www.thenewstribune.com Open in urlscan Pro
104.111.236.243 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thenewstribune.com/customer-service/terms-of-service/
Submission: On January 14 via api (January 14th 2021, 2:55:03 pm UTC) from US

Summary HTTP 103 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 30 domains to perform 103 HTTP transactions. The main IP is 104.111.236.243, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.thenewstribune.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 21st 2019. Valid for: a year.

This is the only time www.thenewstribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	104.111.236.243 104.111.236.243	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	52.19.133.54 52.19.133.54	16509 (AMAZON-02) (AMAZON-02)
4	52.208.225.81 52.208.225.81	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	52.51.106.244 52.51.106.244	16509 (AMAZON-02) (AMAZON-02)
2	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
1	99.84.144.83 99.84.144.83	16509 (AMAZON-02) (AMAZON-02)
1	52.48.248.240 52.48.248.240	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:6200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	99.84.159.109 99.84.159.109	16509 (AMAZON-02) (AMAZON-02)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.164.147.252 54.164.147.252	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	99.86.5.213 99.86.5.213	16509 (AMAZON-02) (AMAZON-02)
1	99.86.7.54 99.86.7.54	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	34.232.20.147 34.232.20.147	14618 (AMAZON-AES) (AMAZON-AES)
2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	34.246.127.166 34.246.127.166	16509 (AMAZON-02) (AMAZON-02)
1	184.73.247.141 184.73.247.141	14618 (AMAZON-AES) (AMAZON-AES)
8	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
103	40

30 104.111.236.243 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-236-243.deploy.static.akamaitechnologies.com

www.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:299::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.133.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-133-54.eu-west-1.compute.amazonaws.com

mcclatchy.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mboxedge37.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.225.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-225-81.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcclatchy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.106.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-106-244.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

mcclatchy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.144.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-83.txl52.r.cloudfront.net

mcclatchy-thenewstribune.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.159.109 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-159-109.txl52.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.164.147.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-147-252.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.5.213 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-5-213.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.54 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-54.fra6.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.20.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-20-147.compute-1.amazonaws.com

srv-2021-01-14-14.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.127.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-127-166.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.247.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-247-141.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	thenewstribune.com www.thenewstribune.com media.thenewstribune.com	429 KB
8	qualtrics.com zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com siteintercept.qualtrics.com	56 KB
7	cookielaw.org cdn.cookielaw.org	112 KB
6	doubleclick.net pubads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	118 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	178 KB
4	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	26 KB
4	demdex.net dpm.demdex.net mcclatchy.demdex.net	5 KB
4	omtrdc.net mcclatchy.tt.omtrdc.net mcclatchy.sc.omtrdc.net mboxedge37.tt.omtrdc.net	4 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	onetrust.com geolocation.onetrust.com	794 B
3	adobedtm.com assets.adobedtm.com	19 KB
2	rlcdn.com api.rlcdn.com	443 B
2	amazon-adsystem.com c.amazon-adsystem.com	33 KB
2	pubmatic.com ads.pubmatic.com	3 KB
2	parsely.com cdn.parsely.com srv-2021-01-14-14.pixel.parsely.com	23 KB
2	crwdcntrl.net ad.crwdcntrl.net tags.crwdcntrl.net	14 KB
2	everesttech.net 1 redirects cm.everesttech.net lasteventf-tm.everesttech.net	729 B
2	quantserve.com edge.quantserve.com pixel.quantserve.com	9 KB
2	google.com www.google.com	1 KB
1	criteo.com gum.criteo.com
1	ipify.org api.ipify.org	261 B
1	adsrvr.org match.adsrvr.org	680 B
1	indexww.com js-sec.indexww.com	26 KB
1	criteo.net static.criteo.net	37 KB
1	google.de www.google.de	107 B
1	quantcount.com rules.quantcount.com	1 KB
1	zeustechnology.com mcclatchy-thenewstribune.zeustechnology.com	53 KB
1	imrworldwide.com secure-us.imrworldwide.com	337 B
1	googleapis.com fonts.googleapis.com	1007 B
103	30

	Domain	Requested by
23	www.thenewstribune.com	www.thenewstribune.com
7	siteintercept.qualtrics.com	zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
7	cdn.cookielaw.org	www.thenewstribune.com cdn.cookielaw.org
7	media.thenewstribune.com	www.thenewstribune.com media.thenewstribune.com
4	fonts.gstatic.com	fonts.googleapis.com
3	sb.scorecardresearch.com	1 redirects www.thenewstribune.com
3	www.google-analytics.com	media.thenewstribune.com www.google-analytics.com
3	geolocation.onetrust.com	cdn.cookielaw.org www.thenewstribune.com
3	dpm.demdex.net	media.thenewstribune.com www.thenewstribune.com
3	pubads.g.doubleclick.net	www.thenewstribune.com media.thenewstribune.com
3	assets.adobedtm.com	www.thenewstribune.com assets.adobedtm.com
2	api.rlcdn.com	js-sec.indexww.com mcclatchy-thenewstribune.zeustechnology.com
2	c.amazon-adsystem.com	www.thenewstribune.com c.amazon-adsystem.com
2	securepubads.g.doubleclick.net	mcclatchy-thenewstribune.zeustechnology.com securepubads.g.doubleclick.net
2	ads.pubmatic.com	mcclatchy-thenewstribune.zeustechnology.com ads.pubmatic.com
2	www.i.matheranalytics.com	www.thenewstribune.com
2	mcclatchy.sc.omtrdc.net	media.thenewstribune.com
2	js.matheranalytics.com	1 redirects www.thenewstribune.com
2	www.google.com	www.thenewstribune.com
1	gum.criteo.com	static.criteo.net
1	zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com	media.thenewstribune.com
1	api.ipify.org	www.thenewstribune.com
1	match.adsrvr.org	js-sec.indexww.com
1	srv-2021-01-14-14.pixel.parsely.com	www.thenewstribune.com
1	lasteventf-tm.everesttech.net	media.thenewstribune.com
1	pixel.quantserve.com	www.thenewstribune.com
1	tags.crwdcntrl.net	www.thenewstribune.com
1	js-sec.indexww.com	mcclatchy-thenewstribune.zeustechnology.com
1	static.criteo.net	mcclatchy-thenewstribune.zeustechnology.com
1	www.google.de	www.thenewstribune.com
1	mboxedge37.tt.omtrdc.net	www.thenewstribune.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.parsely.com	www.thenewstribune.com
1	rules.quantcount.com	edge.quantserve.com
1	ad.crwdcntrl.net	www.thenewstribune.com
1	mcclatchy-thenewstribune.zeustechnology.com	www.thenewstribune.com
1	cm.everesttech.net	1 redirects
1	mcclatchy.demdex.net	media.thenewstribune.com
1	secure-us.imrworldwide.com	www.thenewstribune.com
1	edge.quantserve.com	media.thenewstribune.com
1	www.gstatic.com	www.google.com
1	mcclatchy.tt.omtrdc.net	www.thenewstribune.com
1	fonts.googleapis.com	www.thenewstribune.com
103	43

This site contains links to these domains. Also see Links.

Domain
account.thenewstribune.com
t.news.thenewstribune.com
k12nie.com
games.thenewstribune.com
calendar.thenewstribune.com
www.legacy.com
placead.mcclatchy.com
www.theolympian.com
www.gateline.com
www.puyallupherald.com
nie.thenewstribune.com
www.kirotv.com
tacomanewstribune.adperfect.com
jobs.thenewstribune.com
www.legalnotice.org
www.mcclatchyreprints.com
thenewstribune.mycapture.com
www.ap.org
www.copyright.gov
www.adr.org
thenewstribune.com
www.facebook.com
twitter.com
www.youtube.com
www.mcclatchy.com
classifieds.thenewstribune.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert SHA2 Secure Server CA	`2019-12-21` - `2021-03-21`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-04` - `2021-04-03`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.zeustechnology.com Amazon	`2020-06-13` - `2021-07-13`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-01-06` - `2021-04-20`	3 months	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-11-27` - `2021-02-25`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.ipify.org COMODO RSA Domain Validation Secure Server CA	`2018-01-24` - `2021-01-23`	3 years	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.thenewstribune.com/customer-service/terms-of-service/
Frame ID: 1F5290C5129AA2980A35DD5B33B201F8
Requests: 100 HTTP requests in this frame

Frame: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: 2849D0FA9433C71D8574BB9C0A64827F
Requests: 1 HTTP requests in this frame

Frame: https://sb.scorecardresearch.com/beacon.js
Frame ID: 2CDE37E476C66901FDA8500800A19725
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 528840EFC886656BCB785A342223C96A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.thenewstribune.com
Frame ID: 98DF2E375278DA0BED7652E86820449B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

103
Requests

100 %
HTTPS

40 %
IPv6

30
Domains

43
Subdomains

40
IPs

7
Countries

1170 kB
Transfer

3802 kB
Size

44
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://account.thenewstribune.com/static/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://account.thenewstribune.com/static/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: http://t.news.thenewstribune.com/webApp/mccSignupPage?siteName=thenewstribune#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://k12nie.com/?p=thenewstribune/#navlink=subnav
Title: News in Education

Search URL Search Domain Scan URL

URL: http://games.thenewstribune.com/?arkpromo=site_subnav
Title: Puzzles & Games

Search URL Search Domain Scan URL

URL: http://calendar.thenewstribune.com/#navlink=subnav
Title: Events Calendar

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/tribnet/#navlink=navbar
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placead.mcclatchy.com/obits/tacoma/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: http://www.theolympian.com/
Title: The Olympian

Search URL Search Domain Scan URL

URL: http://www.gateline.com/
Title: The Peninsula Gateway

Search URL Search Domain Scan URL

URL: http://www.puyallupherald.com/
Title: The Puyallup Herald

Search URL Search Domain Scan URL

URL: http://nie.thenewstribune.com/
Title: NIE

Search URL Search Domain Scan URL

URL: http://www.kirotv.com/
Title: KIRO7

Search URL Search Domain Scan URL

URL: http://tacomanewstribune.adperfect.com/#navlink=navbar
Title: Place An Ad

Search URL Search Domain Scan URL

URL: https://jobs.thenewstribune.com/#navlink=navbar
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.legalnotice.org/pl/thenewstribune/#navlink=navbar
Title: Legals

