoding
content-length: 69711
cf-request-id: 08398f008c00001f45ab31e000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b5a3eed9-c01e-0069-3a3b-db874a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62091aadafcd1f45-FRA
expires: Sat, 20 Feb 2021 20:36:51 GMT

GET
BLOB 200
OK 3916bb76-6ee8-436d-980f-1d36315b8cfa
https://www.newsobserver.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/3916bb76-6ee8-436d-980f-1d36315b8cfa
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

POST
H2 200 delivery Show response
mboxedge37.tt.omtrdc.net/rest/v1/ 653 B
713 B 110ms
44ms XHR
application/json 52.212.193.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=b7e1497394d84cff9859a13c143403a4&version=2.3.0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: eb449b51070f63db7098e2945ea86d0712c2779bcd86a0bc8e0072bda93fad9f

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 0d8365a74c1dc5a132ce9b73c121e1b3
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK us-jhu.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 317 B
974 B 27ms
26ms Fetch
application/json 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/us-jhu.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dd7a9cefbaa685879dc6f464becd322a3213c9d1e6a43497855778ce7370d093

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2021 20:00:03 GMT
Server: Apache
ETag: "13d-5bb2914f6cbdb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=145
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 169

GET
H/1.1 200
OK 835000587-custom.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 176 B
969 B 26ms
25ms Fetch
application/json 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/835000587-custom.json?v=521
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a24edf9cea5a77a4babe00b6181edfa682f106cf2b0d5dc2d2f6737fd38d3356

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2021 20:15:20 GMT
Server: Apache
ETag: "b0-5bb294b9e5f23"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=579
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 165

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ 1 KB
1 KB 43ms
14ms Script
application/x-javascript 2600:9000:2127:2200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:14:37 GMT
content-encoding: gzip
last-modified: Mon, 26 Mar 2018 17:43:26 GMT
server: AmazonS3
age: 1354
etag: W/"eeeb10fbb8e6fc7fff11277347add08a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 79ba346413d83ce62db11c8d0b05c22d.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: YgwBOVNG3IalmCwEJO69Xa6EjZPWuP-bMjI5IcDGfKSkI4gNh309Xg==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/7447/ 38 KB
12 KB 137ms
47ms Script
text/javascript 65.9.94.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/7447/lt.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.39e33f04f9ebc60b6629.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8646c7287623db68d9deccf710f5a47b00b52a66a61d6e48490f5a37665c42d4

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:13:35 GMT
content-encoding: gzip
etag: W/"8acfeb999bdebb359fe2b7ddc3804ae0"
last-modified: Mon, 01 Feb 2021 21:34:14 GMT
server: AmazonS3
age: 22997
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 91afcef6d5c7e90d0a4bb2c3a456c691.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: DCg-0v7wz5G-UM2mNT8qzZXc78hJnrdgPrFqqTNnflfo_Ux31vF6OQ==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
394 B 46ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1565754912&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsobserver.com%2F&dh=newsobserver.com&ul=en-us&de=UTF-8&dt=Home%3A%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=40478576&gjid=466867594&cid=627062181.1613162212&tid=UA-48279682-1&_gid=1745741581.1613162212&_r=1&_slc=1&cd1=NAO&cd2=News%20and%20Observer&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd5=Unregistered&cd6=Homepage&cg1=News%20and%20Observer&cg2=Homepage&z=378504854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 45ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1565754912&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsobserver.com%2F&dh=newsobserver.com&ul=en-us&de=UTF-8&dt=Home%3A%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=2069507860&gjid=827571199&cid=627062181.1613162212&tid=UA-48280268-1&_gid=1745741581.1613162212&_r=1&_slc=1&cd1=NAO&cd2=News%20and%20Observer&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd5=Unregistered&cd6=Homepage&cg1=News%20and%20Observer&cg2=Homepage&z=698578837

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1405 Show response
analytics-check.publishersite.xyz/check/ 26 B
393 B 275ms
181ms XHR
application/json 65.9.94.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-check.publishersite.xyz/check/1405
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0464b6125d6f9f3dc1dbe6ef7f1203ea4d60d28141fd98fef1e15004f265ec2e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amzn-requestid: 31ec0b2d-62ff-493b-8268-4c8e9153be53
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6026e6e3-65ecbcc41d7b5ec913b51f90;Sampled=0
x-amz-apigw-id: apkDmHVjoAMFxkg=
content-length: 26
x-amz-cf-id: xxjw6ko3BWKYVKJHqaodwDc0Qhog5moGrs_WLufUA3vZCOBXYUPkdA==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 114 KB
37 KB 86ms
40ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6e2f7e4abb0af99fe128f3e943c469d74d97cd446ff9395ef51fe068ed799209

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 10:56:36 GMT
server: nginx
etag: W/"601bd2e4-1c8de"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 13 Feb 2021 20:36:51 GMT

GET
H/1.1 200
OK 185522-118148292826456.js Show response
js-sec.indexww.com/ht/p/ 84 KB
26 KB 1230ms
1184ms Script
text/javascript 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a1bc519de7aeb90c4d8dc7c8dfe2e3d4db4c2447844bc3d57a62eccefcee6987

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2021 20:36:47 GMT
Server: Apache
ETag: "da27d2-14f94-5bb299857a913"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 26257
Expires: Fri, 12 Feb 2021 21:36:52 GMT

GET
H/1.1 200
OK userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 69ms
23ms Script
text/javascript 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:56:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300709-1d57-5b232e7ce6dc7"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=133877
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 2419
Expires: Sun, 14 Feb 2021 09:48:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
19 KB 59ms
58ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8e22c87bb77dd443c144e972e09e0f3eb27971b950dcf78512c439edde000875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "782 / 324 of 1000 / last-modified: 1613132082"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19522
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:51 GMT

OPTIONS
H/1.1 200
Unknown Error 6230965657001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 180ms
91ms Other 65.9.98.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6230965657001
Protocol: HTTP/1.1
Server: 65.9.98.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.newsobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Fri, 12 Feb 2021 20:36:51 GMT
Via: 1.1 varnish, 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4024-HHN
X-Cache-Hits: 0
X-Timer: S1613162212.762070,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: cWG53WPLroaNw4LDJSIz01bnAVoYUJt_MkcHcnNQv53lHBBIL7iMIA==

OPTIONS
H/1.1 200
Unknown Error 6231679253001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 151ms
62ms Other 65.9.98.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6231679253001
Protocol: HTTP/1.1
Server: 65.9.98.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.newsobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Fri, 12 Feb 2021 20:36:51 GMT
Via: 1.1 varnish, 1.1 65dc50162b685d34f2ac712298bb090d.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4053-HHN
X-Cache-Hits: 0
X-Timer: S1613162212.739935,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: LSa3mVSEGEtqpXEsTXNSS_GPpAH7ahJ29ez3HopRc1IP3Ci71CTSuw==

OPTIONS
H/1.1 200
Unknown Error 6231311602001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 175ms
87ms Other 65.9.98.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6231311602001
Protocol: HTTP/1.1
Server: 65.9.98.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.newsobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Fri, 12 Feb 2021 20:36:51 GMT
Via: 1.1 varnish, 1.1 2a9856881d192b485d1bf1928e98c7ed.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4029-HHN
X-Cache-Hits: 0
X-Timer: S1613162212.766971,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: 0n-sl2gQC5n5EVc2GQvMN8Xi2ni_ZxwZm_jDvoY_6aQdH1tNfrVXhQ==

OPTIONS
H/1.1 200
Unknown Error 6230812063001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 174ms
87ms Other 65.9.98.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6230812063001
Protocol: HTTP/1.1
Server: 65.9.98.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.newsobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Fri, 12 Feb 2021 20:36:51 GMT
Via: 1.1 varnish, 1.1 2a9856881d192b485d1bf1928e98c7ed.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4031-HHN
X-Cache-Hits: 0
X-Timer: S1613162212.768651,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: uZc5Yj5V2Dk8QQFRm54HwY679OlfmFlZjKm3dwE3pCZJDAepiWS_Rg==

GET
H/1.1 200
OK 6230965657001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 8 KB
9 KB 60ms
60ms Fetch
application/json 65.9.98.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6230965657001
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.98.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 884e5e1c0f990b0f9b77989edaf8c368fa6378c93417118cdad7f04c334a00e0

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Powered-From: eu-central-1b
Bcov-Request-Id: aaeafac1-d3d1-4355-aa49-0e6afa61ad42
Age: 1639
Policy-Key-Accountid: 5615998031001
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 7716
Via: 1.1 varnish, 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4039-HHN
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
X-Timer: S1613162212.821955,VS0,VE1
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: PRG50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: AXT9T4pfpvBreSQDfR07fCAGEbYt8iopPLhbYGFHBcggy7ooDY58SA==
X-Cache-Hits: 1

GET
H/1.1 200
OK 6231679253001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 8 KB
9 KB 59ms
59ms Fetch
application/json 65.9.98.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6231679253001
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.98.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 779c2b5d5557f974933b14421f6bdb8a062ec2bf09a6c99cbbf86b8c95c38a5d

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Powered-From: eu-central-1c
Bcov-Request-Id: 9afb627c-cfad-45ed-a3a4-d68cdc50f24c
Age: 4517
Policy-Key-Accountid: 5615998031001
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 7810
Via: 1.1 varnish, 1.1 65dc50162b685d34f2ac712298bb090d.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4034-HHN
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
X-Timer: S1613162212.798733,VS0,VE0
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: PRG50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: k34KBqMMpQ1rJpDY8jBh2cV4kmV5Y_jy2KkT8NRxV--Z1HFxid-LeQ==
X-Cache-Hits: 2

GET
H/1.1 200
OK 6231311602001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 7 KB
9 KB 91ms
91ms Fetch
application/json 65.9.98.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6231311602001
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.98.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 580f9e1678ba6889ad217e4b63299ff2a9e497e8801061490ac81bf2de6ae22a

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Powered-From: eu-central-1b
Bcov-Request-Id: a723a227-cbc8-4dd6-86ff-e7980e46c04e
Age: 4939
Policy-Key-Accountid: 5615998031001
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 7641
Via: 1.1 varnish, 1.1 2a9856881d192b485d1bf1928e98c7ed.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4034-HHN
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
X-Timer: S1613162212.855039,VS0,VE1
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: PRG50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: jvo9coO3u57hhov5AuN9kgDVbJ5InuZ51KdD9lWfec2q1Ko_eGjdfA==
X-Cache-Hits: 1

GET
H/1.1 200
OK 6230812063001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 8 KB
9 KB 91ms
90ms Fetch
application/json 65.9.98.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6230812063001
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.98.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 166ba2d7baab796737b6f7946be8e4b57eb5a6f9e43e0e57b694f606684f7f39

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Powered-From: eu-central-1c
Bcov-Request-Id: e841aea5-42ba-4f1f-8abf-3f553ea0c8dd
Age: 4517
Policy-Key-Accountid: 5615998031001
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 7759
Via: 1.1 varnish, 1.1 2a9856881d192b485d1bf1928e98c7ed.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4083-HHN
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
X-Timer: S1613162212.855643,VS0,VE1
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: PRG50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: cgJNHSFTCEjl8SanaB8sqAI0sUJ-EHY_gKICkTDM2wNXbFFPmTmSOw==
X-Cache-Hits: 1

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame C1C4 1 KB
1 KB 117ms
36ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 13 Feb 2021 20:36:51 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 115 KB
30 KB 136ms
48ms Script
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.39e33f04f9ebc60b6629.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: u_EXV5XQ6Egl8wmZYuEdbt_kny6ZIOI0
content-encoding: gzip
server: Server
age: 375
etag: d7c8ebbead57940cf77ae4183f7ff01a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e3568b144ae2b93deb0c17907b662ac2.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Fri, 12 Feb 2021 20:30:36 GMT
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yoSj2FG33IwTis9B5RaLuCxHrKuUgr6Gl_wP7ThEKxlhLTqDrrG39Q==

GET
H2 200 pdp.gif
www.newsobserver.com/static/yozons-lib/ 42 B
384 B 143ms
142ms Image
image/gif 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX25hb183Nzk0NzY5MzU4MTc3MjE5NTg5MDUyODEwOTU3MjQ4NzE0MTU5NF8xNjEzMTYyMjExNDc0IiwiZG9tSW50ZXJhY3RpdmUiOjYyNSwicmVxdWVzdFN0YXJ0IjoxMDAsInpldXNSZXF1ZXN0ZWQiOjQ5NH0=
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 564312
content-length: 42
last-modified: Wed, 03 Feb 2021 18:48:22 GMT
server: MI
etag: "2a-5ba7308036980"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 138074629 51392022
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 p.js Show response
cdn.parsely.com/keys/newsobserver.com/ 66 KB
23 KB 136ms
48ms Script
application/x-javascript 65.9.95.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/newsobserver.com/p.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/parsely.6be7edc22b4bac6fd9c0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d9fc07cf576192a26b36d6c48ec9a561be826ee1bc56f62c8a996d35d1f74812

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Thu, 11 Feb 2021 23:02:50 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 21:36:54 GMT
server: nginx
age: 77599
etag: W/"6019c5f6-10716"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 a1c66294cb416b399374a845b97656d3.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 9fvxvU6DcxATUWoSRWCHkf4DX_JdrAHQLXv4OIM1RCpJHZn9daSc4Q==
expires: Fri, 12 Feb 2021 23:02:50 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/3581/ 10 KB
3 KB 52ms
18ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3581/i.js
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: 0e3498d41d9367f8548370b8944e31d349f8c4ee0c94249242d9632e589097c5

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:29 GMT
content-encoding: gzip
server: fasthttp
age: 22
etag: b8a2884b3c6efe
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public, max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 3168

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
211 B 70ms
22ms XHR
text/plain 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=5FC06BE5795CB0BE-0BA9E7BC32339CE5&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=77947693581772195890528109572487141594&_les_url=https%3A%2F%2Fwww.newsobserver.com%2F
Requested by: Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613162212.706454,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4077-HHN

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-48279682-1&cid=627062181.1613162212&jid=40478576&gjid=466867594&_gid=1745741581.1613162212&_u=YFDAAAAACAAAAC~&z=1153661370

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Feb 2021 20:36:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 checksub Show response
contributor.google.com/scripts/7df76a16abfcab18:D:6e0e24bc1d03a6c9/ 392 B
1 KB 59ms
44ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7df76a16abfcab18:D:6e0e24bc1d03a6c9/checksub

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.3e3Oyh45aCM.es5.O/d=1/ct=zgms/rs=AJlcJMz83xOJLMrtH8b3dH48uQrsl7xmVw/m=contributor

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1204131b28788f47eb97306cef6fbbc1999b0c34061efb2be55d18cec60ec1a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HjUMfM4KhPIyDfBLnFLd0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-HjUMfM4KhPIyDfBLnFLd0g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-HjUMfM4KhPIyDfBLnFLd0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-HjUMfM4KhPIyDfBLnFLd0g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I Show response
fundingchoicesmessages.google.com/f/ 79 KB
30 KB 42ms
38ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/gfc.4bde5ff03cc9c9ae95b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b0e40f4af4043520e42627b89c55cec39a35e95894ac08cc73eee3fe590c7e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MMhD6kyC026HMYduCOpUTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MMhD6kyC026HMYduCOpUTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-MMhD6kyC026HMYduCOpUTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MMhD6kyC026HMYduCOpUTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/ 84 KB
13 KB 14ms
13ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61ca98b7cf1605903efe0b6d46e33e2a30fad4df3a99b637134a92f78fd986c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AAibTtKo+i5nOcHwmlqtnw==
age: 1452
vary: Accept-Encoding
content-length: 13247
cf-request-id: 08398f016200000610db17c000000001
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 16:00:20 GMT
server: cloudflare
etag: 0x8D8452223A2FF4E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7d6d724b-901e-00b6-5d0e-b4d61e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62091aaf0e8f0610-FRA