Search URL Search Domain Scan URL

URL: http://www.mcclatchyreprints.com/
Title: http://www.mcclatchyreprints.com

Search URL Search Domain Scan URL

URL: http://thenewstribune.mycapture.com/mycapture/remoteimage.asp
Title: our high quality reprints partner

Search URL Search Domain Scan URL

URL: https://www.ap.org/company/Terms-conditions
Title: www.ap.org/company/Terms-conditions

Search URL Search Domain Scan URL

URL: https://www.copyright.gov/legislation/dmca.pdf
Title: www.copyright.gov/legislation/dmca.pdf

Search URL Search Domain Scan URL

URL: https://www.adr.org/
Title: www.adr.org

Search URL Search Domain Scan URL

URL: https://thenewstribune.com/mobile
Title: Tacoma News Tribune App

Search URL Search Domain Scan URL

URL: http://t.news.thenewstribune.com/webApp/mccSignupPage?siteName=thenewstribune
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tacomanewstribune
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/thenewstribune
Title:

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/TacomaNewsTribune
Title:

Search URL Search Domain Scan URL

URL: https://account.thenewstribune.com/static/subscribe/#navlink=mi_footer
Title: Start a Subscription

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-tribune/#navlink=mi_footer
Title: About Us

Search URL Search Domain Scan URL

URL: http://t.news.thenewstribune.com/webApp/mccSignupPage?siteName=thenewstribune#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://k12nie.com/?p=thenewstribune/#navlink=mi_footer
Title: News in Education

Search URL Search Domain Scan URL

URL: http://thenewstribune.mycapture.com/mycapture/index.asp#navlink=mi_footer
Title: Photo Store

Search URL Search Domain Scan URL

URL: https://classifieds.thenewstribune.com/#navlink=mi_footer
Title: Place a Classified

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/tribnet/obituary-place-an-obituary.aspx
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://js.matheranalytics.com/s/ma12095/74930801/sp.js?cb=1553 HTTP 301
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js

Request Chain 50

https://cm.everesttech.net/cm/dd?d_uuid=07051686418567827980538806350618382955 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YABbMgAAAMhuLB__

Request Chain 82

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1610636082948&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Terms%20of%20Service%20%7C%20Tacoma%20News%20Tribune&c7=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1610636082948&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Terms%20of%20Service%20%7C%20Tacoma%20News%20Tribune&c7=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&c9=&cs_ak_ss=1

103 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.thenewstribune.com/customer-service/terms-of-service/ 92 KB
28 KB 82ms
32ms Document
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 709b87a2dca13f17c04313e7a1fb1a72c134d549469bcf8f2b197b0e9f9506f6

Request headers

:method: GET
:authority: www.thenewstribune.com
:scheme: https
:path: /customer-service/terms-of-service/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-proxy-forwarding-type: BlackList
mi-api: WPS
content-type: text/html;charset=utf-8
surrogate-control: varnish=ESI/2.1
x-varnish: 606374328, 832242930 821602808
last-modified: Thu, 14 Jan 2021 14:47:46 GMT
etag: W/"17009-pJw7SSYy9pzyCNFrsYjWBuUENVk"
content-encoding: gzip
x-mi-in-market: 0
server: MI
mi-cache-age: 239
vary: Accept-Encoding
mi-cache: HIT
x-akamai-transformed: 9 - 0 pmb=mTOE,2
expires: Thu, 14 Jan 2021 14:54:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Jan 2021 14:54:42 GMT
content-length: 27589
set-cookie: ak_bmsc=00FE4202DFD32E338B63AC6776AB92A20210BB0533530000325B00607569D312~plphQdsSWWAxlqTuRTTX4IOK6nlBuWIHYOwXonoqt4W1BVWSE+rGYJS485DD0Avznxczi53mntkDxBOiRUT6UVOx143MKaqk/kJtV94JZdyjqcOLBduBpwKi+7mpiqWLMxKHethZ/DULHmnvtgFAOd5P7Jc2lA8HgkWzFrZMXLAbLTM/GB65HCJ3gsFMPsz4a7KHoTlro8x/TGyFj8ejswL8NhbFeqUgx3uK8cL2qnmayhngYO7D8rAu7DDrkGUoZo; expires=Thu, 14 Jan 2021 16:54:42 GMT; max-age=7200; path=/; domain=.thenewstribune.com; HttpOnly bm_mi=0D02FBC634F423892FF756869AE96E6B~eW5F441tv2v5ib+aGemU756zv4c2vmpJKEF8dcSv/Gv3K+W+YNXHxjgZgfaPQ7alxQOyFiUUSmLHZWq14CGibierfuiXJI12Acseicz/5/Tbi24PLfsqqpdMHl1NQDXtmAHmnVgm0tNJnmQC3QNn1+DjVWQ7tClTFD2ArrKzsu5wcwHMJEZ9JRGrupCzTavA1QtvgWeF5WsY+urBRn7R/icLVQ+HwGBuhEB3y3LsKIM86JEaqCpyRIOnMbU0hnbC83nC3N4JAAQR1fMtpZFehA==; Domain=.thenewstribune.com; Path=/; Max-Age=0; HttpOnly
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *

GET
H2 200 core.js Show response
www.thenewstribune.com/static/yozons-lib/ 47 KB
13 KB 31ms
29ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 457d59e08cdeb115cd5f4c86dea01f2df6af4bd7b9617452f190423be182b29a

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 189
content-length: 13009
last-modified: Wed, 13 Jan 2021 14:52:22 GMT
server: MI
etag: W/"bc1b-5b8c949581580"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 739280953, 817206267 817205730
access-control-allow-origin: *
cache-control: max-age=80
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 thenewstribune.js Show response
media.thenewstribune.com/misites/tnt/ 2 KB
1 KB 59ms
55ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.thenewstribune.com/misites/tnt/thenewstribune.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 454f188ae8d0eef4972fb91fae82a23fdf354d1fae4288120a3f6f78c0ac682c

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 21:38:27 GMT
server: Apache
etag: "9df-56b038eb73ac0"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1084

GET
H2 200 launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js Show response
assets.adobedtm.com/ 61 KB
18 KB 20ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 709ffc22504f44d3b83a216311a6d3fa88e6521cf962540d9b2a2107cd971c8d

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 15:11:49 GMT
server: AkamaiNetStorage
etag: "84c5a579413ca9508c5942f5fc966518:1597158709.65443"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 17977
expires: Thu, 14 Jan 2021 15:54:42 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
4 KB 67ms
65ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59f402de9f1e432c10350864d4d9a3f348bea192abfd0785e40f7ab1c49006ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRlLWe4rLmFqey3kX60iuw==
age: 6529
vary: Accept-Encoding
content-length: 4145
cf-request-id: 07a2fd54460000062db39ba000000001
x-ms-lease-status: unlocked
last-modified: Wed, 06 Jan 2021 15:14:28 GMT
server: cloudflare
etag: 0x8D8B255C31E8A58
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dd0984f9-f01e-0084-084c-e48ece000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61183199c9b5062d-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 51ms
49ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mHlk9fiiqYjvq2V+HtACPg==
age: 6138
vary: Accept-Encoding
cf-request-id: 07a2fd543d0000062da51c4000000001
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jul 2020 15:45:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 35967221-501e-000a-11f4-bdc16f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 61183199c9ba062d-FRA

GET
H2 200 vendor.bundle-af2280e5bf1fac00e2b0.js Show response
www.thenewstribune.com/wps/build/webpack/ 395 KB
120 KB 44ms
43ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b468571983721e0e8522a0901f4a702584ec47df334a48ffc191617d1f3e21b1

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 122375
last-modified: Mon, 14 Dec 2020 17:26:03 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"62dbd-1766249a7f8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 270681614, 645609475
access-control-allow-origin: *
cache-control: max-age=97394
access-control-allow-credentials: false
mi-cache: MISS
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-15539dde6db92a4565c1.js Show response
www.thenewstribune.com/wps/build/webpack/ 13 KB
5 KB 45ms
43ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mi-header.bundle-15539dde6db92a4565c1.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 240742
content-length: 4394
last-modified: Tue, 05 Jan 2021 22:07:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"3412-176d4972d30"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 536265229, 786826087 580109740
access-control-allow-origin: *
cache-control: max-age=440705
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1007 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52756abd619702a4516f7824a8dd53ab998c36020ffd1c9ec91069e960354f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 14:54:42 GMT
server: ESF
date: Thu, 14 Jan 2021 14:54:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 14:54:42 GMT

GET
H2 200 mi-styles.fdb8222743ac99f22f8c.css
www.thenewstribune.com/wps/build/webpack/css/ 203 KB
42 KB 25ms
23ms Stylesheet
text/css 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.fdb8222743ac99f22f8c.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8bdff539920d92f5c3a121467d4cf862df0c4068df2facb2d7ca29ecb4d7fe1b

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 245689
content-length: 42760
last-modified: Tue, 05 Jan 2021 22:07:40 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"32c6b-176d49763e0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 493323333, 313315644 45233452
access-control-allow-origin: *
cache-control: max-age=147082
access-control-allow-credentials: false
mi-cache: HIT
content-type: text/css;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 guid.js Show response
www.thenewstribune.com/wps/source/scripts/libs/ 1 KB
968 B 49ms
48ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/source/scripts/libs/guid.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 218175
content-length: 547
last-modified: Tue, 05 Jan 2021 22:04:08 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"505-176d49427c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 496662996, 811375664 671853046
access-control-allow-origin: *
cache-control: max-age=502363
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
651 B 21ms
21ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Thu, 14 Jan 2021 14:54:42 GMT

GET
H2 200 6cdf4d57 Show response
www.thenewstribune.com/akam/11/ 32 KB
11 KB 33ms
33ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/11/6cdf4d57
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8b9d3462892ec47c48b0d102bc0f0b8d8550e63fcce4fe9a3c632a5b1d8a3af

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:06:11 GMT
etag: "69cb17f7dba51d498e6865ca3557d4d5653e5f970bb730401f042cfd2dd2de42"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 10448
expires: Thu, 14 Jan 2021 14:54:42 GMT

GET
H2 200 escenic_s_code.js Show response
media.thenewstribune.com/mistats/products/ 95 KB
32 KB 63ms
61ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.thenewstribune.com/mistats/products/escenic_s_code.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 22:54:12 GMT
server: Apache
etag: "17b06-5b4555f9a663f"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 32672

GET
H2 200 escenic.js Show response
media.thenewstribune.com/mistats/products/ 63 KB
15 KB 68ms
67ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.thenewstribune.com/mistats/products/escenic.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 92198135117fe1b0740d2e3b710d6f634379a74a7b0a8557152659636a08724c

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 18:38:09 GMT
server: Apache
etag: "fb3f-5b4ca7eed1826"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 15362

GET
H2 200 finalizestats.js Show response
media.thenewstribune.com/mistats/ 71 KB
19 KB 68ms
67ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.thenewstribune.com/mistats/finalizestats.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ecd12fde65d51bd3c13094ebdb5f4570ca6a1ea6eeea58afca96c52634a5e059

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 16:46:37 GMT
server: Apache
etag: "11cc4-5b61eeb5fb911"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 18904

GET
H2 200 mi-footer.bundle-79c24024c08d7f0c7b17.js Show response
www.thenewstribune.com/wps/build/webpack/ 11 KB
5 KB 78ms
77ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 161
content-length: 4197
last-modified: Tue, 05 Jan 2021 22:07:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"2d5a-176d4972d30"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 437054797, 325298652 328861158
access-control-allow-origin: *
cache-control: max-age=497334
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 netdale.2717975ba9662f11fb97.js Show response
www.thenewstribune.com/static/yozons-lib/ 93 KB
21 KB 23ms
23ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/yozons-lib/netdale.2717975ba9662f11fb97.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f134cd20a043c3e8807cb9c93eda49e62ee1324880e815920683968c01a75eea

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 287
content-length: 20766
last-modified: Wed, 13 Jan 2021 14:52:20 GMT
server: MI
etag: W/"172f1-5b8c949399100"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 734928299, 815767443 807993133
access-control-allow-origin: *
cache-control: max-age=518938
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 0
711 B 60ms
37ms XHR
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=%2F7675%2Ftac.site_thenewstribune%2Fpropensity&sz=1x1&ref=&cookie=&c=347690478081968&tile=1&u_tz=60

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adobe.t2_3.js Show response
www.thenewstribune.com/static/yozons-lib/ 145 KB
36 KB 37ms
35ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/yozons-lib/adobe.t2_3.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 305f81e515ab9c624b6b6d75f72f5da0630e5d2b3c8e11d14f552508e2cecc44

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 27853
content-length: 36601
last-modified: Tue, 22 Dec 2020 19:24:20 GMT
server: MI
etag: W/"2425a-5b7128576c100"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 514243849 505554786
access-control-allow-origin: *
cache-control: max-age=107266
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 gfc.03e70e1ab4f5ea8c0111.js Show response
www.thenewstribune.com/static/yozons-lib/ 11 KB
5 KB 24ms
23ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/yozons-lib/gfc.03e70e1ab4f5ea8c0111.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d5327d440ec3573f45fe33fa48b7d1fb49cb2fff06a1250d3b57ca0fbe297e86

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 287
content-length: 4836
last-modified: Wed, 13 Jan 2021 14:52:20 GMT
server: MI
etag: W/"2a66-5b8c949399100"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 809365370 814195885
access-control-allow-origin: *
cache-control: max-age=518905
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

POST
H2 200 delivery Show response
mcclatchy.tt.omtrdc.net/rest/v1/ 189 B
399 B 107ms
36ms XHR
application/json 52.19.133.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=ffc0479ced6b4fc6b657c50c9301dfb5&version=2.3.0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/adobe.t2_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.133.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-133-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f7499825ba77fcf58c0a59166cfd34b19dff8db3c500b0564ab04b0b70bd830

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
x-request-id: 38f3cc33488ec955de256da0417ad7b9
content-type: application/json;charset=UTF-8

GET
H2 200 common.js Show response
media.thenewstribune.com/misites/all/ 4 KB
2 KB 31ms
30ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.thenewstribune.com/misites/all/common.js
Requested by: Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/misites/tnt/thenewstribune.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 13:27:05 GMT
server: Apache
etag: "ee5-59232dc43bc40"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1412

GET
H2 200 micb.js Show response
media.thenewstribune.com/mistats/ 132 KB
36 KB 30ms
28ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.thenewstribune.com/mistats/micb.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 00c6e9788d5997077deec494717e5fb368dd721aefb1044f41075b1479c1c842

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 14:35:34 GMT
server: Apache
etag: "20e55-5b4db393c4afd"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 36863

GET
H3-Q050 200 pts Show response
pubads.g.doubleclick.net/subopt/ 152 B
236 B 97ms
81ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/subopt/pts?products=thenewstribune.com&type=general&extrainfo=null&u_tz=-60&v=1&cdm=www.thenewstribune.com&c=638220

Requested by

Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/micb.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e880b231b0d075a14e8eaedc0fb1fa40b752e91d15ace87ecca4ec3e5335887f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 14 Jan 2021 14:54:42 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 115ms
31ms XHR
application/json 52.208.225.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_coop_safe=1&ts=1610636082363

Requested by

Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.225.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-225-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7c27ef2c9a780df4351e7fa4ba104271be704f4353a185078931e3e931331b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcscanary-prod-irl1-v121-0a2cac2c0.edge-irl1.demdex.com 5.80.4.20201224153022 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: G873lQveQ1Y=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thenewstribune.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 992
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 204 data Show response
pubads.g.doubleclick.net/subopt/ 0
570 B 74ms
70ms XHR
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/subopt/data?states=thenewstribune.com%3Aunknown&extrainfo=null&u_tz=-60&v=1&cdm=www.thenewstribune.com&c=396601

Requested by

Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/micb.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 14:54:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dbaccf11-5f3b-44bf-8c64-e7adfb4fe7c7.json Show response
cdn.cookielaw.org/consent/dbaccf11-5f3b-44bf-8c64-e7adfb4fe7c7/ 3 KB
2 KB 19ms
19ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/dbaccf11-5f3b-44bf-8c64-e7adfb4fe7c7/dbaccf11-5f3b-44bf-8c64-e7adfb4fe7c7.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

589ae9da223558106dff5956c31471f690ca190de35259c0ea7e2dd5de44c680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JwbO+qZPFmaMa7fIs/Z7ZQ==
age: 6582
vary: Accept-Encoding
content-length: 1276
cf-request-id: 07a2fd54d500000609893f1000000001
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 17:17:31 GMT
server: cloudflare
etag: 0x8D8452CEC0BFEEC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3905fee1-901e-0113-1574-b2ab52000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6118319aede40609-FRA

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
219 B 50ms
49ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d851d84e101ca32d51ff937ef2bcafd53e9f83b53694c73c7d3eb3031357b27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6118319b1a4bc2e5-FRA
cf-request-id: 07a2fd54eb0000c2e507380000000001

GET
H2 200 geofeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
354 B 32ms
32ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4791a3ec0c07289a7f51ca6f70d7b12d875746fae8c9ddb8a145b75134e7b1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6118319b1a4fc2e5-FRA
cf-request-id: 07a2fd54ec0000c2e5be1b8000000001

GET
H2 200 identityModulev3.min.js Show response
www.thenewstribune.com/wps/source/scripts/libs/ 35 KB
11 KB 31ms
30ms XHR
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/source/scripts/libs/identityModulev3.min.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 304131
content-length: 11142
last-modified: Tue, 05 Jan 2021 22:04:08 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"8dbb-176d49427c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 485622087, 812303095 603394568
access-control-allow-origin: *
cache-control: max-age=513473
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v11/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thenewstribune.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 11:00:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:58:43 GMT
server: sffe
age: 532434
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10116
x-xss-protection: 0
expires: Sat, 08 Jan 2022 11:00:48 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
fonts.gstatic.com/s/notoserif/v9/ 13 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thenewstribune.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 12:11:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:20 GMT
server: sffe
age: 96166
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13660
x-xss-protection: 0
expires: Thu, 13 Jan 2022 12:11:56 GMT

GET
H3-Q050 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v11/ 10 KB
10 KB 34ms
18ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thenewstribune.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 18:54:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:50:56 GMT
server: sffe
age: 590420
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10292
x-xss-protection: 0
expires: Fri, 07 Jan 2022 18:54:22 GMT

GET
H2 200 logo.svg
www.thenewstribune.com/wps/build/images/thenewstribune/ 10 KB
4 KB 37ms
36ms Image
image/svg+xml 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/logo.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b9f65b633a49a499a034c954707d726a90d5571ec8fc571eb7c5e4e59e9b3108

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 391762
content-length: 4088
last-modified: Tue, 05 Jan 2021 22:07:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"2810-176d4972d30"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 477189407, 883918510 571737312
access-control-allow-origin: *
cache-control: max-age=572890
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
221 B 23ms
21ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6118319b4ac9c2e5-FRA
cf-request-id: 07a2fd550d0000c2e59701e000000001

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 334 KB
131 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thenewstribune.com
Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1476
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133916
x-xss-protection: 0
last-modified: Sun, 06 Dec 2020 23:05:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 14:30:06 GMT

GET
H3-Q050 200 ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
fonts.gstatic.com/s/notoserif/v9/ 13 KB
13 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thenewstribune.com
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 23:10:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
age: 229449
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13192
x-xss-protection: 0
expires: Tue, 11 Jan 2022 23:10:33 GMT

GET
H2

200

sp.br.js Show response
js.matheranalytics.com/static/2_2_18-e/
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930801/sp.js?cb=1553
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js

78 KB
25 KB

8ms
7ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.250.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 17:56:54 GMT
content-encoding: br
last-modified: Sat, 20 Apr 2019 20:43:13 GMT
server: nginx
age: 248268
etag: "93626701087aa6ff39ccd5278fb9fd3b"
vary: Accept-Encoding
x-cache: HIT Sat, 20 Apr 2019 22:39:14 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public, max-age=269200
alt-svc: clear
content-length: 25418

Redirect headers

date: Thu, 14 Jan 2021 14:54:42 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 5-gc-euw1-10923

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/finalizestats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4981
date: Thu, 14 Jan 2021 13:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 14 Jan 2021 15:31:41 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ 23 KB
9 KB 23ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/finalizestats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 21 Jan 2021 14:54:42 GMT