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/968074018/ 42 B
96 B 59ms
58ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/968074018/?random=1613162211408&cv=9&fst=1613160000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newsobserver.com%2F&tiba=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&fmt=3&is_vtc=1&random=3212960493&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/968074018/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/968074018/?random=1613162211408&cv=9&fst=1613160000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newsobserver.com%2F&tiba=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&fmt=3&is_vtc=1&random=3212960493&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 416ms
101ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.newsobserver.com%2F&page=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&sec=Homepage&prem=0&ptype=Home&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=297de61b-e3e4-4b22-a87b-024fe771a11f&pid=d94b31ba-f0e0-40e3-b145-577ecad66239&dtm=1613162211690&qnm=_matherq&vp=1600x1200&ds=1600x6977&tofa=1613162212&vid=1&duid=2b508fae45ae5eba&fp=2240177259&cid=ma12095&mrk=74930332&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJfSG9tZVBhZ2V8fHx8Il1dfSwicGVyZiI6eyJzdGFydCI6IjE2MTMxNjIyMTA3ODciLCJyZWRpckNudCI6IjAiLCJuYXZUeXBlIjoibGluayIsImhlYXBVIjoiMjAuNW1iIiwiaGVhcFQiOiIyMy4xbWIiLCJmZXRjaFMiOiI1MSIsImRvbWFpblMiOiI1MiIsImRvbWFpbkUiOiI1MiIsImNvbm5TIjoiNTIiLCJjb25uRSI6IjEwMCIsInNzbFMiOiI2NiIsInJlcXVTIjoiMTAwIiwicmVzcFMiOiIxMzQiLCJyZXNwRSI6IjE1MSIsImRvbUxvYWQiOiIxNDEiLCJkb21JbnRlciI6IjYyNSIsImRvbUxvYWRTIjoiNjY2IiwiZG9tTG9hZEUiOiI2NzIifSwia2V5d29yZHMiOlsibmV3cyIsImJyZWFraW5nIiwibGF0ZXN0IiwibG9jYWwiLCJSYWxlaWdoIiwiRHVyaGFtIiwiTm9ydGggQ2Fyb2xpbmEiXX0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:52 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK us-vaccinated.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 3 KB
1 KB 27ms
25ms Fetch
application/json 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/us-vaccinated.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e764b8523e87f85481b82597a696043ae51cea9482e72f9239dbead056e4adb6

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2021 16:00:03 GMT
Server: Apache
ETag: "cc0-5bb25baa9b95b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=146
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 640

GET
H/1.1 200
OK states-vaccinated.json Show response
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 36 KB
8 KB 34ms
33ms Fetch
application/json 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/states-vaccinated.json
Requested by: Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.85ef961b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9038f1544dc0232ee10c36eb88206cc97ad2dc574595936124cc3528da58607e

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2021 16:00:02 GMT
Server: Apache
ETag: "8f11-5bb25ba9f1600"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=148
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7727

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
413 B 34ms
33ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-48279682-1&cid=627062181.1613162212&jid=40478576&_u=YFDAAAAACAAAAC~&z=904772310

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-48279682-1&cid=627062181.1613162212&jid=40478576&_u=YFDAAAAACAAAAC~&z=904772310

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.rlcdn.com/ 118 B
342 B 145ms
123ms Fetch
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.rlcdn.com/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 03bd967e57e758711e3a5753d42e2cbc17f2384921558b0b651518dfeff5906f

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
etag: W/"76-3L098/1vFcbWjV3f3H9tLZtyxZw"
server: Google Frontend
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 9d764918755585a4e42b04c346e9082b
cache-control: private
content-length: 128

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 417ms
199ms Script
text/javascript 18.208.113.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newsobserver.com%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.113.131 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: f7b564438fc53ae76772f8ce7a6ab851fd96ce0175b222e99788627fe7b73e97

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 646
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 check Show response
connect.scroll.com/embed/ 0
230 B 166ms
116ms XHR
application/json 35.201.100.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.scroll.com/embed/check

Requested by

Host: static.scroll.com
URL: https://static.scroll.com/js/scroll.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.100.179 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.30.v20200611) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https: http:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
via: 1.1 google
server: Jetty(9.4.30.v20200611)
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
content-security-policy: frame-ancestors https: http:;
alt-svc: clear
content-length: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 315ms
104ms Image
image/gif 18.235.56.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsobserver.com&p=%2F&u=CMdg0yBcmrCBBdMiex&d=newsobserver.com&g=62447&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6977&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=965&t=DR4MYDCfNAozCfJP4CCk58C_iIopM&V=122&i=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&tz=-60&sn=1&sv=BefhRwCqZkXgD8Ipa5BlnpZuC477T1&sd=1&im=062b2f3e&_
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.56.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-56-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 pixel;r=355251331;labels=NAO;rf=0;uht=2;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.newsobserver.com%2F;fpan=1;fpa=P0-724622005-1613162211759;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;...
pixel.quantserve.com/ 35 B
371 B 9ms
7ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=355251331;labels=NAO;rf=0;uht=2;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.newsobserver.com%2F;fpan=1;fpa=P0-724622005-1613162211759;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=newsobserver.com;je=0;sr=1600x1200x24;dst=1;et=1613162211759;tzo=-60;ogl=site_name.Raleigh%20News%20%26%20Observer%2Ctitle.Raleigh%20NC%20News%252C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer%2Cimage.https%3A%2F%2Fwww%252Enewsobserver%252Ecom%2Fwps%2Fbuild%2Fimages%2Fnewsobserver%2Ffacebook%252Ejpg

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202102081224/ 192 KB
58 KB 23ms
23ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102081224/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 739b8c85a7fc66c5641f1849342de96a73282d51607ad717c257721a7d1c16d2

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:51 GMT
Content-Encoding: gzip
Age: 545
X-Cache: HIT
Connection: keep-alive
Content-Length: 58698
x-amz-id-2: idrrJSLAhFyUFvjT6vwJlMetejUiCVslvpZJVVb3nbQpODSPVvpVZenWPUdxOeyc1kRzuhtuFuU=
X-Served-By: cache-hhn4073-HHN
Last-Modified: Mon, 08 Feb 2021 17:25:38 GMT
Server: AmazonS3
X-Timer: S1613162212.774612,VS0,VE0
ETag: "23e6110cec5ae2cc41810f692912d122"
x-amz-request-id: CB33C03D251264E7
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 808

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 40ms
40ms XHR
application/json 108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_mid=77947693581772195890528109572487141594&d_coop_safe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=mcid%0177947693581772195890528109572487141594&ts=1613162211801

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e8831d132ceee8b0a13a83bc27ddbaaa5bc8beb9927b38ab639b3ac7990568db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v089-0df3514ed.edge-irl1.demdex.com 5.80.6.20210202104731 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: Q+lb3/OURYg=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 995
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s67264530387477 Show response
mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/ 2 KB
3 KB 58ms
57ms Script
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/s67264530387477?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F1%2F2021%2021%3A36%3A51%205%20-60&cid.&mcid.&id=77947693581772195890528109572487141594&.mcid&.cid&d.&nsid=0&jsonv=1&.d&sdid=5FC06BE5795CB0BE-0BA9E7BC32339CE5&mid=77947693581772195890528109572487141594&aamlh=6&ce=UTF-8&pageName=D%3Dv4&g=https%3A%2F%2Fwww.newsobserver.com%2F&cc=USD&ch=D%3Dv23&server=D%3Dv24&xact=mi_as_nao_77947693581772195890528109572487141594_1613162211474&events=event7%2Cevent62%3D1462&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv54&v1=Unregistered&h1=NAO%7CNews%20and%20Observer%7C_HomePage%7C%7C%7C%7C%7CHomepage&c2=dev%3Aother&c3=D%3Dv7&v4=Home%3A%20Homepage&c5=meter%3Astorage_unsupported&c6=D%3Dh1&v7=Home&c10=%2F&v10=Nativo%2CNewsletter%20CTA&c11=ecidfailed%3Ano%7Cecidtimeout%3Ano%7Cmicb%3Ayes%7ChasFocus%3Ayes%7Crefresh%3Ano&c12=pageview%3Anormal&v12=no%20referrer&c13=Unregistered&c14=D%3Dv16&c15=dev%3Aother&v15=New&c17=D%3Dv8&c18=D%3Dv15&c20=D%3Dv51&c21=_HomePage&v23=Homepage&v24=newsobserver.com&v25=Homepage&c26=D%3Dv26&v26=NAO&c27=D%3Dv27&v27=News%20and%20Observer&c28=Homepage%3A7041&v30=score%3A14&c33=3%3A36PM&c34=Friday&c35=D%3Dv13&c36=D%3Dv10&c39=D%3Dv14&c41=D%3Dv74&v41=_HomePage%7C%7C%7C%7C%7CHomepage&c43=D%3Dv55&c44=Entry%20Page&v45=loggedin%3Ano&c47=escenic%3Adesktop&v48=XT_CreditCardDecline_032320%3A%20Default&c49=D%3Dv12&v50=D%3Dv0&v54=https%3A%2F%2Fwww.newsobserver.com%2F&v55=Entry%20Page&c56=D%3Dv45&c58=core%3Ayes%7Cdl%3Ayes&v71=1&v74=Product%3A%20Escenic&v79=D%3Dmid&v84=1462&v85=Unknown&v90=count%3A0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&AQE=1

Requested by

Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

b87b8dd2e685d1cf391ea9e9de5e3b4eb948ad7492b7749fc1dfa277a38a316a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-aam-tid: 4HFXRfA4Ru0=
date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
content-length: 2490
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v089-096402594.edge-irl1.demdex.com 5.80.6.20210202104731 6ms (+0ms)
pragma: no-cache
last-modified: Sat, 13 Feb 2021 20:36:51 GMT
server: jag
xserver: anedge-5955cb7dcf-65fpn
etag: 3464239470727233536-4621938982534116390
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 11 Feb 2021 20:36:51 GMT

GET
H3-Q050 200 pubads_impl_2021020901.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 96ms
65ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:41:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103372
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:51 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEI_fcqizTmUv1R6HSQATpPM&google_cver=1
dpm.demdex.net/ Frame 08AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Nzg1MDQxODU1NzQ5NTg4Njc3MDA1NDM1MDEzODI5ODAzMTcwMzc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI_fcqizTmUv1R6HSQATpPM&google_cver=1?gdpr=0&gdpr_consent=

42 B
915 B

38ms
37ms

Image
image/gif

108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI_fcqizTmUv1R6HSQATpPM&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-08bc437db.edge-irl1.demdex.com 5.80.6.20210202104731 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 0yVsDoxOTxQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI_fcqizTmUv1R6HSQATpPM&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 418ms
109ms XHR
text/xml 52.46.130.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.46.130.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 50066923f50edae28ce3f2e93e00c1a96208f9f81b4cfe4b33c18133eb9def09

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 20:36:52 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 33466c78-74c5-5c7e-bcb7-34d89de15626
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 246B 37 KB
14 KB 26ms
25ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsobserver.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=40566
Expires: Sat, 13 Feb 2021 07:52:57 GMT
Date: Fri, 12 Feb 2021 20:36:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
3 KB 15ms
15ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NgHQTHCGWwGmNE0ie37G8A==
age: 4206925
vary: Accept-Encoding
content-length: 3248
cf-request-id: 08398f02080000061009896000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1b064c31-e01e-007e-293b-db4729000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62091ab009870610-FRA
expires: Sat, 20 Feb 2021 20:36:51 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 61 KB
15 KB 13ms
12ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ebGLXbyX4UjJx8DgFc7F7g==
age: 4206925
vary: Accept-Encoding
content-length: 14901
cf-request-id: 08398f020900000610dc060000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:17 GMT
server: cloudflare
etag: 0x8D84A3B55B1B344
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 85576d5e-101e-0164-583b-db2e13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62091ab0098a0610-FRA
expires: Sat, 20 Feb 2021 20:36:51 GMT

GET
H2 200 ijs_all_modules_cjs_min_c6edc791ae02fecfb42babfdb2be7d68.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 564 KB
138 KB 303ms
16ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_c6edc791ae02fecfb42babfdb2be7d68.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3581/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 32d6404523e591d22782fa50bc724822a776cf9fd6f46fb64e0de87c79b4bb3b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 16:57:17 GMT
content-encoding: gzip
age: 13175
x-guploader-uploadid: ABg5-UwF3-QCsxk8Kq1UWShTgiK3wjYHFq163jQ8-DFB3yswsTMmMutsWF7IRJHnImHTmpYpDurGaCNW0q6sBp5KpE4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 140390
last-modified: Fri, 12 Feb 2021 16:57:09 GMT
server: UploadServer
etag: "1118b62b95c332d83f379cfd1d50e5fc"
vary: Accept-Encoding
x-goog-hash: crc32c=uo85lA==, md5=ERi2K5XDMtg/N5z9HVDl/A==
x-goog-generation: 1613149029012643
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 140390
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 12 Feb 2022 16:57:17 GMT

POST
H3-Q050 204 AGSKWxUxAszXwRMB27DoR7X_qty3fZsM9oQfyJE_TuLtjSjI6K7iD5CILhF-Tw-TXV9B7defbA3_vL5wubIs7jdF Show response
fundingchoicesmessages.google.com/l/ 0
337 B 46ms
18ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUxAszXwRMB27DoR7X_qty3fZsM9oQfyJE_TuLtjSjI6K7iD5CILhF-Tw-TXV9B7defbA3_vL5wubIs7jdF?pvid=5EB623DC-25CE-4FDB-B526-B5DCDCEAFDCF&anonid=12BE58FC-8FDF-49D4-8584-48097EB55CBC

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.epLJLG4K5D8.es5.O/d=1/ct=zgms/rs=AJlcJMzfPVltO4lUmU7vRzdxe2b_x0NCHQ/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h6dIyz+TX6M/RpTdielYwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-h6dIyz+TX6M/RpTdielYwg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-h6dIyz+TX6M/RpTdielYwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-h6dIyz+TX6M/RpTdielYwg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUxAszXwRMB27DoR7X_qty3fZsM9oQfyJE_TuLtjSjI6K7iD5CILhF-Tw-TXV9B7defbA3_vL5wubIs7jdF Show response
fundingchoicesmessages.google.com/l/ 0
809 B 44ms
18ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A3SSQjMCxDJXqu1KfqdeuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-A3SSQjMCxDJXqu1KfqdeuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-A3SSQjMCxDJXqu1KfqdeuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-A3SSQjMCxDJXqu1KfqdeuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUxAszXwRMB27DoR7X_qty3fZsM9oQfyJE_TuLtjSjI6K7iD5CILhF-Tw-TXV9B7defbA3_vL5wubIs7jdF Show response
fundingchoicesmessages.google.com/l/ 0
335 B 17ms
17ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hfFeiDnHhRT7FGSFwqAyUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-hfFeiDnHhRT7FGSFwqAyUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-hfFeiDnHhRT7FGSFwqAyUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-hfFeiDnHhRT7FGSFwqAyUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxXKEGKfzQmMU4ftrpNSlIma-Is3SmNm6bwuegFRl320LiGFI47IqbA1aT3_vVGZ7Xjda80mDpbSJjg3h5lk Show response
fundingchoicesmessages.google.com/f/ 77 KB
30 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXKEGKfzQmMU4ftrpNSlIma-Is3SmNm6bwuegFRl320LiGFI47IqbA1aT3_vVGZ7Xjda80mDpbSJjg3h5lk?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjEzMTYyMjExLDkwMzAwMDAwMF0sIjVFQjYyM0RDLTI1Q0UtNEZEQi1CNTI2LUI1RENEQ0VBRkRDRiIsIjEyQkU1OEZDLThGREYtNDlENC04NTg0LTQ4MDk3RUI1NUNCQyIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a6f61c661426f965e04233373588785ad5aafb703ad7521c1ba5fcfabacd18d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+W/lI2aliUPJS9BvLrpzyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+W/lI2aliUPJS9BvLrpzyQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-+W/lI2aliUPJS9BvLrpzyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+W/lI2aliUPJS9BvLrpzyQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame C1C4
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1613162211911&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1613162211911&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=http...