GET
H2 200 mi_content_tracker.js Show response
media.thenewstribune.com/mistats/ 4 KB
2 KB 29ms
28ms Script
text/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.thenewstribune.com/mistats/mi_content_tracker.js
Requested by: Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/misites/tnt/thenewstribune.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Wed, 04 Jun 2014 15:41:43 GMT
server: Apache
etag: "11ff-4fb047712bbc0"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1432

GET
H2 200 pageBottom.77aeada27c6f5f1e9ccb.js Show response
www.thenewstribune.com/static/yozons-lib/ 1 KB
991 B 28ms
27ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/yozons-lib/pageBottom.77aeada27c6f5f1e9ccb.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 79812d903e4b73281e30f09961a6ed8bdbcbf8bd36c829882d53f1115fd4d465

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 291
content-length: 618
last-modified: Wed, 13 Jan 2021 14:52:20 GMT
server: MI
etag: W/"47a-5b8c949399100"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 732236416 728615021
access-control-allow-origin: *
cache-control: max-age=518929
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 m
secure-us.imrworldwide.com/cgi-bin/ 44 B
337 B 88ms
29ms Image
image/gif 52.51.106.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/customer-service/terms-of-service/&rp=&ts=compact&rnd=1610636082526
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.106.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-106-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 14:54:42 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 moment.min.js Show response
www.thenewstribune.com/wps/source/scripts/libs/ 41 KB
14 KB 31ms
30ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/source/scripts/libs/moment.min.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 323999
content-length: 14306
last-modified: Tue, 05 Jan 2021 22:04:08 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"a337-176d49427c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 537028519, 778770004 421280201
access-control-allow-origin: *
cache-control: max-age=544780
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 performance.b88fe83d596f81a4ebdd.js Show response
www.thenewstribune.com/static/yozons-lib/ 5 KB
2 KB 29ms
29ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/yozons-lib/performance.b88fe83d596f81a4ebdd.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 117752903b8db80b3d09b630d696ebf21140b02082fc6fc3d1e5ea870655cd8c

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 292
content-length: 1909
last-modified: Wed, 13 Jan 2021 14:52:20 GMT
server: MI
etag: W/"1383-5b8c949399100"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 815443180, 724321025 737840719
access-control-allow-origin: *
cache-control: max-age=518873
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 parsely.80f1c9486e5857fbfc62.js Show response
www.thenewstribune.com/static/yozons-lib/ 1 KB
944 B 30ms
30ms Script
application/javascript 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/yozons-lib/parsely.80f1c9486e5857fbfc62.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fb583fc659426a99333d8f7cc2b6b5f98024c357ed0006220426fe9135ae5435

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 292
content-length: 570
last-modified: Wed, 13 Jan 2021 14:52:20 GMT
server: MI
etag: W/"4af-5b8c949399100"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 739476397 728615029
access-control-allow-origin: *
cache-control: max-age=518857
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H/1.1 200
OK Cookie set dest5.html
mcclatchy.demdex.net/ Frame 2849 0
0 141ms
34ms Document
text/html 52.208.225.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.demdex.net/dest5.html?d_nsid=0

Requested by

Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.225.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-225-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: mcclatchy.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=07051686418567827980538806350618382955
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.thenewstribune.com/customer-service/terms-of-service/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 13 Jan 2021 12:53:36 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=07051686418567827980538806350618382955;Path=/;Domain=.demdex.net;Expires=Tue, 13-Jul-2021 14:54:42 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: XOrVOIqgQgc=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
mcclatchy.sc.omtrdc.net/ 2 B
322 B 81ms
22ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=06551642057528910010550819033423324636&ts=1610636082584

Requested by

Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/micb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-75ffb878dc-7h79d
vary: Origin
x-c: main-1414.Id04486.M0-474
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YABbMgAAAMhuLB__
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=07051686418567827980538806350618382955
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YABbMgAAAMhuLB__

42 B
915 B

29ms
28ms

Image
image/gif

52.208.225.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YABbMgAAAMhuLB__

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.225.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-225-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v087-0b4ed1d71.edge-irl1.demdex.com 5.80.4.20201224153022 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: ZAZ9Ab3yRJc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YABbMgAAAMhuLB__
Date: Thu, 14 Jan 2021 14:54:42 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 main.js Show response
mcclatchy-thenewstribune.zeustechnology.com/ 196 KB
53 KB 80ms
26ms Script
application/javascript 99.84.144.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-thenewstribune.zeustechnology.com/main.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/netdale.2717975ba9662f11fb97.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-83.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bee228fb9c9632eb4c9a27fabb81d60749bee8823241c675eef42d8caf18fe9d

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: L7hKAbBd3zEcOWnjywINivhdhH0vKqU_
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 15:37:43 GMT
server: AmazonS3
age: 38942
etag: W/"0ce4ebc72961de1ed1d43a0857848b83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fa133af2508a341e1ff6bfff526ba095.cloudfront.net (CloudFront)
date: Thu, 14 Jan 2021 04:05:41 GMT
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: xzd0VfpMzz-lL4I-HmZV6VUW39UgpZS46hOfi38AKmvSr8BTacx9EQ==

GET
H2 200 callback=mi.ads.extractPid Show response
ad.crwdcntrl.net/5/c=7436/pe=y/ 82 B
290 B 99ms
28ms Script
application/javascript 52.48.248.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=7436/pe=y/callback=mi.ads.extractPid
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 14:54:42 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.1
content-type: application/javascript;charset=UTF-8
content-length: 82
expires: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
68 KB 18ms
17ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 1681031
vary: Accept-Encoding
content-length: 69711
cf-request-id: 07a2fd55bd0000062d6aa31000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b5a3eed9-c01e-0069-3a3b-db874a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6118319c691f062d-FRA
expires: Fri, 22 Jan 2021 14:54:42 GMT

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ 1 KB
1 KB 84ms
11ms Script
application/x-javascript 2600:9000:2057:6200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:33:32 GMT
content-encoding: gzip
last-modified: Mon, 26 Mar 2018 17:43:26 GMT
server: AmazonS3
age: 1271
etag: W/"eeeb10fbb8e6fc7fff11277347add08a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: mFZ9r2aU1TlQmVckjRbNVTsJjEJR1DtUf-NvalZVY1RA-RHYwrSbSQ==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
75 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1783304184&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&dh=thenewstribune.com&ul=en-us&de=UTF-8&dt=Section%3ATerms%20of%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=1829704109&gjid=33001741&cid=1194053135.1610636083&tid=UA-48278079-1&_gid=1359628056.1610636083&_r=1&_slc=1&cd1=TNT&cd2=The%20News%20Tribune&cd3=Section&cd4=Online%7C%7C%7C%7C&cd5=Unregistered&cd6=Terms%20of%20Service&cg1=The%20News%20Tribune&cg2=Terms%20of%20Service&z=176107034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 14:54:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1783304184&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&dh=thenewstribune.com&ul=en-us&de=UTF-8&dt=Section%3ATerms%20of%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=933648433&gjid=1275657829&cid=1194053135.1610636083&tid=UA-48280268-1&_gid=1359628056.1610636083&_r=1&_slc=1&cd1=TNT&cd2=The%20News%20Tribune&cd3=Section&cd4=Online%7C%7C%7C%7C&cd5=Unregistered&cd6=Terms%20of%20Service&cg1=The%20News%20Tribune&cg2=Terms%20of%20Service&z=1893489873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 14:54:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pdp.gif
www.thenewstribune.com/static/yozons-lib/ 42 B
385 B 166ms
165ms Image
image/gif 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX3RudF8wNjU1MTY0MjA1NzUyODkxMDAxMDU1MDgxOTAzMzQyMzMyNDYzNl8xNjEwNjM2MDgyNjYwIiwiZG9tSW50ZXJhY3RpdmUiOjQxNCwicmVxdWVzdFN0YXJ0Ijo1MH0=
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 457393
content-length: 42
last-modified: Tue, 05 Jan 2021 13:50:28 GMT
server: MI
etag: "2a-5b8277d3df100"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 880440055 546086250
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thenewstribune.com/ 63 KB
23 KB 108ms
54ms Script
application/x-javascript 99.84.159.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thenewstribune.com/p.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/parsely.80f1c9486e5857fbfc62.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.159.109 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-159-109.txl52.r.cloudfront.net
Software: nginx /
Resource Hash: 0251e4cbca8da6ddf9b0080da72aa2923d15b6951a8dd127939be03df4dc7af9

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 00:29:57 GMT
server: nginx
x-amz-cf-pop: TXL52-C1
etag: W/"5e853205-fb32"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 d158c0069ebae5dc0d0401d105ee9c06.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-id: A1cGTx3WrCGlPyHgLFQyU6SHTm8U5l2XD7K3cJh6-kKI4ppHkyY32w==
expires: Fri, 15 Jan 2021 14:54:01 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 2CDE 1 KB
1 KB 281ms
243ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 14:54:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 15 Jan 2021 14:54:42 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 430ms
104ms Image
image/gif 54.164.147.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&page=Terms%20of%20Service%20%7C%20Tacoma%20News%20Tribune&sec=Terms%20of%20Service&prem=0&ptype=Section&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&tid=506893b7-8be3-4bdb-b7ab-bdec5589eb7a&pid=22fa861b-5434-44a9-911c-bfe2c327dbc4&dtm=1610636082672&qnm=_matherq&vp=1600x1200&ds=1600x13744&tofa=1610636083&vid=1&duid=14f628a143b04cb4&fp=606422418&cid=ma12095&mrk=74930801&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJPbmxpbmV8fHx8Il1dfSwicGVyZiI6eyJzdGFydCI6IjE2MTA2MzYwODIxMTkiLCJyZWRpckNudCI6IjAiLCJuYXZUeXBlIjoibGluayIsImhlYXBVIjoiOS45NjM1NzhtYiIsImhlYXBUIjoiMTIuMTMyNjk4bWIiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjEiLCJkb21haW5FIjoiMiIsImNvbm5TIjoiMiIsImNvbm5FIjoiNTAiLCJzc2xTIjoiOCIsInJlcXVTIjoiNTEiLCJyZXNwUyI6IjgyIiwicmVzcEUiOiI5NCIsImRvbUxvYWQiOiI4NiIsImRvbUludGVyIjoiNDE1IiwiZG9tTG9hZFMiOiI0NTQiLCJkb21Mb2FkRSI6IjQ1NSJ9LCJrZXl3b3JkcyI6WyJ0ZXJtcyIsInNlcnZpY2UiLCJsZWdhbCIsImRpc2NsYWltZXIiLCJ1c2UiLCJ0b3MiLCJ3ZWJzaXRlIiwic2l0ZSIsInRhY29tYSIsIm5ld3MgdHJpYnVuZSJdfQ
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.147.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-147-252.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 14:54:43 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-48278079-1&cid=1194053135.1610636083&jid=1829704109&gjid=33001741&_gid=1359628056.1610636083&_u=YFDAAAAACAAAAC~&z=1711728405