0
528 B

39ms
39ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1613162211911&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c9=&cs_ak_ss=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:51 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1613162211911&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:51 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 302ms
101ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1613162211940&plid=39360567&idsite=newsobserver.com&url=https%3A%2F%2Fwww.newsobserver.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.newsobserver.com%2F&sref=&sts=1613162211936&slts=0&title=Raleigh+NC+News%2C+Sports+%26+Politics+%7C+Raleigh+News+%26+Observer&date=Fri+Feb+12+2021+21%3A36%3A51+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=17763056&u=pid%3Ddc068f37d4a4f08b5e925225d470243f
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:52 GMT
Cache-Control: no-cache
Last-Modified: Friday, 12-Feb-2021 20:36:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 132ms
44ms XHR
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 72677
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 06:42:57 GMT
server: AmazonS3
date: Fri, 12 Feb 2021 00:25:36 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: LX1Zze84BYmw1AFbPubR2DJmZ356S76Gh1txxObMXO7m9uj1fqboyw==

GET
H2 200 video_info Show response
context.iris.tv/ 139 B
483 B 198ms
44ms XHR
application/json 65.9.94.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998031001&platform_id=6231679253001
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Zer01ne /
Resource Hash: 0170c27d04be3e30c6ba52497e60b4ba2de8a7777a9ee36ce2c6b1dc146db7fc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:29 GMT
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
server: Zer01ne
age: 23
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop: PRG50-C1
x-robots-tag: noindex, follow
x-amz-cf-id: mJ-8mEJWO5ELQL6-NFSz-FKkgXLhpo_WNXYxgvA_yXUxx7FXG6ytgg==

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 08AF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUNibTR3QUFBSmVhblZ4Tw==

170 B
730 B

48ms
34ms

Image
image/png

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUNibTR3QUFBSmVhblZ4Tw==

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613162212.277429,VS0,VE0
x-served-by: cache-fra19160-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUNibTR3QUFBSmVhblZ4Tw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 video_info Show response
context.iris.tv/ 282 B
624 B 164ms
45ms XHR
application/json 65.9.94.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998031001&platform_id=6230965657001
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Zer01ne /
Resource Hash: 60533b1916182a8b2ed435c7583046a833a68ed96b75c270c4081d30f485dab1

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:08:09 GMT
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
server: Zer01ne
age: 1723
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop: PRG50-C1
x-robots-tag: noindex, follow
x-amz-cf-id: POAof4Fx9-8sH0MZrB2IDi8j0N8AhL3OxDgs0JzC8voOQAbEVhsAbA==

GET
H2 200 video_info Show response
context.iris.tv/ 113 B
456 B 134ms
45ms XHR
application/json 65.9.94.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998031001&platform_id=6231311602001
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Zer01ne /
Resource Hash: 96bd755d87e4e283ead692fc3500b1577f01a04c4a0a10653561c8abaad76dd2

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:09:34 GMT
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
server: Zer01ne
age: 1638
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop: PRG50-C1
x-robots-tag: noindex, follow
x-amz-cf-id: 1iE8qJfWvUgrlBwNRi0UCcP7-vvvWttGjnHAJcXw7i-VDvJtdMRb0Q==

GET
H2 200 video_info Show response
context.iris.tv/ 152 B
495 B 132ms
44ms XHR
application/json 65.9.94.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998031001&platform_id=6230812063001
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Zer01ne /
Resource Hash: 1ef28c721ead4e571339025f0ba2035bb04dc7cb2ee564a37b94426424fb19f0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:18:17 GMT
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
server: Zer01ne
age: 1115
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop: PRG50-C1
x-robots-tag: noindex, follow
x-amz-cf-id: iRlx5f6oE68HxpgP98z7CVTdzTQ3WmVdK8PyE6lv8eTAm8_QCgSNIQ==

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 246B 3 KB
4 KB 304ms
16ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38893930&p=159414&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3f2a1ce8de20fc91cd266a7bcaf47c8d337ed7c27eaba9c455f6c3972b98ea0e

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:52 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H2 200 pixel_2caf822c Show response
www.newsobserver.com/akam/11/ 0
610 B 30ms
29ms XHR
text/html 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/11/pixel_2caf822c
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/akam/11/2caf822c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Fri, 12 Feb 2021 20:36:52 GMT

POST
H3-Q050 204 AGSKWxUxAszXwRMB27DoR7X_qty3fZsM9oQfyJE_TuLtjSjI6K7iD5CILhF-Tw-TXV9B7defbA3_vL5wubIs7jdF Show response
fundingchoicesmessages.google.com/l/ 0
359 B 18ms
18ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oajJYiJP6Rz/lfz7aDXwwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-oajJYiJP6Rz/lfz7aDXwwQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-oajJYiJP6Rz/lfz7aDXwwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-oajJYiJP6Rz/lfz7aDXwwQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
718 B 51ms
18ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:52 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.147:80
AN-X-Request-Uuid: f62cf782-73f3-4f49-ae32-1db77d2862ee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
150 B 3136ms
47ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=104&profileId=184&cb=79127356082
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 12 Feb 2021 20:36:55 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

arj Show response
mcclatchy-d.openx.net/w/1.0/
Redirect Chain

https://mcclatchy-d.openx.net/w/1.0/arj?auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200...
https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600...

190 B
465 B

48ms
48ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200x24&tz=-60&nocache=1613162212191&us_privacy=1---
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.202.0 /
Resource Hash: ac0c2d58f6f87527a34dd8de48c3a4ceb8cf95f925e92f1f973a5e21e0c8e918

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:55 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newsobserver.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 178
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 12 Feb 2021 20:36:55 GMT
via: 1.1 google
server: OXGW/16.202.0
location: https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541167014,541167021&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.newsobserver.com%2F&res=1600x1200x24&tz=-60&nocache=1613162212191&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 3171ms
115ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 12 Feb 2021 20:36:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 347 B
3 KB 3245ms
141ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80324&tk_flint=custom&slots=2&size_id=2%3B15&alt_size_ids=55%2C57%3B10&zone_id=493154%3B493154&rp_floor=0.01&us_privacy=1---
Requested by: Host: mcclatchy-newsobserver.zeustechnology.com
URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 37834afedbacdbee0cc4e58e17aa747fb2ab10b16df54cef364596f2010c45a7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:55 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.newsobserver.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 347
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
374 B 95ms
94ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newsobserver.com%2F&pid=DXqUOSUAD3LDi&cb=0&ws=1600x1200&v=7.59.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22960x30%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F7675%2FRAL.site_newsobserver%2F_HomePage%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F7675%2FRAL.site_newsobserver%2F_HomePage%22%7D%5D&cfgv=0&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 e3568b144ae2b93deb0c17907b662ac2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -ADAckfxucDIiA4Qle9TQz4QecCUyRgdh0hRuw1hJ6hERRmrstb9eQ==

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 08AF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YCbm4wAAAJeanVxO&expires=90

0
239 B

342ms
23ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YCbm4wAAAJeanVxO&expires=90
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613162212.277564,VS0,VE0
x-served-by: cache-fra19160-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YCbm4wAAAJeanVxO&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/10s/ 6 KB
7 KB 24ms
8ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/10s/master.m3u8?fastly_token=NjA0YmMzMjNfZGRkYmQ0MTU3NWZjNmY3OWJjMzJmYTNhNGUyN2YwMjA3Yjc5NWU2ODBmNWUwMDJiNzY1ZDBiZDIyZjg1YmQ3NQ%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 740113cc2dad15037a83af4519a3363109e6dbb587002865d4f5bed30d57e731

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 8266
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.275813,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/ad705d92-deb9-4849-9ab5-a3c251e15ca5/10s/ 6 KB
7 KB 22ms
9ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/ad705d92-deb9-4849-9ab5-a3c251e15ca5/10s/master.m3u8?fastly_token=NjA0YmMzY2JfYjBlMjAwOTU5Y2FjNWYxNGNmOTRiMzBiYmZhMTUzMDA2NzkxMWIzYzU4ODVhZGFlMTEwOGM0M2FmMzkwZmExOQ%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 316d2784f1da3c0198bc4e5ec606a0b9b18ff0b08f8f4008c865a5427e0c0406

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 20
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.275780,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/07b0bd99-c1db-47e2-a73a-817a39d07307/10s/ 6 KB
7 KB 19ms
9ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/07b0bd99-c1db-47e2-a73a-817a39d07307/10s/master.m3u8?fastly_token=NjA0YmNlOGNfMDA4MDU0NWY0MTliZTljOGIwZThiNmE2ZTNhNjk0MGJhZWRmMTVmOTUzOGQ0ZjExYWQ3ZjVjZjUzNGE2NmIzYQ%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 79097a95aa7e4de63a765bb16c2624d4aa7b521119e90f8a7bd3b232034218d9

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 132445
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.275752,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/b904441b-07a8-4a90-ab7e-8dc8f8997eb3/10s/ 6 KB
7 KB 13ms
9ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/b904441b-07a8-4a90-ab7e-8dc8f8997eb3/10s/master.m3u8?fastly_token=NjA0YmMxM2FfYzM3OTc5M2NhY2NhYzcxZmVhN2RjNWZjMzliY2U0ZGIyMzkxM2NiYjgwZDIwNmFiODEyZGQ1M2JjYjA2ZWZmZg%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 276898a6b9ebb74b06e5be84680fd6f1725cefc6d56a62beb3f6fd2fbed26f24

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 44814
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.275764,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 57 B
406 B 491ms
109ms XHR
application/json 35.201.103.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_c6edc791ae02fecfb42babfdb2be7d68.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.103.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 1758a8d9ce7c5ddb7e50b60e1ce43145630aef56a6a996ae7a02b66f1c4b3bcf

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 57 B
406 B 817ms
108ms XHR
application/json 35.190.34.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_c6edc791ae02fecfb42babfdb2be7d68.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.34.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 5904f1d2e7fb1bbdbfdc8737628c0ec75730c5f25cee05d424d217ea5ebb8df4

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:53 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 100 B
449 B 1379ms
109ms XHR
application/json 35.227.238.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_c6edc791ae02fecfb42babfdb2be7d68.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.238.167 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 7699eaaf12731bd7f39acef1f742ac5f6b9c88ad6ad936af94b45fd1ea99b51c

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:53 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
BLOB 200
OK a9eec99b-bc72-47fd-bc31-09607d1172eb
https://www.newsobserver.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/a9eec99b-bc72-47fd-bc31-09607d1172eb
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

GET
BLOB 200
OK d94f6510-ec5a-4f91-a64a-83d832ab7c54
https://www.newsobserver.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/d94f6510-ec5a-4f91-a64a-83d832ab7c54
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

GET
H2 200 IrisUpNext.css
ovp.iris.tv/libs/adaptive/styles/v2/ 14 KB
14 KB 12ms
11ms Stylesheet
text/css 2600:9000:2127:1c00:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/v2/IrisUpNext.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:1c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: wvkxUhCS82NPYaTWHesnpN1q5vhFHa5Q
via: 1.1 d05dc840d6cf3901928326ad8b6d38c3.cloudfront.net (CloudFront)
last-modified: Mon, 11 Feb 2019 19:50:18 GMT
server: AmazonS3
age: 5439473
etag: "840c928a4f9a6d6ee5ca76af8031b7ea"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, must-revalidate
date: Fri, 11 Dec 2020 21:38:59 GMT
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 14368
x-amz-cf-id: uLOrSAJfZE4KqdIj2h6SUAYdfYpi7BoRR-SXOZ4Yk92omelUJg8enw==

GET
H2 200 IrisButtons.css
ovp.iris.tv/libs/adaptive/styles/ 6 KB
6 KB 11ms
11ms Stylesheet
text/css 2600:9000:2127:1c00:15:d134:4e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/IrisButtons.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:1c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Dec 2020 21:58:45 GMT
via: 1.1 d05dc840d6cf3901928326ad8b6d38c3.cloudfront.net (CloudFront)
last-modified: Thu, 10 Dec 2020 21:56:44 GMT
server: AmazonS3
age: 5524688
etag: "e54832afd18f0ed157b8160ac7e4a9d2"
x-cache: Hit from cloudfront
x-amz-version-id: CcqFDVhLmj7fMBiS5W3t1iFW3PtkExjg
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: text/css
content-length: 6053
x-amz-cf-id: GUEs1sKcQqY9pfZ_E8054EWe4At7JT9FgKqk9ZpE7y9756T4UaZyig==

GET
H3-Q050 200 bridge3.439.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7976 576 KB
189 KB 31ms
17ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

497fade3f33a9fa6455795f6f5c453ec2926fe41034c1a24b945ad5bac2793dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.439.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192786
date: Fri, 12 Feb 2021 18:38:00 GMT
expires: Sat, 12 Feb 2022 18:38:00 GMT
last-modified: Mon, 08 Feb 2021 16:20:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7132
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:52 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/ea69188e-36a5-4910-9831-c0147272ef35/1280x720/match/ 183 KB
184 KB 134ms
44ms Image
image/jpeg 65.9.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/ea69188e-36a5-4910-9831-c0147272ef35/1280x720/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: ef1de0f5f7862c43f4abdd2bca62b33ca8088d9913ceb3203f6150fb61e860cf

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 17:21:18 GMT
Via: 1.1 aa90ed38e679f04bd48e055cce602e21.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 11734
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: SEyybUT_VwlwHGiPTf3fGw2bmPciZ1gtOoObLLAwiPAii2SQErakrQ==
Expires: Sat, 12 Feb 2022 17:21:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
172 B 28ms
28ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsobserver.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 20:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
BLOB 200
OK 9486020d-c44c-4bda-9c89-2209a79445b4
https://www.newsobserver.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/9486020d-c44c-4bda-9c89-2209a79445b4
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

GET
H3-Q050 200 bridge3.439.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8BC5 576 KB
188 KB 22ms
22ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

497fade3f33a9fa6455795f6f5c453ec2926fe41034c1a24b945ad5bac2793dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.439.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192786
date: Fri, 12 Feb 2021 18:38:00 GMT
expires: Sat, 12 Feb 2022 18:38:00 GMT
last-modified: Mon, 08 Feb 2021 16:20:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7132
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/ad705d92-deb9-4849-9ab5-a3c251e15ca5/4d6b7600-a315-4212-8250-3a565cef5fe0/1280x720/match/ 259 KB
259 KB 239ms
43ms Image
image/jpeg 65.9.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/ad705d92-deb9-4849-9ab5-a3c251e15ca5/4d6b7600-a315-4212-8250-3a565cef5fe0/1280x720/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: 53c7dbfa97e7f89767dd15fd3b19aa9917035178a820bfc1b9ad75d49df07240

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:22:02 GMT
Via: 1.1 aa90ed38e679f04bd48e055cce602e21.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 22489
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: yKdjQicPJOM_sGqlvgMc47X3_880WS-W2Ubmo2MrWuktP5NBhsyQWg==
Expires: Sat, 12 Feb 2022 14:22:02 GMT

GET
H3-Q050 200 bridge3.439.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 62C4 576 KB
188 KB 21ms
20ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

497fade3f33a9fa6455795f6f5c453ec2926fe41034c1a24b945ad5bac2793dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.439.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192786
date: Fri, 12 Feb 2021 18:38:00 GMT
expires: Sat, 12 Feb 2022 18:38:00 GMT
last-modified: Mon, 08 Feb 2021 16:20:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7132
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/07b0bd99-c1db-47e2-a73a-817a39d07307/e50eaab0-0b80-47c7-89f1-df73d1ecf895/1280x720/match/ 214 KB
215 KB 325ms
43ms Image
image/jpeg 65.9.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/07b0bd99-c1db-47e2-a73a-817a39d07307/e50eaab0-0b80-47c7-89f1-df73d1ecf895/1280x720/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: 1ab1af758e604c59b7f05f2df783881826dc86bfb2ff30d6264ffe574ba5d40c

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 22:21:25 GMT
Via: 1.1 aa90ed38e679f04bd48e055cce602e21.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 80127
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: M7sMKA-AmPa78GwMf4-9GuvoOFmXWUvjT46swJFw-dag6u8WYKnNGA==
Expires: Fri, 11 Feb 2022 22:21:25 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 231ms
231ms Image
image/gif 18.208.113.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=21236876-9a15-4ae3-aa5b-14abcb695518&ntv_fl=7uDOAz88QViW5FhnhWWSVVJWfUVJQ-uiLvAjC-KTaIVju4Rleyqs6PO89VW79Rrp&ntv_ht=5OYmYAA&ntv_at=303,302&ntv_a=AAAAAAAAAAWK0QA&ord=1613162212364&ntv_dpl=1009,1011,1028,1016,1001,1050,1003,1019,1005,1007&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.113.131 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 108ms
108ms Image
image/gif 18.208.113.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092952&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.113.131 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
BLOB 200
OK 16e6462a-3846-49d3-a23f-f82d8ab9e78b
https://www.newsobserver.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/16e6462a-3846-49d3-a23f-f82d8ab9e78b
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/8312703f-047b-470c-a4a7-ef7b066e81b2/10s/ 4 KB
4 KB 8ms
6ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/8312703f-047b-470c-a4a7-ef7b066e81b2/10s/rendition.m3u8?fastly_token=NjA0YmI0N2ZfZjIxMGY0ODhiMDU2Y2M1ZTcyNDNlMDNkZWFmNzk2ODA4YWFhMWMwOTM2MmM0YWIxZDk1OGE2YjU4Y2E1OTkwYw%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 50499b2b05cda5a878ba6be147bd1f54b500bfc83316d1bfb279fb727bb2ee5a