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Jan 2021 14:54:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 delivery Show response
mboxedge37.tt.omtrdc.net/rest/v1/ 633 B
663 B 55ms
49ms XHR
application/json 52.19.133.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=ffc0479ced6b4fc6b657c50c9301dfb5&version=2.3.0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/adobe.t2_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.133.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-133-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dda5370a5f07c71a9dd4e5b44a01d806b90993c53d33884c86c3001323190486

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
x-request-id: 1a8f0b81ef905e42b169a7772348a405
content-type: application/json;charset=UTF-8

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/dbaccf11-5f3b-44bf-8c64-e7adfb4fe7c7/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/ 84 KB
13 KB 86ms
85ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/dbaccf11-5f3b-44bf-8c64-e7adfb4fe7c7/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fcfb5d250acabeed2c17b0bd4bd826e78abb9235176a8449575376578ee37a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 95U0amRpGxWPb9+fdZA9jA==
age: 3103
vary: Accept-Encoding
content-length: 13313
cf-request-id: 07a2fd560f0000060937001000000001
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 16:58:11 GMT
server: cloudflare
etag: 0x8D8452A388EFD18
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 737de43c-f01e-0084-2157-b68ece000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6118319cec740609-FRA

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 72ms
58ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-48278079-1&cid=1194053135.1610636083&jid=1829704109&_u=YFDAAAAACAAAAC~&z=1229724253

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 14:54:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-48278079-1&cid=1194053135.1610636083&jid=1829704109&_u=YFDAAAAACAAAAC~&z=1229724253

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 14:54:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 115 KB
37 KB 47ms
19ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: mcclatchy-thenewstribune.zeustechnology.com
URL: https://mcclatchy-thenewstribune.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: ca5302f20a69cb2fe08a2429cf7268a2d5152d49608b0a954646553c70fd8afd

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:39 GMT
server: nginx
etag: W/"5ff6ed97-1cb87"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 15 Jan 2021 14:54:42 GMT

GET
H/1.1 200
OK 185522-82961290402743.js Show response
js-sec.indexww.com/ht/p/ 84 KB
26 KB 794ms
748ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185522-82961290402743.js
Requested by: Host: mcclatchy-thenewstribune.zeustechnology.com
URL: https://mcclatchy-thenewstribune.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9173d2acc4dabb4876f885ec225a07a50496a553b6f07fb878e7734b56ccda8d

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 14:54:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jan 2021 14:50:31 GMT
Server: Apache
ETag: "904817-14f93-5b8dd6093ca1e"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 26259
Expires: Thu, 14 Jan 2021 15:54:43 GMT

GET
H/1.1 200
OK userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 86ms
31ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: mcclatchy-thenewstribune.zeustechnology.com
URL: https://mcclatchy-thenewstribune.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 14:54:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:56:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300709-1d57-5b232e7ce6dc7"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=172643
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 2419
Expires: Sat, 16 Jan 2021 14:52:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 37ms
16ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mcclatchy-thenewstribune.zeustechnology.com
URL: https://mcclatchy-thenewstribune.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

67c53ae0376cff4c5e0d35104820d0b2b8ab20c94a32e477db95ae74a2c84db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 992 of 1000 / last-modified: 1610626221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18975
x-xss-protection: 0
expires: Thu, 14 Jan 2021 14:54:42 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 41ms
23ms Script
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/netdale.2717975ba9662f11fb97.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:39:50 GMT
content-encoding: gzip
server: Server
age: 892
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id: bmW-nz2hJgvPxZ1G44cwzQzhDJTV5UR-u-TnJcqgyHdZeAVBS02M6Q==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/7458/ 42 KB
14 KB 31ms
9ms Script
text/javascript 99.86.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/7458/lt.min.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/netdale.2717975ba9662f11fb97.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-54.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68425f437029dfebd113a4e0a68b9000015d9480cf1e5f2a175e925c6ad1a657

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 21:33:34 GMT
content-encoding: gzip
etag: "b27ca2b946af51deaa08e0ab9aa771e4"
last-modified: Wed, 23 Dec 2020 15:13:07 GMT
server: AmazonS3
age: 62469
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: LfB8HmmgnwfAVKXE_p2G5oYkjZueeTw1vHJXIxIrMMihZd94kZK4Gw==

GET
H2 200 pixel;r=2068990842;labels=TNT;rf=0;uht=2;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F;fpan=1;fpa=P0-1921298092-1610636082722;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 35 B
371 B 9ms
7ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2068990842;labels=TNT;rf=0;uht=2;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F;fpan=1;fpa=P0-1921298092-1610636082722;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=thenewstribune.com;je=0;sr=1600x1200x24;dst=1;et=1610636082722;tzo=-60;ogl=site_name.Tacoma%20News%20Tribune%2Ctitle.Terms%20of%20Service%20%7C%20Tacoma%20News%20Tribune%2Cimage.https%3A%2F%2Fwww%252Ethenewstribune%252Ecom%2Fwps%2Fbuild%2Fimages%2Fthenewstribune%2Ffacebook%252Ejpg

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 14:54:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
212 B 24ms
7ms XHR
text/plain 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=05E4D5975EA9E4F9-4AA04E27487584FD&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=06551642057528910010550819033423324636&_les_url=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F
Requested by: Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/products/escenic_s_code.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1610636083.764076,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4032-HHN

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 44ms
29ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Thu, 14 Jan 2021 14:54:42 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 62ms
21ms XHR
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding: gzip
etag: "a4d296427fc806b21335359e398c025c"
age: 52598
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
date: Thu, 14 Jan 2021 00:18:05 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: OWJX04vB7wkS_Oh9Bm_uoQYS5BgBU-CyZ4gDGikz4m6qOj87Jdma7A==

GET
H/1.1 200
OK /
srv-2021-01-14-14.pixel.parsely.com/plogger/ 43 B
229 B 409ms
98ms Image
image/gif 34.232.20.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2021-01-14-14.pixel.parsely.com/plogger/?rand=1610636082799&plid=37176576&idsite=thenewstribune.com&url=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&sref=&sts=1610636082794&slts=0&title=Terms+of+Service+%7C+Tacoma+News+Tribune&date=Thu+Jan+14+2021+15%3A54%3A42+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=55489534&u=pid%3D27deed7df40b0e7f1acae7c65e24c692
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.20.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-20-147.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 14:54:43 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
4 KB 15ms
15ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NgHQTHCGWwGmNE0ie37G8A==
age: 6248223
vary: Accept-Encoding
content-length: 3248
cf-request-id: 07a2fd5678000006096987c000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0aa26bd0-a01e-003d-14b1-b16dc0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6118319d8e870609-FRA
expires: Fri, 22 Jan 2021 14:54:42 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 61 KB
15 KB 14ms
14ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ebGLXbyX4UjJx8DgFc7F7g==
age: 5921318
vary: Accept-Encoding
content-length: 14901
cf-request-id: 07a2fd56790000060919a69000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:17 GMT
server: cloudflare
etag: 0x8D84A3B55B1B344
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ad7b70ea-001e-007f-6baa-b446d4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6118319d8e890609-FRA
expires: Fri, 22 Jan 2021 14:54:42 GMT

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 5288 0
0 44ms
43ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.thenewstribune.com/customer-service/terms-of-service/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=150493
Expires: Sat, 16 Jan 2021 08:42:55 GMT
Date: Thu, 14 Jan 2021 14:54:42 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 33ms
32ms XHR
application/json 52.208.225.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_mid=06551642057528910010550819033423324636&d_coop_safe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=mcid%0106551642057528910010550819033423324636&ts=1610636082876

Requested by

Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.225.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-225-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d29e1199610f8739281db783f106ab20f30b128d7075cc9a713843fb30f85e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v087-0ff4d7c33.edge-irl1.demdex.com 5.80.4.20201224153022 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: DfPVQUXpRr4=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thenewstribune.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 993
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s24645896891189 Show response
mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/ 2 KB
3 KB 52ms
52ms Script
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/s24645896891189?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=14%2F0%2F2021%2015%3A54%3A42%204%20-60&cid.&mcid.&id=06551642057528910010550819033423324636&.mcid&.cid&d.&nsid=0&jsonv=1&.d&sdid=05E4D5975EA9E4F9-4AA04E27487584FD&mid=06551642057528910010550819033423324636&aamlh=6&ce=UTF-8&pageName=D%3Dv4&g=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&cc=USD&ch=D%3Dv23&server=D%3Dv24&xact=mi_as_tnt_06551642057528910010550819033423324636_1610636082660&events=event7%2Cevent62%3D1268&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv54&v1=Unregistered&h1=TNT%7CThe%20News%20Tribune%7COnline%7C%7C%7C%7C%7CTerms%20of%20Service&c2=dev%3Aother&c3=D%3Dv7&v4=Section%3ATerms%20of%20Service&c5=meter%3Aanonymous&c6=D%3Dh1&v7=Section&c10=%2Fcustomer-service%2Fterms-of-service%2F&c11=ecidfailed%3Ano%7Cecidtimeout%3Ano%7Cmicb%3Ayes%7ChasFocus%3Ayes%7Crefresh%3Ano&c12=pageview%3Anormal&v12=no%20referrer&c13=Unregistered&c14=D%3Dv16&c15=dev%3Aother&v15=New&c17=D%3Dv8&c18=D%3Dv15&c20=D%3Dv51&c21=Online&v23=Terms%20of%20Service&v24=thenewstribune.com&v25=Terms%20of%20Service&c26=D%3Dv26&v26=TNT&c27=D%3Dv27&v27=The%20News%20Tribune&c28=Section%3A26509&v30=score%3A14&c33=9%3A54AM&c34=Thursday&c35=D%3Dv13&c36=D%3Dv10&c39=D%3Dv14&c41=D%3Dv74&v41=Online%7C%7C%7C%7C%7CTerms%20of%20Service&c43=D%3Dv55&c44=Entry%20Page&v45=loggedin%3Ano&c47=escenic%3Adesktop&v48=XT_CreditCardDecline_032320%3A%20Default&c49=D%3Dv12&v50=D%3Dv0&v54=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&v55=Entry%20Page&c56=D%3Dv45&c58=core%3Ayes%7Cdl%3Ayes&v71=1&v74=Product%3A%20Escenic&v79=D%3Dmid&v84=1268&v85=Unknown&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&AQE=1