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 8265
x-powered-by: BC
x-cache: HIT
content-length: 3659
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.375400,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/07b0bd99-c1db-47e2-a73a-817a39d07307/2f3aeaaf-8f64-46f3-b5e5-e11b40dc5b21/10s/ 5 KB
5 KB 7ms
7ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/07b0bd99-c1db-47e2-a73a-817a39d07307/2f3aeaaf-8f64-46f3-b5e5-e11b40dc5b21/10s/rendition.m3u8?fastly_token=NjA0OWNmOTZfNmVmYzQyYzBkMjNkMWM3MDJhNWUxZTgyZjExMThjYmQ2ZTM2Y2RiZTg1NjU1OGI4YmNjNjUxZWU0MmU2YTI0MA%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 362635fbb0c04aab327ed0d20a32b51e2f8d26247ffb181db578af7614655fd8

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 20
x-powered-by: BC
x-cache: HIT
content-length: 4843
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.375920,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/ad705d92-deb9-4849-9ab5-a3c251e15ca5/81836559-d032-441d-abae-a951d1ecfcbb/10s/ 9 KB
9 KB 7ms
7ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/ad705d92-deb9-4849-9ab5-a3c251e15ca5/81836559-d032-441d-abae-a951d1ecfcbb/10s/rendition.m3u8?fastly_token=NjA0YmQ1NWRfOTEyZDFhZGZjNTkzMDg4ODBmNWE2ZDlhZDIxNzUxMTQ1YWFhYTY5YzllMTZlM2M5NmM1MWUxMjNiZmM1MDFiOA%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 12f731776693c9e3fadb616a3da9e6fcc7f309e60ecf32d730e8a00263dabe0a

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 19
x-powered-by: BC
x-cache: HIT
content-length: 9188
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.376505,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/b904441b-07a8-4a90-ab7e-8dc8f8997eb3/c4f58bcb-d79f-4646-9823-713160cd4baf/10s/ 1 KB
1 KB 8ms
6ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/b904441b-07a8-4a90-ab7e-8dc8f8997eb3/c4f58bcb-d79f-4646-9823-713160cd4baf/10s/rendition.m3u8?fastly_token=NjA0YjI1NzhfMjk5NGI5MjU4NDE4NDAwMTg1YTY4N2E0MmI5ZDgzZDk4YmY1YWU4Y2JiOWM1YWQ4Y2ZhODI0YjJlNGIxYzM1MA%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: c22ceac6dd6f94023ff90d1b8cd9993abf03c477cb99900673b18c6d76b742d3

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 44814
x-powered-by: BC
x-cache: HIT
content-length: 1295
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.379338,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H3-Q050 200 bridge3.439.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0938 576 KB
188 KB 12ms
10ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

497fade3f33a9fa6455795f6f5c453ec2926fe41034c1a24b945ad5bac2793dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.439.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192786
date: Fri, 12 Feb 2021 18:38:00 GMT
expires: Sat, 12 Feb 2022 18:38:00 GMT
last-modified: Mon, 08 Feb 2021 16:20:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7132
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/b904441b-07a8-4a90-ab7e-8dc8f8997eb3/06658dfe-565a-4318-8fdf-1a0e5363738c/1280x720/match/ 297 KB
297 KB 360ms
43ms Image
image/jpeg 65.9.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/b904441b-07a8-4a90-ab7e-8dc8f8997eb3/06658dfe-565a-4318-8fdf-1a0e5363738c/1280x720/match/image.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / BC
Resource Hash: a01c522d810d954073c4ba8b348e601f5d44bb15fabef8915b5ed762ee8d44eb

Request headers

Origin: https://www.newsobserver.com
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 20:02:15 GMT
Via: 1.1 aa90ed38e679f04bd48e055cce602e21.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 88477
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: VT8F2TbI1oEtflPUrgtceZuj2_rE2Fs7c0Jv6Ax4kjw6DJSaVjRJDg==
Expires: Fri, 11 Feb 2022 20:02:15 GMT

GET
H2 200 local_storage_frame16.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 1ACF 2 KB
1 KB 16ms
16ms Document
text/html 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_c6edc791ae02fecfb42babfdb2be7d68.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

:method: GET
:authority: assets.bounceexchange.com
:scheme: https
:path: /assets/bounce/local_storage_frame16.min.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

x-guploader-uploadid: ABg5-UwORhHtdrr-TbricQdKxRLHNBSGC_pIyuHQEVHZe6OfcmPn5i1PQTk4RAB8d-AEi0_X7E0NahvlcwPtYAX8ew
date: Sat, 30 Jan 2021 23:00:47 GMT
expires: Sun, 30 Jan 2022 23:00:47 GMT
last-modified: Thu, 28 Jan 2021 14:04:39 GMT
etag: "93efcaa36b256c921d56c84bc9d8194d"
x-goog-generation: 1611842679711187
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1055
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-goog-hash: crc32c=KZeYBw== md5=k+/Ko2slbJIdVshLydgZTQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1055
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
server: UploadServer
cache-control: public,max-age=31536000
age: 1114565
alt-svc: clear

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 08AF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCbm4wAAAJeanVxO
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCbm4wAAAJeanVxO&C=1

43 B
1003 B

100ms
99ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCbm4wAAAJeanVxO&C=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 12 Feb 2021 20:36:53 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCbm4wAAAJeanVxO&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Fri, 12 Feb 2021 20:36:53 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/65ac0242-22cf-4e73-b04e-52df3e56d9bb/10s/ 4 KB
4 KB 7ms
7ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4970c7e7-e8ba-414a-a25c-939807544f6e/65ac0242-22cf-4e73-b04e-52df3e56d9bb/10s/rendition.m3u8?fastly_token=NjA0YmI0N2ZfZTAxM2E4Zjg4YmJkODRmYTE3MDMzYmNhNjRhZmU3ZWRiYzA3YWM3N2EwN2Q1NGI1ZjY4ZDA0OWRmZWMyOTBkNg%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: ec9c7a7f521426580db314ca744e339958dcb20ca0f2c3e05e803b962b154171

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 8265
x-powered-by: BC
x-cache: HIT
content-length: 3651
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.443258,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/07b0bd99-c1db-47e2-a73a-817a39d07307/0715852b-c5f9-4750-b1c2-5d96d76ea3bf/10s/ 5 KB
5 KB 7ms
6ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/07b0bd99-c1db-47e2-a73a-817a39d07307/0715852b-c5f9-4750-b1c2-5d96d76ea3bf/10s/rendition.m3u8?fastly_token=NjA0OWNmOTZfZDU3NTkxMzI4OTY2NDY0NTUxMWUxZjgzMGI1YzAzMjI4ZDkzNTI5MmVlYTYwOTc3MTZhMjI3YWUxNmRlN2EyNw%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 7220fe0cfa384186aea61fde6b83832473929cf5cb16a68bf765a3d6e9a70714

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 132445
x-powered-by: BC
x-cache: HIT
content-length: 5226
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.445797,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/ad705d92-deb9-4849-9ab5-a3c251e15ca5/9f7e1140-41e3-40c6-9c14-6d5bdbef560d/10s/ 9 KB
9 KB 9ms
8ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/ad705d92-deb9-4849-9ab5-a3c251e15ca5/9f7e1140-41e3-40c6-9c14-6d5bdbef560d/10s/rendition.m3u8?fastly_token=NjA0YmQ1NWRfYTBlODM1YjE1YjZjMmViZjY3OTg3ZTVkNTAzZWVhYmFmYjYzYzQ3MGIyOTJmNGNjN2QwNzVkNmNkNjEwZjI2ZQ%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 5b4872d87ed68e30afbb9e72356ef1c7d98e8d9631f0fee4be85fb8c6a2ec969

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 19
x-powered-by: BC
x-cache: HIT
content-length: 9166
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.449601,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/b904441b-07a8-4a90-ab7e-8dc8f8997eb3/41380e63-0986-4764-ba9c-93a74bd8f4eb/10s/ 1 KB
2 KB 8ms
7ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/b904441b-07a8-4a90-ab7e-8dc8f8997eb3/41380e63-0986-4764-ba9c-93a74bd8f4eb/10s/rendition.m3u8?fastly_token=NjA0YjI1NzhfYzczYTRhYThjOWY1YzY4ZDkwMWU5YWIwYzI5NDM4NDkyNjRmOTA2OTg2OGFmOTVjZjMxZjhmNDY4Y2ZmMzdmMQ%3D%3D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: e4aed35648e86a62baafa70dc84a63e7946a90dfcbe75d1946c69d71321255be

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
age: 44813
x-powered-by: BC
x-cache: HIT
content-length: 1293
x-served-by: cache-hhn4080-HHN
x-device-group: desktop-chrome
x-timer: S1613162212.450148,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame CF84
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7999128407811854055

42 B
973 B

24ms
23ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7999128407811854055
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38893930&p=159414&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=159414:2; KADUSERCOOKIE=6CC75629-67DF-430A-8B3C-08EC939ACF58; chkChromeAb67Sec=1; DPSync3=1614297600%3A201_227_226_221; SyncRTB3=1614297600%3A13_161_54_7_220_56_3_223_21%7C1614384000%3A35; KRTBCOOKIE_80=16514-CAESEP6Zw8Uz8dkgujkU2cUDV5A&KRTB&22987-CAESEP6Zw8Uz8dkgujkU2cUDV5A&KRTB&23025-CAESEP6Zw8Uz8dkgujkU2cUDV5A; PUBMDCID=3; KRTBCOOKIE_57=22776-7937665806395004972; KRTBCOOKIE_218=22978-YCbm4wAAAJeanVxO&KRTB&23194-YCbm4wAAAJeanVxO&KRTB&23209-YCbm4wAAAJeanVxO&KRTB&23244-YCbm4wAAAJeanVxO; KRTBCOOKIE_377=6810-7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23&KRTB&22918-7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23&KRTB&23031-7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23; PugT=1613162213; SPugT=1613162214; KRTBCOOKIE_27=16735-uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&KRTB&16736-uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&KRTB&23019-uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&KRTB&23114-uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Fri, 12 Feb 2021 20:36:54 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_336=5844-7999128407811854055; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Mar-2021 20:36:54 GMT; path=/ PugT=1613162214; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Mar-2021 20:36:54 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-May-2021 20:36:54 GMT; path=/
X-lat: Pug23049:0:315
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7999128407811854055
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 691C 43 B
284 B 3121ms
41ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38893930&p=159414&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Fri, 12 Feb 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1233
date: Fri, 12 Feb 2021 20:36:55 GMT
content-length: 43

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 246B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bMdWKWffQwqLPAjsk5rPWA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

24ms
23ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=19538
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sat, 13 Feb 2021 02:02:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 246B 95 B
387 B 29ms
24ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6CC75629-67DF-430A-8B3C-08EC939ACF58
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 62091ab3dcb2e003-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08398f046a0000e00303ada000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 246B
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6CC75629-67DF-430A-8B3C-08EC939ACF58&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6CC75629-67DF-430A-8B3C-08EC939ACF58&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

42ms
42ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6CC75629-67DF-430A-8B3C-08EC939ACF58&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
frontend-id: 5
location: /pubmatic/1/info2?sType=sync&sExtCookieId=6CC75629-67DF-430A-8B3C-08EC939ACF58&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 246B
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6CC75629-67DF-430A-8B3C-08EC939ACF58&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6CC75629-67DF-430A-8B3C-08EC939ACF58&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6CC75629-67DF-430A-8B3C-08EC939ACF58&addseg=17

7 B
147 B

321ms
25ms

Image
text/plain

185.64.190.106
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6CC75629-67DF-430A-8B3C-08EC939ACF58&addseg=17
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:55 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Fri, 12 Feb 2021 20:36:55 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6CC75629-67DF-430A-8B3C-08EC939ACF58&addseg=17
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 246B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkNDNzU2MjktNjdERi00MzBBLThCM0MtMDhFQzkzOUFDRjU4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
709 B

114ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:51 GMT
X-lat: Pug23036:0:235
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 246B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP6Zw8Uz8dkgujkU2cUDV5A&google_cver=1

42 B
1 KB

94ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP6Zw8Uz8dkgujkU2cUDV5A&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:52 GMT
X-lat: Pug23001:0:336
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP6Zw8Uz8dkgujkU2cUDV5A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 246B 43 B
609 B 3138ms
35ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 11 Feb 2021 20:36:55 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 246B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23

42 B
1 KB

94ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:53 GMT
X-lat: Pug23027:0:2117
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 246B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1800316369878671084

42 B
974 B

24ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1800316369878671084
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:55 GMT
X-lat: Pug23012:0:395
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:55 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1800316369878671084
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 246B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&gdpr=0&gdpr_consent=

42 B
1 KB

24ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:53 GMT
X-lat: Pug23031:0:281
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Fri, 12 Feb 2021 20:37:18 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 12 Feb 2021 20:37:17 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 246B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7937665806395004972&gdpr=0&gdpr_consent=

42 B
973 B

109ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7937665806395004972&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:52 GMT
X-lat: Pug23004:0:322
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:52 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.85:80
AN-X-Request-Uuid: 8e74d976-e4a4-4203-b4c5-ae150f4a6ce8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7937665806395004972&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 246B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6CC75629-67DF-430A-8B3C-08EC939ACF58&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6CC75629-67DF-430A-8B3C-08EC939ACF58&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L2a9_bp1l2KuGfm8jNRJ9QQIf8ssVpM-&gdpr=0&gdpr_consent=

0
587 B

73ms
19ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L2a9_bp1l2KuGfm8jNRJ9QQIf8ssVpM-&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Date: Fri, 12 Feb 2021 20:36:53 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Fri, 12 Feb 2021 20:36:53 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L2a9_bp1l2KuGfm8jNRJ9QQIf8ssVpM-&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 08AF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YCbm4wAAAJeanVxO

43 B
1 KB

17ms
16ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YCbm4wAAAJeanVxO

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:52 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.144:80
AN-X-Request-Uuid: 947c717c-fc78-4839-b5f8-883fcacd517d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613162213.534534,VS0,VE0
x-served-by: cache-fra19160-FRA
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YCbm4wAAAJeanVxO
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
290 B 325ms
40ms Script
text/html 35.227.229.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZ8BmIgJnP3IFYzNgAvEKAWkIAZMB3AUwCMcqYLwD6qACZQSNABz5MAJ144QAGzhoMBThwAe1Dl2Uxei5YqjYAhmrWoEAc1FxFaqAAtgwAA44ApCQAgv7kAGKhYdzRAHQIvNyqgmYAbmYxSCAAtpGYKahCwKKZIADWqLxQ-gDsAEKh5Go+DYEhlF6+AbTBoTThveHR3HEJSTip6Zk5tP2UoQDCDYotPXNz1QAi2CBlFVV1DSkrIQeUOHD8WcIiEqJZIIoIDo7HMLbjCw3nl9e8t5mKDDWfKKOBdcitN5qD7kRaUXhpRSiNQgRyOP7iBCvd68T6UHzWSSib44JCKVD8MzY6G4zY1LYpayKHAAbQJ6NEwAAnj5eABdTzZXh5Jms-ISXggUT5IT8NT8qDAUHCxnMllMtBIeWiBDWLIKqHjEVqjWoLViJDWESOB5cgWGlWilnjFDoBDFK28G2KO2wHHG1nfK7eDH3R7Pe3+1WBi7Bm7FB5AkFgyM0gMslFojEOVNG6MshFmZGo9G3HN+tP5glEklkilmXOOtU21HanwgHxwHzSgoU+WN9MSGDdxRykBIUoChAgIrKawSLnp03m0SlXhc7gPCQ4KejPEcfhz8pOfdqT04YCn8e2fcAJVsvFQjg8+42rg8ev3ADkHsAX+QOHmJl1Acax0zBItxkcfUEGAHcKzzJ1+GsCcYFQOxRAlHwUS5GDgAFbZdjEUApTPRR0QQ4V+B8KAuF4XwoBZAAiZd5SYgAaJjLWtW0OKYxxbHlH0+I8IU+PGJkkA8Ji+UwHw4MFfVtiybDUGsZAxBgM9HCsFIPygIA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_c6edc791ae02fecfb42babfdb2be7d68.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.229.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 google
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server: nginx
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 08AF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YCbm4wAAAJeanVxO
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YCbm4wAAAJeanVxO

43 B
180 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YCbm4wAAAJeanVxO
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YCbm4wAAAJeanVxO
date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 google
server: OXGW/16.202.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7976 1 KB
874 B 60ms
59ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.newsobserver.com%2F&correlator=835885157247311&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FRAL.site_newsobserver%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.newsobserver.com%2Fsports%2Fcollege%2Facc%2Func%2Farticle249210505.html&vid_t=UNC%E2%80%99s%20Roy%20Williams%20says%20maskless%20partying%20is%20not%20like%20storming%20the%20Capitol&vid=6231679253001&cust_params=sec_sect%3D11009%2C7041%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_d9d903c2f6e02682%26iris_context%3Dic_1592380%2Cic_8121076%2Cic_1372527%2Cic_5864912&sdkv=h.3.439.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&adsid=NT&us_privacy=1---&sdki=44d&adk=4234945749&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.newsobserver.com%2F3602c314-a5f6-40d1-9151-a4c71e2a86a9&sid=77BBC783-7844-42E1-947B-7B71CB0E1868&dt=1613162212666&cookie_enabled=1&scor=3445690644302161&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9c229210623ddc432c0ca349bf7c0964844d9822ec47f1c9f06d40e3bf0e59e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 842
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8BC5 1 KB
1 KB 55ms
54ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.newsobserver.com%2F&correlator=2545674260789157&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FRAL.site_newsobserver%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fweather-news%2Farticle249147295.html&vid_t=Freezing%20rain%20could%20make%20roads%20slick%20in%20the%20Triangle%20this%20weekend&vid=6230812063001&cust_params=sec_sect%3D81114%2C7041%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_5f72f1b443d3c991%26iris_context%3Dic_8253715%2Cic_5556899%2Cic_0986515%2Cic_7217023%2Cic_6892597&sdkv=h.3.439.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&u_so=p&ctv=0&mpt=videojs-ima&mpv=1.8.0&adsid=NT&us_privacy=1---&sdki=44d&adk=1484760408&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.newsobserver.com%2Fb3af77eb-90b7-42e2-8dc9-e5af805c311e&sid=77BBC783-7844-42E1-947B-7B71CB0E1868&dt=1613162212672&cookie_enabled=1&scor=1062168894067275&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5dbbe198d3b9d40cad388191725d321b9528d48655c85227feab94bfca82b708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 815
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 62C4 1 KB
931 B 55ms
55ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.newsobserver.com%2F&correlator=133308698692225&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FRAL.site_newsobserver%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Farticle249162825.html&vid_t=Wake%20educators%20prepare%20for%20students%20to%20return%20to%20the%20classroom%20amid%20pandemic&vid=6230965657001&cust_params=sec_sect%3D10601%2C82751%2C10859%2C10925%2C83251%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_d590509a3b003a11%26iris_context%3Dic_5864912%2Cic_2194689%2Cic_1372527%2Cic_8222511%2Cic_8328135%2Cic_1121346%2Cic_3936361%2Cic_7788821%2Cic_5547717%2Cic_6837436%2Cic_7613322%2Cic_9071720%2Cic_5255596%2Cic_9606481%2Cic_6892597&sdkv=h.3.439.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&adsid=NT&us_privacy=1---&sdki=44d&adk=3807361275&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.newsobserver.com%2F704f3a6f-a465-435a-9085-fbae5d124e36&sid=77BBC783-7844-42E1-947B-7B71CB0E1868&dt=1613162212674&cookie_enabled=1&scor=2329105433179901&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8762153f67251ab976487fe49ed7681c2051aa358e3933d9dbd2a829bcefc456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 900
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0938 1 KB
820 B 64ms
64ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.newsobserver.com%2F&correlator=923271195645129&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FRAL.site_newsobserver%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Fcrime%2Farticle249185580.html&vid_t=Mother%20of%20slain%20UPS%20driver%20runs%20from%20Raleigh%20courtroom&vid=6231311602001&cust_params=sec_sect%3D10856%2C7041%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_f9440d4aae48c817%26iris_context%3Dic_8118831%2Cic_0858141&sdkv=h.3.439.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&u_so=p&ctv=0&mpt=videojs-ima&mpv=1.8.0&adsid=NT&us_privacy=1---&sdki=44d&adk=1397588983&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.newsobserver.com%2F532a6e77-0d06-4657-92bc-b4cdd6ad98b4&sid=77BBC783-7844-42E1-947B-7B71CB0E1868&dt=1613162212680&cookie_enabled=1&scor=4148204633201452&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5476464552187ca2ac7538ebac7ed51974f1237ae1f842efeb053d7afe15b410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.439.0_en.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 788
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 08AF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YCbm4wAAAJeanVxO

1 B
1013 B

24ms
23ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YCbm4wAAAJeanVxO
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 12 Feb 2021 20:36:52 GMT
X-lat: Pug23006:0:419
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613162213.756259,VS0,VE0
x-served-by: cache-fra19160-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YCbm4wAAAJeanVxO
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 102ms
101ms Image
image/gif 18.235.56.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsobserver.com&p=%2F&u=CMdg0yBcmrCBBdMiex&d=newsobserver.com&g=62447&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0.02&x=0&m=0&y=7271&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=965&t=DR4MYDCfNAozCfJP4CCk58C_iIopM&V=122&tz=-60&_acct=anon&sn=2&sv=BefhRwCqZkXgD8Ipa5BlnpZuC477T1&sd=1&im=062b2f3e&_
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.56.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-56-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
547 B 105ms
35ms XHR
application/json 99.80.71.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185522
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.71.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-71-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: df20071d82f1de3235270e02d5b2a3c91ab985373121acd632db8da44e2edbfb

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 14 Mar 2021 20:36:52 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
332 B 308ms
22ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-118148292826456.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

148.207.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Feb 2021 20:36:53 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H3-Q050 200 ad- Show response
fundingchoicesmessages.google.com/f/AGSKWxVWoVAmmjVVfXHwWlnKwzLW5H-JWF-FHpewgkiwRk9r3Et0s6v2eP5YKiZkEQRbUhHIzMV8YuSo8EC9PYSyFak4uLzt-0RElyWEcP2uaEK2CivUaF83vMXZ7RKxP4-fg4IsTaR6h-3X8nPDwjxhQp2v-4OAx... 54 B
435 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVWoVAmmjVVfXHwWlnKwzLW5H-JWF-FHpewgkiwRk9r3Et0s6v2eP5YKiZkEQRbUhHIzMV8YuSo8EC9PYSyFak4uLzt-0RElyWEcP2uaEK2CivUaF83vMXZ7RKxP4-fg4IsTaR6h-3X8nPDwjxhQp2v-4OAxltFCULbCpJVBii-k9FQfdQq4DHpBfbMrzq_eUv8GBlwc-lBhIBIbz88iTGc0w_p_RBZc18EBg14lqQU7Jg=/__dynamicads//googima.js/asyncspc./partnerads_/inc/ad-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.Cd1-qnUb-Ik.es5.O/d=1/ct=zgms/rs=AJlcJMym_pVwL2wbxSQCUVaiMGbv-HkwIQ/m=detection

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c7d61aa50ba45877f4cea457baf10e179850d8d3cebd3023efa2ec31f163e0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZoB86DvnOxqybI4dQA65Yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ZoB86DvnOxqybI4dQA65Yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-ZoB86DvnOxqybI4dQA65Yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ZoB86DvnOxqybI4dQA65Yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
280 B 7ms
5ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 18:32:43 GMT

POST
H3-Q050 204 AGSKWxXtCQffDovsszsDp8qpU7MQaYz9YZy5Oa70FKWn7PCXcOP7Q3YUpplmu6FoHMok0HfszYbdZA4eS72d1mqm4I6_tQcqn1Y1xlt0dgtxOcVZIfqkoU44bZ5YJYyMdTsLalBICQePt-7hpQ1bpkK5ltNrPc0iGORhv-aZEaxK_O-EcgCqZdmZR6ajjw== Show response
fundingchoicesmessages.google.com/l/ 0
335 B 17ms
17ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXtCQffDovsszsDp8qpU7MQaYz9YZy5Oa70FKWn7PCXcOP7Q3YUpplmu6FoHMok0HfszYbdZA4eS72d1mqm4I6_tQcqn1Y1xlt0dgtxOcVZIfqkoU44bZ5YJYyMdTsLalBICQePt-7hpQ1bpkK5ltNrPc0iGORhv-aZEaxK_O-EcgCqZdmZR6ajjw==

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aoVr82uBUCx58K7V+EZp0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aoVr82uBUCx58K7V+EZp0w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-aoVr82uBUCx58K7V+EZp0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aoVr82uBUCx58K7V+EZp0w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 08AF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YCbm4wAAAJeanVxO&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YCbm4wAAAJeanVxO&img=1&__user_check__=1&sync_id=0a5bd4c0-6d72-11eb-bb19-18b2794d1706

43 B
549 B

21ms
21ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YCbm4wAAAJeanVxO&img=1&__user_check__=1&sync_id=0a5bd4c0-6d72-11eb-bb19-18b2794d1706
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:53 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 133
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 12 Feb 2021 20:36:53 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YCbm4wAAAJeanVxO&img=1&__user_check__=1&sync_id=0a5bd4c0-6d72-11eb-bb19-18b2794d1706
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 66
Connection: keep-alive
Content-Length: 0

POST
H3-Q050 204 AGSKWxXtCQffDovsszsDp8qpU7MQaYz9YZy5Oa70FKWn7PCXcOP7Q3YUpplmu6FoHMok0HfszYbdZA4eS72d1mqm4I6_tQcqn1Y1xlt0dgtxOcVZIfqkoU44bZ5YJYyMdTsLalBICQePt-7hpQ1bpkK5ltNrPc0iGORhv-aZEaxK_O-EcgCqZdmZR6ajjw== Show response
fundingchoicesmessages.google.com/l/ 0
334 B 21ms
21ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0WZyhE0etu0SN3V9UcLwPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0WZyhE0etu0SN3V9UcLwPw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-0WZyhE0etu0SN3V9UcLwPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0WZyhE0etu0SN3V9UcLwPw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXtCQffDovsszsDp8qpU7MQaYz9YZy5Oa70FKWn7PCXcOP7Q3YUpplmu6FoHMok0HfszYbdZA4eS72d1mqm4I6_tQcqn1Y1xlt0dgtxOcVZIfqkoU44bZ5YJYyMdTsLalBICQePt-7hpQ1bpkK5ltNrPc0iGORhv-aZEaxK_O-EcgCqZdmZR6ajjw== Show response
fundingchoicesmessages.google.com/l/ 0
769 B 20ms
20ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3vRewSthCHYknF013XV6pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3vRewSthCHYknF013XV6pA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-3vRewSthCHYknF013XV6pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3vRewSthCHYknF013XV6pA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxUDKnjw0m5zu8bw9NYWFYmL4j0fti9AgjXsoCdaLU08_9CVfpejukG9VQCfjuANn3Yr7K2Pjd4kOiO8f7GcH8toPQkhtF8Q1jd1NfkQcYAEBbywed1L_k9YtifdQFjzjkEIzigHb6Tk-PLrwIMrpyspWkubdABB-L0u2LlF137eKc3u4_ypN4fgYA== Show response
fundingchoicesmessages.google.com/f/ 60 KB
23 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUDKnjw0m5zu8bw9NYWFYmL4j0fti9AgjXsoCdaLU08_9CVfpejukG9VQCfjuANn3Yr7K2Pjd4kOiO8f7GcH8toPQkhtF8Q1jd1NfkQcYAEBbywed1L_k9YtifdQFjzjkEIzigHb6Tk-PLrwIMrpyspWkubdABB-L0u2LlF137eKc3u4_ypN4fgYA==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjEzMTYyMjEyLDkwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba6e780c551edac421f2749d52d69171937f9ea4b803cbee8d4aa6ef17c48075

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w7yxwKRed4hHzRkLgtjFjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-w7yxwKRed4hHzRkLgtjFjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-w7yxwKRed4hHzRkLgtjFjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-w7yxwKRed4hHzRkLgtjFjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXtCQffDovsszsDp8qpU7MQaYz9YZy5Oa70FKWn7PCXcOP7Q3YUpplmu6FoHMok0HfszYbdZA4eS72d1mqm4I6_tQcqn1Y1xlt0dgtxOcVZIfqkoU44bZ5YJYyMdTsLalBICQePt-7hpQ1bpkK5ltNrPc0iGORhv-aZEaxK_O-EcgCqZdmZR6ajjw== Show response
fundingchoicesmessages.google.com/l/ 0
337 B 18ms
17ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1W+HmLodX/jjZjgTjcHfxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1W+HmLodX/jjZjgTjcHfxA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-1W+HmLodX/jjZjgTjcHfxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1W+HmLodX/jjZjgTjcHfxA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUnKsdurBEyql8__hOP_JNZfXobD-P2sIMl9xovW8ixF-a0fqf2VPibkvFuzRn815W-xxiKwnLQhk4UQR0-uSU86Tm95bb9zEirylpy7oioxi5nh4JH5wKjbraLEqVkxrZlJ_5odyFzqCWu9e6dYAriuTTUjzKyDH8juiEjrpNMaMGNBoV_KDk1fA== Show response
fundingchoicesmessages.google.com/l/ 0
334 B 20ms
19ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUnKsdurBEyql8__hOP_JNZfXobD-P2sIMl9xovW8ixF-a0fqf2VPibkvFuzRn815W-xxiKwnLQhk4UQR0-uSU86Tm95bb9zEirylpy7oioxi5nh4JH5wKjbraLEqVkxrZlJ_5odyFzqCWu9e6dYAriuTTUjzKyDH8juiEjrpNMaMGNBoV_KDk1fA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.5R5EnYcfXyE.es5.O/d=1/ct=zgms/rs=AJlcJMyLwMv6tqZvWjqvewp31K6EZGMqdg/m=cookie_refresh

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P3glSGueP7CTriKtkgr9yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-P3glSGueP7CTriKtkgr9yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-P3glSGueP7CTriKtkgr9yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-P3glSGueP7CTriKtkgr9yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUnKsdurBEyql8__hOP_JNZfXobD-P2sIMl9xovW8ixF-a0fqf2VPibkvFuzRn815W-xxiKwnLQhk4UQR0-uSU86Tm95bb9zEirylpy7oioxi5nh4JH5wKjbraLEqVkxrZlJ_5odyFzqCWu9e6dYAriuTTUjzKyDH8juiEjrpNMaMGNBoV_KDk1fA== Show response
fundingchoicesmessages.google.com/l/ 0
359 B 20ms
19ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lNSEdgAFxniZHfkz0ygESw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lNSEdgAFxniZHfkz0ygESw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Feb 2021 20:36:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-lNSEdgAFxniZHfkz0ygESw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lNSEdgAFxniZHfkz0ygESw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b.php
www.facebook.com/fr/ Frame 08AF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YCbm4wAAAJeanVxO&t=2592000&o=0

43 B
464 B

28ms
28ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YCbm4wAAAJeanVxO&t=2592000&o=0

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: beorghtDONmHzAD/9XN1XBuc3DOq16W/5PW/jh4zvmHcrsipPkfvBaXSR6Y558GX3T5oyXcPVGAj026lgku9cg==
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Feb 2021 12:36:52 PST
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
expires: Fri, 12 Feb 2021 12:36:52 PST

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613162213.965927,VS0,VE0
x-served-by: cache-fra19160-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YCbm4wAAAJeanVxO&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 81 KB
14 KB 88ms
87ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2107562639573609&correlator=3074026285347103&output=ldjh&impl=fifs&adsid=NT&eid=21068773%2C21068891%2C31060068&vrg=2021020901&ptt=17&us_privacy=1---&guci=1.1.0.4.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210212&iu_parts=7675%2CRAL.site_newsobserver%2C_HomePage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C970x250%7C728x90%7C960x30%7C970x90%2C300x250%7C300x600&ists=4&prev_scp=slot%3D1%26zeus_rendercount%3D1%7Catf%3Dy%26pkg%3Da%26slot%3D2%26optimera%3DD4%2CTC4%2CTC2%2CTC0%2CTG7%2CE1%2CJ6%2CTC9%2CTC7%2CTC5%2CTH5%2CTH6%2CJ0%2CK2%2CTF9%2CTF7%2CTF5%2CTH7%2CTH8%2CIA1%2CIA2%2CA%2CL_74%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2%7Catf%3Dy%26pkg%3Db%26slot%3D4%26optimera%3DA6%2CJ1%2CA5%2CTA4%2CTA2%2CTA0%2CTG9%2CTH0%2CB3%2CJ2%2CB2%2CTA9%2CTA7%2CTA5%2CTH1%2CTH2%2CC0%2CIA1%2CIA2%2CA%2CL_74%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=lpid%3D%26zeus%3Dapplied%26id%3D%26pl%3Dhomepage%26ref%3D%26sect%3Decefrontpage%26sids%3D%26swgt%3Dna%26top%3D%26vl%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1613162156&dt=1613162213206&dlt=1613162210928&idt=1252&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C800%2C410&adys=-12245933%2C117%2C1404&adks=2598206095%2C1226173487%2C1489354972&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newsobserver.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1%7C1600x280%7C360x250&msz=0x0%7C31x280%7C1x250&ga_vid=627062181.1613162212&ga_sid=1613162213&ga_hid=1565754912&fws=128%2C0%2C0&ohw=0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e93f1869d85006f5bef5f316a506618f80beada0ede052354c21d9e489afd93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14537
x-xss-protection: 0
google-lineitem-id: 5479766553,5480924057,5480924057
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317917956,138323695998,138323661722
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
eb3764f84be289d7493c45df205d73b6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 46ms
14ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eb3764f84be289d7493c45df205d73b6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5313 0
0 58ms
58ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkdI0ph5qoWbDMdURC2rHkdCo1HxEjbxypR4whe9V0heVcoB9RqAuik7cIDneXiOcfvfLsOnIPCjJfVVbX6kcxAi-5YJIwovL0BZqNQSwZnDbWt7yACq-9tZ1f3uh5pnsVzs3zCLzZ5tTqlv7ZeBromttKTSth3kzn-QOIm6-6X2SggwdRJuboSK45A2u9NhadOG3wJn10n5wFUUWziKeATaCvQfRgrk4_WPHjoFS6MooL260oVXtr0oOPG6FpkBGV-w08n_W39ItbafSEFQcp9Gb6rPzYlYQsh7vKpowt3jAG2o5Ud5i3hU5D1jlAthu9M_kX&sig=Cg0ArKJSzGWh3Vp_DEwHEAE&adurl=