Requested by

Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/products/escenic_s_code.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

6a6b664e47ef9578917f2498c16dc6b0141fcdf999cd869d23ac47894df2529f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-aam-tid: IIllShKoTWg=
date: Thu, 14 Jan 2021 14:54:42 GMT
x-content-type-options: nosniff
x-c: main-1414.Id04486.M0-474
p3p: CP="This is not a P3P policy"
content-length: 2490
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v087-01e9fa1a1.edge-irl1.demdex.com 5.80.4.20201224153022 7ms (+1ms)
pragma: no-cache
last-modified: Fri, 15 Jan 2021 14:54:42 GMT
server: jag
xserver: anedge-75ffb878dc-stnl4
etag: 3458814649264963584-4621764370215719006
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 13 Jan 2021 14:54:42 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 2CDE
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1610636082948&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Terms%20of%20Service%20%7C%20Tacoma%20News%20Tribune&c7=https%3A%2F%2Fwww.thenewstribune.com%2Fcu...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1610636082948&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Terms%20of%20Service%20%7C%20Tacoma%20News%20Tribune&c7=https%3A%2F%2Fwww.thenewstribune.com%2Fc...

0
528 B

19ms
19ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1610636082948&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Terms%20of%20Service%20%7C%20Tacoma%20News%20Tribune&c7=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&c9=&cs_ak_ss=1
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/customer-service/terms-of-service/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 14:54:42 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1610636082948&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Terms%20of%20Service%20%7C%20Tacoma%20News%20Tribune&c7=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 14 Jan 2021 14:54:42 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel_6cdf4d57 Show response
www.thenewstribune.com/akam/11/ 0
611 B 23ms
23ms XHR
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/11/pixel_6cdf4d57
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/akam/11/6cdf4d57
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 14:54:43 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Thu, 14 Jan 2021 14:54:43 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
333 B 31ms
15ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-82961290402743.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.207.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

148.207.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 14 Jan 2021 14:54:43 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
680 B 30ms
30ms XHR
application/json 34.246.127.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185522
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-82961290402743.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.127.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-127-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7fc819ea116f42f2b76d9326a9da5fb3554b6d4804cf1e8703387b3902b60399

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 14 Jan 2021 14:54:43 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sat, 13 Feb 2021 14:54:43 GMT

GET
H2 403 quarantine.9decb3b20b9929109241.js
www.thenewstribune.com/static/yozons-lib/ 0
0 42ms
41ms Script
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/yozons-lib/quarantine.9decb3b20b9929109241.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:43 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 342
expires: Thu, 14 Jan 2021 14:54:43 GMT

GET
H2 403 FREE.gif
www.thenewstribune.com/static/img/placeholder/ 322 B
322 B 40ms
40ms Image
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/static/img/placeholder/FREE.gif?mias=9JCNxIiOiMHciwSZ1JHd6IycuJCLiAjN2IDOwYzM2ATM2EzX2MjN0IzMzIDNzMDM5EDOwUTNwEDMwETO4ITN3UDMyQjNxUTN2AzX05GdfNXYflWbiojIpRnIsISZjlmdyV2UgY2bgMXbyVGViojIoNmIs0nMzUzM4AjNzYDMxYTM6ISZkJnIsAjOiMHZyJCLwojIzFnciwSOxEjM4AjNzYDMxYTM6IycnBnI7pjI0JCL9tnOiMHZpJye
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: a02cc96818c59a84e6ef9b595b26cf3e083e5f28d90d0389ebf132ee84a44c4a

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:43 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 322
expires: Thu, 14 Jan 2021 14:54:43 GMT

GET
H2 200 RC5e0483c0e28e4c0ba069181f1fe66253-source.min.js Show response
assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/fe3205a22b31/ 335 B
483 B 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/fe3205a22b31/RC5e0483c0e28e4c0ba069181f1fe66253-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fc80d3d51b357d153a4cb0ee8216352243e6b33965f2a043556a5e0cd416e215

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 15:11:50 GMT
server: AkamaiNetStorage
etag: "ec617d779f7c5e72e55c82a78954ac95:1597158710.702967"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 214
expires: Thu, 14 Jan 2021 15:54:43 GMT

GET
H2 200 RCdb4bb460c1784184ba1cc4322bae3c78-source.min.js Show response
assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/fe3205a22b31/ 336 B
485 B 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fbb8081eaa8b/aab476d462c3/fe3205a22b31/RCdb4bb460c1784184ba1cc4322bae3c78-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 73d293ac874aa0b3ed6c70cdc0b3e2553da40156161d4708f58dbd73bee13024

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 15:11:50 GMT
server: AkamaiNetStorage
etag: "ec617d779f7c5e72e55c82a78954ac95:1597158710.702967"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 216
expires: Thu, 14 Jan 2021 15:54:43 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
261 B 3318ms
3006ms XHR
application/json 184.73.247.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.247.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-247-141.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c6810be9b4479828c484c8401db3b5663f78e06f104343467867365abc2a3563

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 14:54:46 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thenewstribune.com
Connection: keep-alive
Content-Length: 22

GET
H2 200 / Show response
zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 56 KB
17 KB 363ms
62ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e4ggyW07IMID52Z

Requested by

Host: media.thenewstribune.com
URL: https://media.thenewstribune.com/mistats/products/escenic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d7a9f621fb337a760e1ccc2a43ffa30c0beab3b057ad05e171516d65155badcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50849
cf-polished: origSize=58381
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 07a2fd5a82000004a3bb115000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"e40d-lhg3Z+y+cE+cCHUtJdk772l+sBw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 611831a3f85c04a3-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 403 pdp.gif
www.thenewstribune.com/static/yozons-lib/ 316 B
316 B 73ms
72ms Image
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX3RudF8wNjU1MTY0MjA1NzUyODkxMDAxMDU1MDgxOTAzMzQyMzMyNDYzNl8xNjEwNjM2MDgyNjYwIiwiZ3B0UmVxdWVzdGVkIjo1OTMsImxvYWRFdmVudFN0YXJ0IjoxNDExLCJ6ZXVzUmVxdWVzdGVkIjo0ODN9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 7ea4b93fff84081db973f9d3ca96811927d998e4e91b9a95d93c116d0dcb7039

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:43 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 316
expires: Thu, 14 Jan 2021 14:54:43 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 98DF 0
0 42ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.thenewstribune.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.thenewstribune.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thenewstribune.com/customer-service/terms-of-service/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.thenewstribune.com/customer-service/terms-of-service/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1293
date: Thu, 14 Jan 2021 14:54:43 GMT
content-length: 0

GET
H2 403 push.cce752626dbe23d9f76b.js
www.thenewstribune.com/static/yozons-lib/ 0
0 63ms
62ms Script
text/html 104.111.236.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/yozons-lib/push.cce752626dbe23d9f76b.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.243 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-243.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:43 GMT
server: AkamaiGHost
mime-version: 1.0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 336
expires: Thu, 14 Jan 2021 14:54:43 GMT

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
1 KB 155ms
153ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_e4ggyW07IMID52Z&Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Host: zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
URL: https://zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e4ggyW07IMID52Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b587af8ed880c718a04eeaed19575c27f017c68ad675005eae52905d0209dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 14:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 611831a4796b04a3-CDG
vary: Accept-Encoding
cf-request-id: 07a2fd5acf000004a3739e6000000001

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 91 KB
27 KB 49ms
48ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Host: zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
URL: https://zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e4ggyW07IMID52Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8efac7087552def0e358b8896dbbe43b7ffe2d961746cdc4aea60f7eed3e1384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51301
cf-polished: origSize=94176
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 07a2fd5b6c000004a36a377000000001
last-modified: Wed, 13 Jan 2021 20:20:13 GMT
server: cloudflare
x-powered-by: Express
etag: W/"16fe0-176fd67e448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 611831a57b2604a3-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 14.aa475dacc894c318cd56.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
879 B 49ms
49ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/14.aa475dacc894c318cd56.chunk.js?Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Host: zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
URL: https://zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e4ggyW07IMID52Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

89230133af23c2148803e020496c78ddae3816caa47274e69eb7cbe99529cc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51301
cf-polished: origSize=2639
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 07a2fd5bb3000004a3c9258000000001
last-modified: Wed, 13 Jan 2021 20:20:13 GMT
server: cloudflare
x-powered-by: Express
etag: W/"a4f-176fd67e448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 611831a5ec1004a3-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.74fb3456d63880032fbf.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 26 KB
6 KB 44ms
43ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.74fb3456d63880032fbf.chunk.js?Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Host: zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
URL: https://zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e4ggyW07IMID52Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b0f57b5646b63504e01c6607c09ec8144ad95144fe79e0323614b07fccfb2b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51303
cf-polished: origSize=27274
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 07a2fd5bb4000004a3b9353000000001
last-modified: Wed, 13 Jan 2021 20:20:13 GMT
server: cloudflare
x-powered-by: Express
etag: W/"6a8a-176fd67e448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 611831a5ec1404a3-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 UserDefinedHTMLModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 7 KB
2 KB 51ms
50ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/UserDefinedHTMLModule.js?Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Host: zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
URL: https://zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e4ggyW07IMID52Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f6f011c0b9379c09b5a2fdda17a16749af0e4b207b9e136bedb891cedb2b8cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51293
cf-polished: origSize=7814
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 07a2fd5bb4000004a3cf805000000001
last-modified: Wed, 13 Jan 2021 20:20:13 GMT
server: cloudflare
x-powered-by: Express
etag: W/"1e86-176fd67e448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 611831a5ec1604a3-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 6 KB
2 KB 47ms
28ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_aa92vAqoWdM6fkx&Version=38&Q_ORIGIN=https://www.thenewstribune.com&Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Host: zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
URL: https://zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e4ggyW07IMID52Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca8d039c94e8834c4205107dc19dbaf5ce8ace9006c09bfbcf9bb3907d39135b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67218
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 07a2fd5bc00000d6edc903d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://www.thenewstribune.com
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: true
cf-ray: 611831a5fb9fd6ed-FRA
servershortname
expires: Sat, 11 Jan 2031 20:14:26 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
726 B 47ms
29ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5viajFP9WpfFVit&Version=14&Q_InterceptID=SI_aa92vAqoWdM6fkx&Q_ORIGIN=https://www.thenewstribune.com&Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Host: zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
URL: https://zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e4ggyW07IMID52Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6494bf1b0f65f032c557cee93443f65f96efe60c507b38f4cf67adbf0974de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67218
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 07a2fd5bc00000d6edea377000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://www.thenewstribune.com
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: true
cf-ray: 611831a5fba0d6ed-FRA
servershortname
expires: Sat, 11 Jan 2031 20:14:26 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
110 B 15ms
15ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1405