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 20:36:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 5313 18 KB
8 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 20:04:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 5313 3 KB
2 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 20:03:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5313 107 KB
33 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:53 GMT

GET
H3-Q050 200 10948215308439684949
tpc.googlesyndication.com/simgad/ Frame 5313 631 B
795 B 31ms
16ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10948215308439684949

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35e141b9c83ab864f346cce0667b9f7b63c199ba9df799c74a0e9c24408b5b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:27:14 GMT
x-content-type-options: nosniff
age: 58179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 631
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 14:22:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 04:27:14 GMT

GET
H3-Q050

200

14221371079760943072
tpc.googlesyndication.com/simgad/ Frame 3F5F
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDnq7jUeBABGAEoATIIRCa0hO01vLpA1fzu7AU
https://tpc.googlesyndication.com/simgad/14221371079760943072

43 B
155 B

7ms
6ms

Image
image/gif

2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14221371079760943072

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 16:17:01 GMT
x-content-type-options: nosniff
age: 188392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
last-modified: Mon, 07 Oct 2019 22:37:26 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 16:17:01 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 09:26:01 GMT
x-content-type-options: nosniff
server: cafe
age: 40252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14221371079760943072
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 14 Mar 2021 09:26:01 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:53 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B2D 0
0 60ms
60ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3MrFvDikpWmTRxpVg_Y4FBksNOG0CZ3cPgwcf7CRkUKCdMcaXNXu9nWUizUS51o2ewKDAzbwwnUUTkGJF9Virx_pYNmZleijfBXnnjy05kD9Y7Ipk6hkDHQW-q3ZzCJJ1_9E6e39ArU3LPAmOu674FqAwZJwcWcaIx2s1WTN2JMVT8Z6K6uFZtQO_wpb34rP3eUWuAhdHod0jIUekpFtUUof8kofHXWgHEkcCn-slKXRkwFEmjJYgpX6JnLAbLipEI_DJP5FUO8Ge49v0eyIeD7O8vpLHWqOGA8bn7dHKnQUhljfWuDfc9SE8KIhRWif-MIb9&sig=Cg0ArKJSzMclNK-WqoSyEAE&adurl=

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 20:36:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 10948215308439684949
tpc.googlesyndication.com/simgad/ Frame 7B2D 631 B
657 B 15ms
15ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10948215308439684949

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35e141b9c83ab864f346cce0667b9f7b63c199ba9df799c74a0e9c24408b5b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:27:14 GMT
x-content-type-options: nosniff
age: 58179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 631
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 14:22:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 04:27:14 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 7B2D 18 KB
7 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 20:04:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 7B2D 3 KB
2 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 20:03:38 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B2D 107 KB
33 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:53 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 7B2D 0
0 17ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDm4WBqBk883kZaroKJNvBuMG4jOZL-qC5WpUTYNVLdj-16IGJKPIiUgeaY0tHrWDlR-Rk
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 403 FREE.gif
www.newsobserver.com/static/img/placeholder/ 320 B
320 B 33ms
33ms Image
text/html 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/static/img/placeholder/FREE.gif?mias===Qf1kTNxojIsJCLiQTMiojIzBnIsU2csFmZ6IycuJCLiQzN0ETMyIjNxMTM2EzX0kTNxQTM3gDNycTN5ATM4ITNwkDO1kTMyczNxgTNzkjN3QTO3czXvFmbfNXYflWbiojIpRnIsISZnFGcl12bIJiOig2YiwSf2QzMzEjMyYTMzEjNxojIlRmciwCOyMzMxIjM2EzMxYTM6IyckJnIsITMyMTMyIjNxMTM2EjOiMXcyJCL4MDOwEjMyYTMzEjNxojIzdGcisnOiQnIs0nM6IyN1ADNykDM4QTNiwSM6IyM1UjN2cTO3QTNisnOiMHZpJye
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 9262018dd4eeee83b68bd231e3a73bc5532c6c10eda83647137863207e0ff76a

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:53 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 320
expires: Fri, 12 Feb 2021 20:36:53 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 117ms
117ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTQ4MDkyNDA1NyIsImVidXkiOiIyNzQ4MzA5OTc1IiwiZWFkdiI6IjE2OTI4MDk0IiwiZWNpZCI6IjEzODMyMzY5NTk5OCIsImVlbnYiOiJqIiwiZXBpZCI6IjEzNzA1MjU0IiwiZXNpZCI6IjEzNzA1MTM0In0&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=6acd9c43-80c2-4938-ba40-956b25b4fb82&pid=d94b31ba-f0e0-40e3-b145-577ecad66239&dtm=1613162213385&qnm=_matherq&vp=1600x1200&ds=1600x7302&tofa=1613162212&vid=1&duid=2b508fae45ae5eba&fp=2240177259&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.newsobserver.com%2F
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:53 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 5313 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9161652edb9d9149cea556d36b7abaf193263f138098a371720bf16b97f2ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7B2D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a0d79c415fb2a102d85453c47901cf3c24e3da1fbcb219066690089381eb61f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B2D 0
0 58ms
57ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIQpjeKjHLBdDQTEsd3IWc7HeSWJ4DAdEyV4fZZY2R68RexPHz9ki9THwMpAGp2R3r7qtz5XV-A57FBdJR5EIpxBZ4VINKZUi_GfqoDJwp7JOp6MssQ8Ltt-DbUvCG7HnZzSqzd4BgQCP4iMLHmn3Hkzy9yBZDTLyczp_nco_2l9BX6FXxbSeUgoWUvYEf5EScOx_rptOcaJX_BbiKaWH8JktYbukBa9n6f2Sa263y5hIWoJq9rMD3MOvt8dh1pYIX8GpO6PqSSneeXmPUrXwSkTQ7aD-q1eTyGsuVaGPumehK6dTCyrPCPSMzcrpQWFX1wefEV7A&sig=Cg0ArKJSzAfaJ-96WID1EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 20:36:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:53 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5313 0
0 59ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvl1feT2TlGYwMrvwrtsISi78FjeObu44q_32qEDpqma4F8PgZWaeY_ndyavDh6EA8vEAZgePU0aRZGQj0MFN0LeR5WKA6doBSTvFIXBe9rAO1tmsv1SouUnLyf0Ha2R7aDHJsriPbTfvPxHdrtCCV_DAtv_UQa8tEF82lqBTwiiYlO1mTPGOuiFVAW-gvTawXFeG8rWEshOX2MtX5TFDV-XCjyr5cXsotjDoFKZPezwU_zgZGcW8p4Fa0H7BHeyX9P2ojK0mfCt1TpcGJvEhA8NzCAQjZoZesp-frTSWwd8tq5z4yOd2sGL-j52M-2ny8FqDTMnJY&sig=Cg0ArKJSzP7prDr-JpvOEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 20:36:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:53 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 101ms
101ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTQ4MDkyNDA1NyIsImVidXkiOiIyNzQ4MzA5OTc1IiwiZWFkdiI6IjE2OTI4MDk0IiwiZWNpZCI6IjEzODMyMzY2MTcyMiIsImVlbnYiOiJqIiwiZXBpZCI6IjEzNzA1MjU0IiwiZXNpZCI6IjEzNzA1MTM0In0&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=96b9ea19-7c16-440a-b230-4df83f4c6536&pid=d94b31ba-f0e0-40e3-b145-577ecad66239&dtm=1613162213428&qnm=_matherq&vp=1600x1200&ds=1600x7302&tofa=1613162212&vid=1&duid=2b508fae45ae5eba&fp=2240177259&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.newsobserver.com%2F
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:53 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 108ms
108ms Image
image/gif 18.208.113.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=21236876-9a15-4ae3-aa5b-14abcb695518&ntv_a=AAAAAAAAAAWK0QA&ntv_ht=5OYmYAA&ntv_fl=7uDOAz88QViW5FhnhWWSVVJWfUVJQ-uiLvAjC-KTaIVju4Rleyqs6PO89VW79Rrp&ord=-1678613390&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.113.131 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:53 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
172 B 403ms
114ms XHR
application/json 130.211.47.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=1b5bfb2057a5b402fb4b11b5cbf434bd&SCH1=&GCS1=121150212&GCS2=ZTJlNmFiOWUtYTMxNi00M2NiLTlmNDMtZmMyNmZhZTA5ZWZmLmxvY2FsLGNkZjAxN2FiLTliNjMtNGYxOC1iNjAxLWUwMmE5YzIxMGMyMC5sb2NhbA==&pe=false&wsid=3581&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3581%2C%22loadID%22%3A%224ucKGYI3jYY1Jts%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A6%2C%22IDStageStart%22%3A6%2C%22netComplete%22%3A405%2C%22obsReqdata%22%3A500%2C%22obsReqpage%22%3A826%2C%22obsReqview%22%3A1388%2C%22IDStagePrefire%22%3A1388%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_c6edc791ae02fecfb42babfdb2be7d68.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.47.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 12 Feb 2021 20:36:54 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-type: application/json

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
68 B 152ms
117ms Image
image/png 34.107.221.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=3581&warpspeed=2%5EHIykD&loadID=4ucKGYI3jYY1Jts&version=1.5.9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.221.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:54 GMT
via: 1.1 google
alt-svc: clear
content-type: image/png

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 246B 0
587 B 70ms
18ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159414&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Date: Fri, 12 Feb 2021 20:36:54 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 22ms
22ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:55 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 07 Feb 2022 20:36:55 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 23ms
22ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:55 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 07 Feb 2022 20:36:55 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
150 B 32ms
31ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 12 Feb 2021 20:36:55 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 403 quarantine.8b7d67b5d220d98423f2.js
www.newsobserver.com/static/yozons-lib/ 0
0 40ms
40ms Script
text/html 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/quarantine.8b7d67b5d220d98423f2.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:55 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 340
expires: Fri, 12 Feb 2021 20:36:55 GMT

GET
H2 200 RC5e0483c0e28e4c0ba069181f1fe66253-source.min.js Show response
assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/ba8ba219d197/ 335 B
484 B 6ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/ba8ba219d197/RC5e0483c0e28e4c0ba069181f1fe66253-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a7b7c9e4837ac992f5c545f832ddb532ef64436f7a0f2c5ef47ee57f298e0f88

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:55 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 16:49:23 GMT
server: AkamaiNetStorage
etag: "d7c2c3018149b72d295f07158063e3ef:1611161363.393002"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.newsobserver.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 216
expires: Fri, 12 Feb 2021 21:36:55 GMT

GET
H2 200 RCdb4bb460c1784184ba1cc4322bae3c78-source.min.js Show response
assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/ba8ba219d197/ 336 B
484 B 6ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/ba8ba219d197/RCdb4bb460c1784184ba1cc4322bae3c78-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 757e6a4961a3b3c31c3f65f4681e9522d4f81eb3a5055029c171ae4a26ae76d5

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:55 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 16:49:23 GMT
server: AkamaiNetStorage
etag: "d7c2c3018149b72d295f07158063e3ef:1611161363.393002"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.newsobserver.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 216
expires: Fri, 12 Feb 2021 21:36:55 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 23 B
260 B 498ms
195ms XHR
application/json 54.225.129.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.129.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: d6683412de237db4a88db3125dc8d6f59236e7792719a7e1a1dc637e1efd06e0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:36:56 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newsobserver.com
Connection: keep-alive
Content-Length: 23

GET
H2 403 pdp.gif
www.newsobserver.com/static/yozons-lib/ 314 B
314 B 36ms
35ms Image
text/html 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX25hb183Nzk0NzY5MzU4MTc3MjE5NTg5MDUyODEwOTU3MjQ4NzE0MTU5NF8xNjEzMTYyMjExNDc0IiwiZmlyc3RBZFJlcXVlc3QiOjI0MjUsImdwdFJlcXVlc3RlZCI6Nzg3LCJsb2FkRXZlbnRTdGFydCI6NTE3MH0=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 84768d75925040131935d0ee24bd93fb9e90198f3b4ab5c9458ddfb11b62dc56

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:55 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 314
expires: Fri, 12 Feb 2021 20:36:55 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F61B 0
150 B 69ms
23ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.newsobserver.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.newsobserver.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 2123
date: Fri, 12 Feb 2021 20:36:55 GMT
content-length: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 53ms
39ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9877d71b63b87c1837b2134bdba79a7531e2dd35a351d665306c4b73648bfb25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 20:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6441
x-xss-protection: 0

GET
H2 403 push.6a1c117a0fea22038987.js
www.newsobserver.com/static/yozons-lib/ 0
0 36ms
35ms Script
text/html 2.17.183.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/yozons-lib/push.6a1c117a0fea22038987.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-183-44.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:55 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 334
expires: Fri, 12 Feb 2021 20:36:55 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 12 Feb 2021 20:36:56 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 147B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 12 Feb 2021 19:45:12 GMT
expires: Sat, 12 Feb 2022 19:45:12 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3104
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 147B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 13:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 25378
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Sat, 12 Feb 2022 13:33:58 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
166 B 42ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021020901&jk=2107562639573609&bg=!YWKlYiHNAAWP4B5EjzsAKQB2-DxalSQYhwi_RN-KKKkFZBw47z_rSrWo-F8uungWNa4qyuKuR4jvAgAAADdSAAAADWgBBwoA-rd3386W3mHQZkBV5OV84tfLDnA0mLZnKa88c5tbHqHPSHrrcJxs66OBYmUFLNaZ8S57aiCyTDWK9NSOy03bIyCQbxaUMcLOkd3cr_I9-cdi9TxbUODZSwuMl1vGE6IlJ26oR-W3_DQjbVJYebRl1qtp7mtWf-JsAfEJzH6aofitVWi-6R53gB8T0ddDAygPgBtkFqvpuiKP5jdGN1e0e1CtP4t7XPuG-WJvsb3CVfqcRLw2EfYHJOdG24yAD58bOMa2KpmBV4O51ccrwXdpLONSIqG9bAfJq0BnsnYYz4KopEhjlbabRNI2sFNh9disslYwpiNLLe0EU8-ZAefjE4P1BfgZFLtp-4bq_tjWAhGEx2CTbYZ_IsRlSExVh51iTChZTNolpLm1LPqTQURqo-WSnV2T5Kib3MbKOhybQBBlleGAFAYusaU2jDC-pFeVXv8bFhH4b3fbz-ty_0OfZkHQZ6ndiRuuGGI7-lpN15F1-HCBHKH3-_QNQ5wLf9Cst4B8ArB4WSlvrKQcfSOWatr5kWGPyZQSHUa0sy3ReleJ5zRaylr4eVmqr7WciAnKQY3PC7FtO3FW2RiN_TUtV-kCFMqjlbJ5f412aC0l817ChyjRDkrkfab51lAgz6Xz9KzNgH6kA741Yb9BLChNbACeN28gVUjElh1oeZGKjbLdsum1AuDPBmuzQ4QvYMB14SAF7B17am_BBue-T_E0cCoXR-dY94psqLD4jUggmouCW3JbgyoAGFE0Sbn3dodJXqXaKCDyCnviDZkDQiquo3cz_3Pvl2Jp0UzwNkxFFjFnTifQmuBsZO5LR8C8qK3skbAUgmW8CGdN7sWtp673gBbTUp43WhOWFeETDUgEAGA-XBCtqiEmb9qBwXzM6XtI8f3vD5WLiA10mTtymQqVOt4deA66ZNQqYX3W-GYZ0JQpfilbc9hrnhxMdYA4R_M13BfW_F52WV91FLqsatjIZnx0Jbvj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:36:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 104ms
103ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_privb=n%2Fa&tid=b650a6a0-b3fe-4324-9225-f29f6924e351&pid=d94b31ba-f0e0-40e3-b145-577ecad66239&dtm=1613162221690&qnm=_matherq&vp=1600x1200&ds=1600x7302&tofa=1613162212&vid=1&duid=2b508fae45ae5eba&fp=2240177259&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.newsobserver.com%2F&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxMzE2MjIxMDc4NyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMC41bWIiLCJoZWFwVCI6IjIzLjFtYiIsImZldGNoUyI6IjUxIiwiZG9tYWluUyI6IjUyIiwiZG9tYWluRSI6IjUyIiwiY29ublMiOiI1MiIsImNvbm5FIjoiMTAwIiwic3NsUyI6IjY2IiwicmVxdVMiOiIxMDAiLCJyZXNwUyI6IjEzNCIsInJlc3BFIjoiMTUxIiwiZG9tTG9hZCI6IjE0MSIsImRvbUludGVyIjoiNjI1IiwiZG9tTG9hZFMiOiI2NjYiLCJkb21Mb2FkRSI6IjY3MiIsImRvbUNtcGx0IjoiNTE3MCIsImxvYWRTIjoiNTE3MCIsImxvYWRFIjoiNTE4MyJ9fQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:37:01 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 102ms
102ms Image
image/gif 18.235.56.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsobserver.com&p=%2F&u=CMdg0yBcmrCBBdMiex&d=newsobserver.com&g=62447&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=7302&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=4&r=&b=965&t=DR4MYDCfNAozCfJP4CCk58C_iIopM&V=122&tz=-60&_acct=anon&sn=3&sv=BefhRwCqZkXgD8Ipa5BlnpZuC477T1&sd=1&im=062b2f3e&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.56.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-56-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:37:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

525 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 16:49:14	Name: PugT Value: 1613162214
.pubmatic.com/	1970-01-19 16:49:14	Name: KRTBCOOKIE_336 Value: 5844-7999128407811854055
.pubmatic.com/	1970-01-19 16:49:14	Name: KRTBCOOKIE_391 Value: 22924-1800316369878671084
.pubmatic.com/	1970-01-19 16:49:14	Name: KRTBCOOKIE_377 Value: 6810-7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23&KRTB&22918-7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23&KRTB&23031-7964580b-9a7c-4dae-a7ea-a4ee0a2e5c23
.pubmatic.com/	1970-01-19 16:49:14	Name: KRTBCOOKIE_218 Value: 22978-YCbm4wAAAJeanVxO&KRTB&23194-YCbm4wAAAJeanVxO&KRTB&23209-YCbm4wAAAJeanVxO&KRTB&23244-YCbm4wAAAJeanVxO
.pubmatic.com/	1970-01-19 16:49:14	Name: KRTBCOOKIE_57 Value: 22776-7937665806395004972
.pubmatic.com/	1970-01-19 18:15:38	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 16:49:14	Name: KRTBCOOKIE_80 Value: 16514-CAESEP6Zw8Uz8dkgujkU2cUDV5A&KRTB&22987-CAESEP6Zw8Uz8dkgujkU2cUDV5A&KRTB&23025-CAESEP6Zw8Uz8dkgujkU2cUDV5A
.pubmatic.com/	1970-01-19 18:15:38	Name: DPSync3 Value: 1614297600%3A201_227_226_221
.pubmatic.com/	1970-01-19 18:15:38	Name: chkChromeAb67Sec Value: 1
.newsobserver.com/	1970-01-19 16:06:02	Name: _gat_mistats_ga_UA-48279682-1 Value: 1
.newsobserver.com/	1970-01-20 09:37:14	Name: _sp_id.1b7f Value: 2b508fae45ae5eba.1613162212.1.1613162213.1613162212
.newsobserver.com/	1970-01-20 01:27:38	Name: __gads Value: ID=d9502cad82db4d8a:T=1613162213:S=ALNI_MZTVCWPqDk1q00ZR5AEWtV5kLfA_A
.newsobserver.com/	1970-01-19 16:06:09	Name: ak_bmsc Value: DBAF2264A119BFEF20EF497D78E0894802148F94E12F0000E2E62660D36CBE16~plgamEseQ2y3m6HFOTJa18miWzQ4tW9w+CFTgci38SJh/XOdZ1rI4FQeY27OeWM5o4ZwdyF174wgspQQygQ/lrug3I2+GkAziEdPP0pgqszYQ9S5Y/m/Z5NQpmKgcVpuPpWQml79TdmFDq1d3I+se1ZKSDNpfkLnKksCf2iBTwWxA8ElW1925LWiCwRVw+uZMvgnPccxUOYWg1OG7xRwEoYvVHu7gD+nYIRTe64luWb/1DMFGlo8WpIrGog9sS8QN+TSv/xAdl0YTy9FX4d44T70eL3vHDirZOSTS4wS5dUag=
.newsobserver.com/	1970-01-20 01:27:38	Name: FCCDCF Value: [["AKsRol_VyjiLzE0mlGPbY7uR8Z96RRwYSmnuZBNpj-EcVRGSVMHNIiGsvg450I4DzJoCV0RBiv_py-fDf6XgFkmQz530J-o3c6s3z3ynAHhLHv0JBYV2g9p2bdjQwyZwn1gFv5IMTUQ7l2M_A6DlEdg9b5LESLeT2A=="],null,["[[],[],[],[],null,null,true]",1613162212952]]
.newsobserver.com/	1970-01-19 16:16:07	Name: mi_ppv Value: Oth%3A%207500px%20%3A%206sc%20%3A%2015%25
www.newsobserver.com/	1970-01-19 16:06:05	Name: liveramp_id_env_sampling_rate Value: 10
.newsobserver.com/	1970-01-19 16:49:14	Name: aam_uuid Value: 78504185574958867700543501382980317037
.demdex.net/	1970-01-19 20:25:14	Name: demdex Value: 78504185574958867700543501382980317037
.newsobserver.com/	1970-01-19 16:49:14	Name: mi_nr Value: 1613162211798-New
.newsobserver.com/	1970-01-20 01:35:26	Name: _parsely_visitor Value: {%22id%22:%22pid=dc068f37d4a4f08b5e925225d470243f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1613162211936}
.newsobserver.com/	1970-01-19 16:06:04	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.newsobserver.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1613162211936%2C%22slts%22:0}
.newsobserver.com/	1970-01-19 16:49:14	Name: mi_s_vnmn Value: 1615754211798%26vn%3D1
.newsobserver.com/	1970-01-20 09:37:14	Name: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18671%7CMCMID%7C77947693581772195890528109572487141594%7CMCAAMLH-1613767011%7C6%7CMCAAMB-1613767011%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1613169411s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18678%7CMCCIDH%7C854748553%7CvVersion%7C4.4.0
.newsobserver.com/	1970-01-20 01:30:31	Name: __qca Value: P0-724622005-1613162211759
.pubmatic.com/	1970-01-19 16:07:28	Name: pi Value: 159414:2
.newsobserver.com/	1970-01-19 16:06:02	Name: lotame_domain_check Value: newsobserver.com
.pubmatic.com/	1970-01-19 18:15:38	Name: KTPCACOOKIE Value: YES
.newsobserver.com/	1970-01-19 16:49:14	Name: CUID Value: N,1613162211722:ALHGLuQAAAAPTiwxNjEzMTYyMjExNzIyAsqhnxSHDs/X8VStw0IJJ0roVU1IZq00VQOoDQSOvDtUFV6hTPp1UoJnFoaKAyi79PSFAOemlrZ8sqVRep2CEGbjr0o2hXybVUDCicuOz6c8gjozxpcd8SL65yCiL2cveAuhRAdV05YOjOc070wqubUKZVsvbtkRBTfQiACSi5YX6M7zN8zoh/sdUbIk3GVg04PesObxGURUJMQ6cOWZWQd8U/ffseZXT4K6FmfdcEYuLy3DWWnDuEGgpdR/qkgnoXSWq90ebzi8sGV9HlqAmLaSDp9JbOKNvVmGW/ygAhWPd3K4Po52tc6RgwWyrkEPrl5bcKWZFLC6BQXxO3t70A==
.pubmatic.com/	1970-01-19 18:15:38	Name: KADUSERCOOKIE Value: 6CC75629-67DF-430A-8B3C-08EC939ACF58
.pubmatic.com/	1970-01-19 16:49:14	Name: SPugT Value: 1613162214
.newsobserver.com/	1970-01-20 09:38:40	Name: adcloud Value: {%22_les_v%22:%22y%2Cnewsobserver.com%2C1613164011%22}
www.newsobserver.com/	1970-01-19 16:06:04	Name: _cb_svref Value: null
.www.newsobserver.com/	1970-01-20 00:51:38	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Feb+12+2021+21%3A36%3A52+GMT%2B0100+(Central+European+Standard+Time)&version=6.5.0&hosts=&landingPath=https%3A%2F%2Fwww.newsobserver.com%2F&groups=C0002%3A0%2CC0001%3A1%2CC0004%3A0%2CC0003%3A0
.newsobserver.com/	1969-12-31 23:59:59	Name: s_cc Value: true
www.newsobserver.com/	1970-01-20 01:34:50	Name: _chartbeat2 Value: .1613162211746.1613162211746.1.BefhRwCqZkXgD8Ipa5BlnpZuC477T1.1
.newsobserver.com/	1969-12-31 23:59:59	Name: at_check Value: true
.newsobserver.com/	1970-01-19 16:06:04	Name: mi_iv Value: true
.newsobserver.com/	1970-01-19 16:06:04	Name: mi_ptid Value: bWlfYXNfbmFvXzc3OTQ3NjkzNTgxNzcyMTk1ODkwNTI4MTA5NTcyNDg3MTQxNTk0XzE2MTMxNjIyMTE0NzQ%3D
.newsobserver.com/	1970-01-19 16:06:04	Name: _sp_ses.1b7f Value: *
www.newsobserver.com/	1970-01-20 01:34:50	Name: _cb Value: CMdg0yBcmrCBBdMiex
.newsobserver.com/	1970-01-19 16:06:04	Name: mboxEdgeCluster Value: 37
www.newsobserver.com/	1970-01-20 01:34:50	Name: _cb_ls Value: 1
.newsobserver.com/	1970-01-19 16:06:04	Name: mi_ppn Value: Home%3A%20Homepage
.pubmatic.com/	1970-01-19 18:15:38	Name: SyncRTB3 Value: 1614297600%3A13_161_54_7_220_56_3_223_21%7C1614384000%3A35
www.newsobserver.com/	1970-01-20 00:51:38	Name: ntv_as_us_privacy Value: 1---
www.newsobserver.com/	1969-12-31 23:59:59	Name: GED_PLAYLIST_ACTIVITY Value: W3sidSI6IkNTSEciLCJ0c2wiOjE2MTMxNjIyMTYsIm52IjowLCJ1cHQiOjE2MTMxNjIyMTEsImx0IjoxNjEzMTYyMjExfV0.
.newsobserver.com/	1970-01-19 16:06:02	Name: _gat_mistats_ga_UA-48280268-1 Value: 1
.pubmatic.com/	1970-01-19 16:49:14	Name: KRTBCOOKIE_27 Value: 16735-uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&KRTB&16736-uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&KRTB&23019-uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb&KRTB&23114-uid:20ae6026-e6e7-4700-8ef9-3b4464ede5cb
.newsobserver.com/	1969-12-31 23:59:59	Name: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: 1
www.newsobserver.com/	1970-01-20 00:51:38	Name: usprivacy Value: 1---
.newsobserver.com/	1970-01-19 16:07:28	Name: _gid Value: GA1.2.1745741581.1613162212
.newsobserver.com/	1970-01-20 09:37:14	Name: _ga Value: GA1.2.627062181.1613162212
.newsobserver.com/	1970-01-19 16:06:04	Name: mi_gps Value: 14
.demdex.net/	1970-01-19 20:25:14	Name: dextp Value: 771-1-1613162211832\|144230-1-1613162211970\|144231-1-1613162212246\|144232-1-1613162212412\|144233-1-1613162212523\|144234-1-1613162212640\|144235-1-1613162212745\|144236-1-1613162212849\|144237-1-1613162212955
.newsobserver.com/	1970-01-20 09:40:07	Name: mbox Value: session#b7e1497394d84cff9859a13c143403a4#1613164072\|PC#b7e1497394d84cff9859a13c143403a4.37_0#1676407012
www.newsobserver.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}
www.newsobserver.com/	1970-01-19 16:07:28	Name: _lr_geo_location Value: DE

46 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 240) Message: mistats_subdata ready
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1853) Message: mistats bx_waiting
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11325) Message: JQMIGRATE: Migrate is installed with logging active, version 3.1.0
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1853) Message: mistats bx_waiting
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 129) Message: mistats_gpscore: 14
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1806) Message: waiting for mistats_target
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: 'ready' event is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.resize() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.mouseleave() event shorthand is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.hover() is deprecated
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	log	URL: https://ovp.iris.tv/libs/context/iris-context.min.js(Line 1) Message: [Iris Context API] v1.0.5
console-api	debug	URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js(Line 2) Message: [customSSP] Registering custom bidder [object Object]
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1853) Message: mistats bx_waiting
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1806) Message: waiting for mistats_target
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1858) Message: mistats bx_init
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_target ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_propensity ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_cta_widget ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1808) Message: mistats_subdata ready
console-api	log	URL: https://media2.newsobserver.com/mistats/finalizestats.js(Line 1822) Message: mistats request queued
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1933) Message: mistats cb_loaded
console-api	log	URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js(Line 190) Message: mistats request sent
console-api	error	URL: https://tags.crwdcntrl.net/lt/c/7447/lt.min.js(Line 1) Message: LT.JS: Client 7447 cannot run lt.min.js because it has no domains whitelisted.
console-api	log	URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js(Line 137) Message: mistats request postback present
console-api	log	URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js(Line 138) Message: mistats request succeeded
console-api	debug	URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js(Line 2) Message: [Zeus] CCPA string set to 1---
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js(Line 5) Message: getIrisContext - Response acting
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js(Line 5) Message: getIrisContext - Response acting
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js(Line 5) Message: getIrisContext - Response acting
console-api	log	URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-d1c14c90e7de986bc0fd.js(Line 5) Message: getIrisContext - Response acting
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1) Message: [IRIS.TV][Info]: * Iris Adaptive Plugin version 2.0.16 *
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1) Message: [IRIS.TV][Info]: * Iris Adaptive Plugin version 2.0.16 *
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1) Message: [IRIS.TV][Info]: * Iris Adaptive Plugin version 2.0.16 *
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1) Message: [IRIS.TV][Info]: * Iris Adaptive Plugin version 2.0.16 *
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1282) Message: mistats_as send
console-api	log	(Line 3) Message: Skipping WebGL fingerprinting because it is not supported in this browser
console-api	log	URL: https://media2.newsobserver.com/mistats/micb.js(Line 1046) Message: mi_launchload timeout