Requested by

Host: mcclatchy-thenewstribune.zeustechnology.com
URL: https://mcclatchy-thenewstribune.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.207.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

148.207.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:54:45 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 104ms
104ms Image
image/gif 54.164.147.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_privb=0&tid=e2634c71-fade-4078-bf6c-73ceec6287fe&pid=22fa861b-5434-44a9-911c-bfe2c327dbc4&dtm=1610636092672&qnm=_matherq&vp=1600x1200&ds=1600x13744&tofa=1610636093&vid=1&duid=8eb98de226879b0a&fp=606422418&cid=ma12095&mrk=74930801&url=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxMDYzNjA4MjExOSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMi4wODM5ODFtYiIsImhlYXBUIjoiMTMuNTEyNjM3bWIiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjEiLCJkb21haW5FIjoiMiIsImNvbm5TIjoiMiIsImNvbm5FIjoiNTAiLCJzc2xTIjoiOCIsInJlcXVTIjoiNTEiLCJyZXNwUyI6IjgyIiwicmVzcEUiOiI5NCIsImRvbUxvYWQiOiI4NiIsImRvbUludGVyIjoiNDE1IiwiZG9tTG9hZFMiOiI0NTQiLCJkb21Mb2FkRSI6IjQ1NSIsImRvbUNtcGx0IjoiMTQxMSIsImxvYWRTIjoiMTQxMSIsImxvYWRFIjoiMTQyMyJ9fQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.147.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-147-252.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.thenewstribune.com/customer-service/terms-of-service/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 14:54:52 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

301 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 17:33:32	Name: KRTBCOOKIE_218 Value: 22978-YABbMgAAAMhuLB__&KRTB&23209-YABbMgAAAMhuLB__&KRTB&23244-YABbMgAAAMhuLB__
.pubmatic.com/	1970-01-19 16:07:08	Name: SPugT Value: 1610636083
.pubmatic.com/	1970-01-19 16:07:08	Name: KRTBCOOKIE_391 Value: 22924-4326294459318595281
.pubmatic.com/	1970-01-19 17:33:32	Name: KRTBCOOKIE_377 Value: 6810-6abdf069-eee0-4cb9-b716-42e12f94fd29&KRTB&22918-6abdf069-eee0-4cb9-b716-42e12f94fd29&KRTB&23031-6abdf069-eee0-4cb9-b716-42e12f94fd29
.pubmatic.com/	1970-01-19 17:33:32	Name: KRTBCOOKIE_80 Value: 16514-CAESELPmasB12P4sSxkMaJgJOQs&KRTB&22987-CAESELPmasB12P4sSxkMaJgJOQs&KRTB&23025-CAESELPmasB12P4sSxkMaJgJOQs
.pubmatic.com/	1970-01-19 17:33:32	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 17:33:32	Name: DPSync3 Value: 1611792000%3A219_201_226_221
.pubmatic.com/	1970-01-19 16:07:08	Name: KRTBCOOKIE_336 Value: 5844-1238755962223770391
.pubmatic.com/	1970-01-19 17:33:32	Name: KADUSERCOOKIE Value: 3FD90F9C-6EDB-4864-95A4-9005CA5136DC
.pubmatic.com/	1970-01-19 15:25:22	Name: pi Value: 159414:2
.demdex.net/	1970-01-19 19:43:08	Name: dextp Value: 771-1-1610636082737\|144230-1-1610636082840\|144231-1-1610636082941\|144232-1-1610636083042\|144233-1-1610636083142\|144234-1-1610636083244\|144235-1-1610636083344\|144236-1-1610636083445\|144237-1-1610636083546
.demdex.net/	1970-01-19 19:43:08	Name: demdex Value: 07051686418567827980538806350618382955
.thenewstribune.com/	1970-01-19 15:23:57	Name: mi_ptid Value: bWlfYXNfdG50XzA2NTUxNjQyMDU3NTI4OTEwMDEwNTUwODE5MDMzNDIzMzI0NjM2XzE2MTA2MzYwODI2NjA%3D
.thenewstribune.com/	1970-01-20 00:48:24	Name: __qca Value: P0-1921298092-1610636082722
.thenewstribune.com/	1970-01-20 08:55:08	Name: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18642%7CMCMID%7C06551642057528910010550819033423324636%7CMCAAMLH-1611240882%7C6%7CMCAAMB-1611240882%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1610643282s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18649%7CMCCIDH%7C1697257933%7CvVersion%7C4.4.0
.thenewstribune.com/	1970-01-19 15:23:57	Name: mi_iv Value: true
.ads.pubmatic.com/	1970-01-19 15:25:22	Name: KCCH Value: YES
.thenewstribune.com/	1970-01-19 16:07:08	Name: mi_nr Value: 1610636082872-New
.pubmatic.com/	1970-01-19 16:07:08	Name: KRTBCOOKIE_27 Value: 16735-uid:33736000-5b32-4700-8880-7338f3288208&KRTB&16736-uid:33736000-5b32-4700-8880-7338f3288208&KRTB&23019-uid:33736000-5b32-4700-8880-7338f3288208&KRTB&23114-uid:33736000-5b32-4700-8880-7338f3288208
.thenewstribune.com/	1970-01-19 15:23:57	Name: mi_gps Value: 14
.www.thenewstribune.com/	1970-01-20 00:09:32	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Jan+14+2021+15%3A54%3A42+GMT%2B0100+(Central+European+Standard+Time)&version=6.5.0&hosts=&landingPath=https%3A%2F%2Fwww.thenewstribune.com%2Fcustomer-service%2Fterms-of-service%2F&groups=C0002%3A0%2CC0001%3A1%2CC0004%3A0%2CC0003%3A0
.thenewstribune.com/	1970-01-20 08:56:34	Name: adcloud Value: {%22_les_v%22:%22y%2Cthenewstribune.com%2C1610637882%22}
.thenewstribune.com/	1970-01-19 15:23:56	Name: _gat_mistats_ga_UA-48280268-1 Value: 1
.thenewstribune.com/	1970-01-19 15:23:57	Name: _sp_ses.757a Value: *
.pubmatic.com/	1970-01-19 17:33:32	Name: SyncRTB3 Value: 1611792000%3A220_13_54_7_223_21_56_161_3%7C1611878400%3A35
.pubmatic.com/	1970-01-19 17:33:32	Name: chkChromeAb67Sec Value: 1
.thenewstribune.com/	1970-01-19 15:23:56	Name: _gat_mistats_ga_UA-48278079-1 Value: 1
.pubmatic.com/	1970-01-19 16:07:08	Name: PugT Value: 1610636083
.thenewstribune.com/	1970-01-19 15:34:00	Name: mi_ppv Value: Oth%3A%2013500px%20%3A%2010%2Bsc%20%3A%2010%25
.thenewstribune.com/	1970-01-19 15:24:03	Name: ak_bmsc Value: 00FE4202DFD32E338B63AC6776AB92A20210BB0533530000325B00607569D312~plEDml+YsYd4re8vQJcuqqama0oglS9AVitPGCTy7wGpgNIofZSqqw06Z++W9nNCLgzYw8nnIHn5DtT7omyyIf+8be7Pb8n5v5Qk9VscEE+IZ5R/C3hFmOyfAkine3eazFmBRUtms9DcIckSyIBkVw7qnI0CUrsVYDzoVra7gZdIGQU8v76w0Me/508RDGJZMEgmqmPA3oO+7SLuaQhpaIWyKg3lZJEPDYErkb0dMklR/NeJz3pwVVVNfFDksCk9dT9k52wR0niIuZNwNaTu0fkCtfYxpEJgJqr/Fh1CcQLgI=
.thenewstribune.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.thenewstribune.com/	1970-01-19 16:07:08	Name: mi_s_vnmn Value: 1613228082872%26vn%3D1
.thenewstribune.com/	1970-01-19 15:23:56	Name: lotame_domain_check Value: thenewstribune.com
.thenewstribune.com/	1970-01-19 15:25:22	Name: _gid Value: GA1.2.1359628056.1610636083
.thenewstribune.com/	1970-01-19 15:23:57	Name: mi_ppn Value: Section%3ATerms%20of%20Service
.thenewstribune.com/	1970-01-20 08:55:08	Name: _sp_id.757a Value: 14f628a143b04cb4.1610636083.1.1610636083.1610636083
.thenewstribune.com/	1970-01-20 08:55:08	Name: _ga Value: GA1.2.1194053135.1610636083
.thenewstribune.com/	1970-01-19 16:07:08	Name: aam_uuid Value: 07051686418567827980538806350618382955
.pubmatic.com/	1970-01-19 17:33:32	Name: KTPCACOOKIE Value: YES
.thenewstribune.com/	1969-12-31 23:59:59	Name: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: 1
.thenewstribune.com/	1969-12-31 23:59:59	Name: at_check Value: true
www.thenewstribune.com/	1970-01-20 00:09:32	Name: usprivacy Value: 1---
.thenewstribune.com/	1970-01-19 15:23:57	Name: mboxEdgeCluster Value: 37
.thenewstribune.com/	1970-01-20 08:58:00	Name: mbox Value: session#ffc0479ced6b4fc6b657c50c9301dfb5#1610637943\|PC#ffc0479ced6b4fc6b657c50c9301dfb5.37_0#1673880883

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://media.thenewstribune.com/mistats/micb.js(Line 240) Message: mistats_subdata ready
console-api	log	URL: https://media.thenewstribune.com/mistats/micb.js(Line 1845) Message: mistats bx_inactive
console-api	log	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11325) Message: JQMIGRATE: Migrate is installed with logging active, version 3.1.0
console-api	log	URL: https://media.thenewstribune.com/mistats/finalizestats.js(Line 1806) Message: waiting for mistats_target
console-api	warning	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: 'ready' event is deprecated
console-api	log	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.resize() event shorthand is deprecated
console-api	log	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.mouseleave() event shorthand is deprecated
console-api	log	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	warning	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: JQMIGRATE: jQuery.fn.hover() is deprecated
console-api	log	URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-af2280e5bf1fac00e2b0.js(Line 11340) Message: console.trace
console-api	log	URL: https://media.thenewstribune.com/mistats/micb.js(Line 129) Message: mistats_gpscore: 14
console-api	log	URL: https://media.thenewstribune.com/mistats/finalizestats.js(Line 1806) Message: waiting for mistats_target
console-api	debug	URL: https://mcclatchy-thenewstribune.zeustechnology.com/main.js(Line 2) Message: [customSSP] Registering custom bidder [object Object]
console-api	log	URL: https://media.thenewstribune.com/mistats/finalizestats.js(Line 1806) Message: waiting for mistats_target
console-api	log	URL: https://media.thenewstribune.com/mistats/finalizestats.js(Line 1808) Message: mistats_target ready
console-api	log	URL: https://media.thenewstribune.com/mistats/finalizestats.js(Line 1808) Message: mistats_propensity ready
console-api	log	URL: https://media.thenewstribune.com/mistats/finalizestats.js(Line 1808) Message: mistats_cta_widget ready
console-api	log	URL: https://media.thenewstribune.com/mistats/finalizestats.js(Line 1808) Message: mistats_subdata ready
console-api	log	URL: https://media.thenewstribune.com/mistats/finalizestats.js(Line 1822) Message: mistats request queued
console-api	error	URL: https://tags.crwdcntrl.net/lt/c/7458/lt.min.js(Line 1) Message: LT.JS: Client 7458 cannot run lt.min.js because it has no domains whitelisted.
console-api	log	URL: https://media.thenewstribune.com/mistats/products/escenic_s_code.js(Line 190) Message: mistats request sent
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://media.thenewstribune.com/mistats/products/escenic_s_code.js(Line 137) Message: mistats request postback present
console-api	log	URL: https://media.thenewstribune.com/mistats/products/escenic_s_code.js(Line 138) Message: mistats request succeeded
console-api	log	URL: https://media.thenewstribune.com/mistats/micb.js(Line 1273) Message: mistats_as queue empty
console-api	log	URL: https://media.thenewstribune.com/mistats/micb.js(Line 1281) Message: mistats_as send
console-api	log	(Line 3) Message: Skipping WebGL fingerprinting because it is not supported in this browser
console-api	log	URL: https://media.thenewstribune.com/mistats/micb.js(Line 1046) Message: mi_launchload timeout

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
ads.pubmatic.com
api.ipify.org
api.rlcdn.com
assets.adobedtm.com
c.amazon-adsystem.com
cdn.cookielaw.org
cdn.parsely.com
cm.everesttech.net
dpm.demdex.net
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gum.criteo.com
js-sec.indexww.com
js.matheranalytics.com
lasteventf-tm.everesttech.net
match.adsrvr.org
mboxedge37.tt.omtrdc.net
mcclatchy-thenewstribune.zeustechnology.com
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
mcclatchy.tt.omtrdc.net
media.thenewstribune.com
pixel.quantserve.com
pubads.g.doubleclick.net
rules.quantcount.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
srv-2021-01-14-14.pixel.parsely.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.i.matheranalytics.com
www.thenewstribune.com
zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
104.111.236.243
104.111.238.139
104.17.209.240
107.178.250.234
15.237.76.117
151.101.114.49
172.217.16.130
184.73.247.141
2.18.233.180
2.18.234.21
216.58.212.130
2600:9000:2057:6200:6:44e3:f8c0:93a1
2606:4700:10::6814:b944
2606:4700::6810:9440
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2004
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:816::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:821::200a
2a00:1450:4001:824::2003
2a00:1450:400c:c0c::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00:299::1e80
34.120.207.148
34.232.20.147
34.246.127.166
52.19.133.54
52.208.225.81
52.48.248.240
52.51.106.244
54.164.147.252
54.194.191.134
99.84.144.83
99.84.159.109
99.86.5.213
99.86.7.54
00c6e9788d5997077deec494717e5fb368dd721aefb1044f41075b1479c1c842
0251e4cbca8da6ddf9b0080da72aa2923d15b6951a8dd127939be03df4dc7af9
064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094
117752903b8db80b3d09b630d696ebf21140b02082fc6fc3d1e5ea870655cd8c
1b587af8ed880c718a04eeaed19575c27f017c68ad675005eae52905d0209dd3
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
2f7499825ba77fcf58c0a59166cfd34b19dff8db3c500b0564ab04b0b70bd830
305f81e515ab9c624b6b6d75f72f5da0630e5d2b3c8e11d14f552508e2cecc44
388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044
41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454f188ae8d0eef4972fb91fae82a23fdf354d1fae4288120a3f6f78c0ac682c
457d59e08cdeb115cd5f4c86dea01f2df6af4bd7b9617452f190423be182b29a
4791a3ec0c07289a7f51ca6f70d7b12d875746fae8c9ddb8a145b75134e7b1bf
52756abd619702a4516f7824a8dd53ab998c36020ffd1c9ec91069e960354f3f
586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab
589ae9da223558106dff5956c31471f690ca190de35259c0ea7e2dd5de44c680
59f402de9f1e432c10350864d4d9a3f348bea192abfd0785e40f7ab1c49006ed
5b6494bf1b0f65f032c557cee93443f65f96efe60c507b38f4cf67adbf0974de
5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
67c53ae0376cff4c5e0d35104820d0b2b8ab20c94a32e477db95ae74a2c84db5
68425f437029dfebd113a4e0a68b9000015d9480cf1e5f2a175e925c6ad1a657
6a6b664e47ef9578917f2498c16dc6b0141fcdf999cd869d23ac47894df2529f
6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862
6fcfb5d250acabeed2c17b0bd4bd826e78abb9235176a8449575376578ee37a6
709b87a2dca13f17c04313e7a1fb1a72c134d549469bcf8f2b197b0e9f9506f6
709ffc22504f44d3b83a216311a6d3fa88e6521cf962540d9b2a2107cd971c8d
73d293ac874aa0b3ed6c70cdc0b3e2553da40156161d4708f58dbd73bee13024
79812d903e4b73281e30f09961a6ed8bdbcbf8bd36c829882d53f1115fd4d465
7c27ef2c9a780df4351e7fa4ba104271be704f4353a185078931e3e931331b5c
7ea4b93fff84081db973f9d3ca96811927d998e4e91b9a95d93c116d0dcb7039
7fc819ea116f42f2b76d9326a9da5fb3554b6d4804cf1e8703387b3902b60399
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89230133af23c2148803e020496c78ddae3816caa47274e69eb7cbe99529cc2f
8bdff539920d92f5c3a121467d4cf862df0c4068df2facb2d7ca29ecb4d7fe1b
8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79
8efac7087552def0e358b8896dbbe43b7ffe2d961746cdc4aea60f7eed3e1384
9173d2acc4dabb4876f885ec225a07a50496a553b6f07fb878e7734b56ccda8d
92198135117fe1b0740d2e3b710d6f634379a74a7b0a8557152659636a08724c
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
a02cc96818c59a84e6ef9b595b26cf3e083e5f28d90d0389ebf132ee84a44c4a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0f57b5646b63504e01c6607c09ec8144ad95144fe79e0323614b07fccfb2b12
b468571983721e0e8522a0901f4a702584ec47df334a48ffc191617d1f3e21b1
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd
b9f65b633a49a499a034c954707d726a90d5571ec8fc571eb7c5e4e59e9b3108
bee228fb9c9632eb4c9a27fabb81d60749bee8823241c675eef42d8caf18fe9d
c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137
c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34
c6810be9b4479828c484c8401db3b5663f78e06f104343467867365abc2a3563
ca5302f20a69cb2fe08a2429cf7268a2d5152d49608b0a954646553c70fd8afd
ca8d039c94e8834c4205107dc19dbaf5ce8ace9006c09bfbcf9bb3907d39135b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d29e1199610f8739281db783f106ab20f30b128d7075cc9a713843fb30f85e2e
d5327d440ec3573f45fe33fa48b7d1fb49cb2fff06a1250d3b57ca0fbe297e86
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7a9f621fb337a760e1ccc2a43ffa30c0beab3b057ad05e171516d65155badcd
d851d84e101ca32d51ff937ef2bcafd53e9f83b53694c73c7d3eb3031357b27d
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dda5370a5f07c71a9dd4e5b44a01d806b90993c53d33884c86c3001323190486
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
e880b231b0d075a14e8eaedc0fb1fa40b752e91d15ace87ecca4ec3e5335887f
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309
ecd12fde65d51bd3c13094ebdb5f4570ca6a1ea6eeea58afca96c52634a5e059
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f134cd20a043c3e8807cb9c93eda49e62ee1324880e815920683968c01a75eea
f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0
f6f011c0b9379c09b5a2fdda17a16749af0e4b207b9e136bedb891cedb2b8cc7
f8b9d3462892ec47c48b0d102bc0f0b8d8550e63fcce4fe9a3c632a5b1d8a3af
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
fb583fc659426a99333d8f7cc2b6b5f98024c357ed0006220426fe9135ae5435
fc80d3d51b357d153a4cb0ee8216352243e6b33965f2a043556a5e0cd416e215

www.thenewstribune.com Open in urlscan Pro 104.111.236.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

103 Requests

100 %HTTPS

40 %IPv6

30 Domains

43 Subdomains

40 IPs

7 Countries

1170 kBTransfer

3802 kBSize

44 Cookies

35 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thenewstribune.com Open in urlscan Pro
104.111.236.243 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

40 %
IPv6

30
Domains

43
Subdomains

40
IPs

7
Countries

1170 kB
Transfer

3802 kB
Size

44
Cookies

103 HTTP transactions
2 data transactions