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
ads.pubmatic.com
adservice.google.com
analytics-check.publishersite.xyz
api.bounceexchange.com
api.ipify.org
api.rlcdn.com
assets.adobedtm.com
assets.bounceexchange.com
ats.rlcdn.com
aud.pubmatic.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.cookielaw.org
cdn.parsely.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.scroll.com
context.iris.tv
contributor.google.com
d15kdpgjg3unno.cloudfront.net
d5p.de17a.com
data.cdnbasket.net
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dyv1bugovvq1g.cloudfront.net
e.cdnwidget.com
eb3764f84be289d7493c45df205d73b6.safeframe.googlesyndication.com
edge.api.brightcove.com
edge.quantserve.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.rlcdn.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
ids.cdnwidget.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
lasteventf-tm.everesttech.net
manifest.prod.boltdns.net
match.adsrvr.org
mboxedge37.tt.omtrdc.net
mcclatchy-d.openx.net
mcclatchy-newsobserver.zeustechnology.com
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
mcclatchy.tt.omtrdc.net
media.mcclatchy.com
media2.newsobserver.com
mwzeom.zeotap.com
ovp.iris.tv
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
pubads.g.doubleclick.net
rules.quantcount.com
s.ntv.io
s0.2mdn.net
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sqs.us-east-1.amazonaws.com
static.chartbeat.com
static.criteo.net
static.scroll.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
tag.wknd.ai
tags.crwdcntrl.net
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
view.cdnbasket.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.newsobserver.com
104.108.145.8
104.108.145.83
104.108.64.33
107.178.250.234
108.128.13.248
130.211.47.17
142.250.185.130
142.250.186.66
15.237.136.106
151.101.113.194
151.101.114.49
151.101.14.49
159.253.128.183
178.250.0.163
178.250.0.165
18.156.0.31
18.208.113.131
18.235.56.156
184.30.20.198
184.30.20.241
185.29.135.227
185.33.220.240
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.106
185.64.190.80
185.94.180.126
199.232.198.217
2.17.183.44
213.155.156.184
2600:9000:2127:1c00:15:d134:4e40:93a1
2600:9000:2127:2200:6:44e3:f8c0:93a1
2600:9000:2127:2e00:11:b309:9100:21
2600:9000:2127:4400:18:1fcd:34e:d2a1
2600:9000:2127:ce00:5:82fd:2500:21
2606:4700:10::6814:b944
2606:4700:10::ac43:db6
2606:4700::6810:9540
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::200e
2a00:1450:4001:803::2013
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a02:2638::1c
2a02:2638::3
2a02:26f0:7100:491::1e80
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::539
34.107.221.36
34.120.207.148
34.120.253.250
34.241.227.67
34.250.160.229
34.98.64.218
34.98.72.95
35.190.34.148
35.201.100.179
35.201.103.116
35.201.96.126
35.227.229.34
35.227.238.167
35.244.159.8
35.244.220.155
37.157.6.252
52.212.164.82
52.212.193.208
52.46.130.43
52.48.248.240
54.144.144.142
54.194.191.134
54.198.41.31
54.225.129.141
65.9.94.11
65.9.94.33
65.9.94.50
65.9.94.69
65.9.95.127
65.9.95.61
65.9.98.193
65.9.99.50
69.173.144.139
69.173.144.141
77.243.60.138
99.80.71.186
0170c27d04be3e30c6ba52497e60b4ba2de8a7777a9ee36ce2c6b1dc146db7fc
03bd967e57e758711e3a5753d42e2cbc17f2384921558b0b651518dfeff5906f
040bec767bd32fa6cb0666f8e1080af77501353dc4c03d5b30bf228adcb28790
0464b6125d6f9f3dc1dbe6ef7f1203ea4d60d28141fd98fef1e15004f265ec2e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1
064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0827a540ffd8faac9bc0bcdcb724fdb6e0a4fb3d073d46ff9a93ea105e1613ba
0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e3498d41d9367f8548370b8944e31d349f8c4ee0c94249242d9632e589097c5
1204131b28788f47eb97306cef6fbbc1999b0c34061efb2be55d18cec60ec1a2
120613b93e99ef9c2cf12075032c75281047083a617245aa9a2d7b7c81da549f
1270a862b7759b86d679ce76254e22bcd758959c10543bd38d451a9ef6c38004
12f731776693c9e3fadb616a3da9e6fcc7f309e60ecf32d730e8a00263dabe0a
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859
1522de80cc30ced2e37ae10529e7d112f13e3d5d7d030ca8b4084e532474215d
166ba2d7baab796737b6f7946be8e4b57eb5a6f9e43e0e57b694f606684f7f39
1758a8d9ce7c5ddb7e50b60e1ce43145630aef56a6a996ae7a02b66f1c4b3bcf
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18f9e6b96e326a7aa705c687fc8893c6b2df53acce477aefe2d0239d7b82fcb5
1a6f61c661426f965e04233373588785ad5aafb703ad7521c1ba5fcfabacd18d
1ab1af758e604c59b7f05f2df783881826dc86bfb2ff30d6264ffe574ba5d40c
1ef28c721ead4e571339025f0ba2035bb04dc7cb2ee564a37b94426424fb19f0
20346740bd647bbcdcdbbb778177fb0067df87709a6f0fb42a5c600628d3d284
21856c91a409382f3b2eeec72e984ff71ffd7f3883c3f96c3b226793cf4db66e
218f074f10525b93b1b03430f5867b1c3f1a26abf38e7072c8b522c879ae4e14
219af86bf60fa46952ce96b2c3a5eb90ae29f8a15347a81362721ade3a321e27
227e7ddd78c606e6fc60ddbe51ce30d58e07922f691f1fb961b143f759ba7fb9
237eaf1d1ebd12019780eda8ff12a3d3b3dbe33eb18dc5675fcd1aa588c9df0a
276898a6b9ebb74b06e5be84680fd6f1725cefc6d56a62beb3f6fd2fbed26f24
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578
2d0ac2907a4616fa011da479bfbe45c1cbb7cb4e097c5dfe436d56245d677030
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
316d2784f1da3c0198bc4e5ec606a0b9b18ff0b08f8f4008c865a5427e0c0406
322d4cbc154d3ccb6ef8aeea1fc1a4b74ed58fe08124fa8e833d3724cb76235a
32d6404523e591d22782fa50bc724822a776cf9fd6f46fb64e0de87c79b4bb3b
33da6672a4bc2d57bcf7713bec2748036fd2ccd2127523f357974db72ddcf30b
34e04f21e210fdd8cbdf68e6746c47c3145ce8fc1ddfb9e06a4ebe2b99725a38
35e141b9c83ab864f346cce0667b9f7b63c199ba9df799c74a0e9c24408b5b22
362635fbb0c04aab327ed0d20a32b51e2f8d26247ffb181db578af7614655fd8
37834afedbacdbee0cc4e58e17aa747fb2ab10b16df54cef364596f2010c45a7
37924aaa311bf769b494bfdd0f9277ebeecd3663e988cadde52e16f63a684a99
388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044
3b7f0353b5e7f4898ea13784cb8d09a1d07381cc6082588dfb50c3b69c7c9757
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2a1ce8de20fc91cd266a7bcaf47c8d337ed7c27eaba9c455f6c3972b98ea0e
41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
497fade3f33a9fa6455795f6f5c453ec2926fe41034c1a24b945ad5bac2793dd
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265
4b0e40f4af4043520e42627b89c55cec39a35e95894ac08cc73eee3fe590c7e5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca40998b8349f65cb18f19c8cc6844e050e83bdd5bfaeaebe2df51deb40f5e3
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50066923f50edae28ce3f2e93e00c1a96208f9f81b4cfe4b33c18133eb9def09
50499b2b05cda5a878ba6be147bd1f54b500bfc83316d1bfb279fb727bb2ee5a
52756abd619702a4516f7824a8dd53ab998c36020ffd1c9ec91069e960354f3f
53c7dbfa97e7f89767dd15fd3b19aa9917035178a820bfc1b9ad75d49df07240
5476464552187ca2ac7538ebac7ed51974f1237ae1f842efeb053d7afe15b410
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
580f9e1678ba6889ad217e4b63299ff2a9e497e8801061490ac81bf2de6ae22a
586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab
5904f1d2e7fb1bbdbfdc8737628c0ec75730c5f25cee05d424d217ea5ebb8df4
5a0d79c415fb2a102d85453c47901cf3c24e3da1fbcb219066690089381eb61f
5b4872d87ed68e30afbb9e72356ef1c7d98e8d9631f0fee4be85fb8c6a2ec969
5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454
5dbbe198d3b9d40cad388191725d321b9528d48655c85227feab94bfca82b708
5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fd8bc8f1abe2eca0f650c16cd0f04bea980adbc2f228e4bc7bb6357923a9c36
60533b1916182a8b2ed435c7583046a833a68ed96b75c270c4081d30f485dab1
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
61ca98b7cf1605903efe0b6d46e33e2a30fad4df3a99b637134a92f78fd986c6
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
6e2f7e4abb0af99fe128f3e943c469d74d97cd446ff9395ef51fe068ed799209
6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862
7220fe0cfa384186aea61fde6b83832473929cf5cb16a68bf765a3d6e9a70714
739b8c85a7fc66c5641f1849342de96a73282d51607ad717c257721a7d1c16d2
740113cc2dad15037a83af4519a3363109e6dbb587002865d4f5bed30d57e731
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
757e6a4961a3b3c31c3f65f4681e9522d4f81eb3a5055029c171ae4a26ae76d5
7699eaaf12731bd7f39acef1f742ac5f6b9c88ad6ad936af94b45fd1ea99b51c
76c2d52c9a8d80f15a466ec50414189678b8370bdc630c2cd5be9088081955de
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
779c2b5d5557f974933b14421f6bdb8a062ec2bf09a6c99cbbf86b8c95c38a5d
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
79097a95aa7e4de63a765bb16c2624d4aa7b521119e90f8a7bd3b232034218d9
7a9161652edb9d9149cea556d36b7abaf193263f138098a371720bf16b97f2ce
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c7d61aa50ba45877f4cea457baf10e179850d8d3cebd3023efa2ec31f163e0a
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
80ec17111820d9192de1f9242669783c4fc7167734e1b4fa1df1182b682b64da
81521a2a12208fb21d9c38a9f8c0b3cbb12b6c617d8ccfb946f131638e4ae70f
82a074c62a609a3ada316e1f97ab72d89b9f050bf05dcb145cc340734053c122
84768d75925040131935d0ee24bd93fb9e90198f3b4ab5c9458ddfb11b62dc56
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702
8646c7287623db68d9deccf710f5a47b00b52a66a61d6e48490f5a37665c42d4
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8762153f67251ab976487fe49ed7681c2051aa358e3933d9dbd2a829bcefc456
884e5e1c0f990b0f9b77989edaf8c368fa6378c93417118cdad7f04c334a00e0
89f555437822d8ce86a52b409ce45cce077a2653f047f2b4c79ef52eb98a9ccd
8abbdc3685d5a8bb7a9296219d5d5980a9f6ae052db807e99e90b154def4769d
8e22c87bb77dd443c144e972e09e0f3eb27971b950dcf78512c439edde000875
8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79
9038f1544dc0232ee10c36eb88206cc97ad2dc574595936124cc3528da58607e
92198135117fe1b0740d2e3b710d6f634379a74a7b0a8557152659636a08724c
9262018dd4eeee83b68bd231e3a73bc5532c6c10eda83647137863207e0ff76a
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01
96bd755d87e4e283ead692fc3500b1577f01a04c4a0a10653561c8abaad76dd2
9710dab6bb3447842cba847209148bd89fb928f55865b045105fa3aefa4fb51f
9877d71b63b87c1837b2134bdba79a7531e2dd35a351d665306c4b73648bfb25
99041b7ab760bb2ece514e261afab87545a568f17335d99fc42c073f686c83a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a
9b3cadacd03244587456b85a7b38e23ddb4a17fe5edbec5382414bc2b2d4c1d8
9c229210623ddc432c0ca349bf7c0964844d9822ec47f1c9f06d40e3bf0e59e0
a01c522d810d954073c4ba8b348e601f5d44bb15fabef8915b5ed762ee8d44eb
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0da736ffa9696bca2524001635c1cba5a446be381e43b46a2f8c646e702b99f
a1bc519de7aeb90c4d8dc7c8dfe2e3d4db4c2447844bc3d57a62eccefcee6987
a23425925f24f35a94cde3e8e7664fd092258cfda4f60c0e3ea14d0fbbb93c38
a24edf9cea5a77a4babe00b6181edfa682f106cf2b0d5dc2d2f6737fd38d3356
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a732b8ad401f8934ba283ebc4e9a077a69cff3d42f1b761b3695dd07c9a8323e
a7b7c9e4837ac992f5c545f832ddb532ef64436f7a0f2c5ef47ee57f298e0f88
a821a1596f0eedef9126d3241364f52b91be45707587b636b375db1184e46b14
ac0c2d58f6f87527a34dd8de48c3a4ceb8cf95f925e92f1f973a5e21e0c8e918
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
ac7d92309c13258af795cb006ff8c84ab2a5d2c5d350cf09103c70f30e3dfa57
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afec0d4cdce1520b6a212417955487b04f6c8e069a10c8edb6af42f0e89a4db8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25aa5eb92fee08d51add083e5c4fa22516e9d1ab61179734fbb1e27fb7f8063
b468571983721e0e8522a0901f4a702584ec47df334a48ffc191617d1f3e21b1
b4ab0c9d469f5fc9747b8f7433e38ebcc71a9bde85103b9ed30606d37bdbc112
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd
b87b8dd2e685d1cf391ea9e9de5e3b4eb948ad7492b7749fc1dfa277a38a316a
b8831ec1633d1a20e81c0265dec3a771417e4fcbd28fb66a468098b20f6ea9a4
ba6e780c551edac421f2749d52d69171937f9ea4b803cbee8d4aa6ef17c48075
ba8bbfe110629e3df60cffbcd75d2ea7627f5f6e13ef3ba0354221cab7b8e097
c0de67f0e8f4974c45848483991b0aa9b4b2637fa795c25e47f3bdaaa5608f33
c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34
c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827
c22ceac6dd6f94023ff90d1b8cd9993abf03c477cb99900673b18c6d76b742d3
c4f536e4638f4e3176e97cca4d2e4ad1487f0be8bed1605b9144cdabdb43ab67
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d22a6bb9ce905a9dc000b05b1b3a2d2dcef345044035eaa78260434f7fa757ba
d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09
d38b76e4b672e959f4b275073ad850276b23d5872e9145a325add838acc1d346
d4b4384bb2207ab3d40f433ad82a808cfbba943114432667cf3d2b3b65c62ee4
d6683412de237db4a88db3125dc8d6f59236e7792719a7e1a1dc637e1efd06e0
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d9505badaa1ef09e2237fa9094f474577f02ad805f5143afa078733f2ebfc9b8
d9b5b26bd4c7e2fcf66e6dd960f711bea0da290df367f8b32fc008b27170b7c9
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
d9fc07cf576192a26b36d6c48ec9a561be826ee1bc56f62c8a996d35d1f74812
da131b728f1b675d655b5a892cc529435a58f57e6fce1c1e4f999199054a9c83
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbba323b2b903c683ec481c8ebfd0e94ffa1f42a1cdb4a29ff87e78144772337
dc2ddf4647db568ada044777f9720a60c3f5b8470297bfa2e67120fe5eb30415
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
dd7a9cefbaa685879dc6f464becd322a3213c9d1e6a43497855778ce7370d093
df20071d82f1de3235270e02d5b2a3c91ab985373121acd632db8da44e2edbfb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4aed35648e86a62baafa70dc84a63e7946a90dfcbe75d1946c69d71321255be
e512855bc21c496daaa4e36329e126ae4a3126f86388ea98d606dcad79bc101c
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6e992644bee0957058fa5beec8fe1d81b69c7d478ea899412c1e1feb11fc07d
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e764b8523e87f85481b82597a696043ae51cea9482e72f9239dbead056e4adb6
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
e8831d132ceee8b0a13a83bc27ddbaaa5bc8beb9927b38ab639b3ac7990568db
e93f1869d85006f5bef5f316a506618f80beada0ede052354c21d9e489afd93e
eb449b51070f63db7098e2945ea86d0712c2779bcd86a0bc8e0072bda93fad9f
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309
ec9c7a7f521426580db314ca744e339958dcb20ca0f2c3e05e803b962b154171
ecd12fde65d51bd3c13094ebdb5f4570ca6a1ea6eeea58afca96c52634a5e059
ece4a7d40f30903641984e4f61837fcced499eba5d215819bbc8b4cca5926302
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1de0f5f7862c43f4abdd2bca62b33ca8088d9913ceb3203f6150fb61e860cf
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0
f400853476ccde755c07d80568e60d7b3b24d9b7295a4a69793f8a78899b3026
f61efab99b6954d610afd5ced5c2a48d2c070e0fe6721d4b1d6dd86b6748dfd5
f7b564438fc53ae76772f8ce7a6ab851fd96ce0175b222e99788627fe7b73e97
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
fec14b132aa8f5c290a39129469655fb29aeed7faf69a4d628c34cc667812988

www.newsobserver.com Open in urlscan Pro 2.17.183.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

277 Requests

98 %HTTPS

31 %IPv6

64 Domains

106 Subdomains

91 IPs

9 Countries

4978 kBTransfer

12038 kBSize

58 Cookies

49 Outgoing links

Page URL History

Redirected requests

277 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newsobserver.com Open in urlscan Pro
2.17.183.44 Public Scan

Screenshot
Live screenshot

Full Image

277
Requests

98 %
HTTPS

31 %
IPv6

64
Domains

106
Subdomains

91
IPs

9
Countries

4978 kB
Transfer

12038 kB
Size

58
Cookies

277 HTTP transactions
4 data transactions