www.thereporter.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.thereporter.com/
Effective URL:
https://www.thereporter.com/
Submission: On June 30 via api (June 30th 2023, 7:00:29 pm UTC) from US — Scanned from DE

Summary HTTP 161 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 54 IPs in 5 countries across 40 domains to perform 161 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.thereporter.com. The Cisco Umbrella rank of the primary domain is 510037.
TLS certificate: Issued by R3 on June 20th 2023. Valid for: 3 months.

This is the only time www.thereporter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.88.148.105 199.88.148.105	14913 (MEDIA-NEW...) (MEDIA-NEWS-GROUP)
1 29	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	108.157.194.123 108.157.194.123	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:7a00:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::200d	15169 (GOOGLE) (GOOGLE)
1	13.32.99.120 13.32.99.120	16509 (AMAZON-02) (AMAZON-02)
8	108.138.17.66 108.138.17.66	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:245... 2600:9000:2450:e000:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	20.60.62.4 20.60.62.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:245... 2600:9000:2450:7a00:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
1	52.33.58.178 52.33.58.178	16509 (AMAZON-02) (AMAZON-02)
2	34.206.150.15 34.206.150.15	14618 (AMAZON-AES) (AMAZON-AES)
2	3.76.1.100 3.76.1.100	16509 (AMAZON-02) (AMAZON-02)
3	18.66.23.147 18.66.23.147	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:44f... 2600:1f18:44f0:4850:2edb:26e1:441c:ea2d	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:220a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.77 18.66.97.77	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6812:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.110.104 13.32.110.104	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1c26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.75.166 172.67.75.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.5.19.149 3.5.19.149	14618 (AMAZON-AES) (AMAZON-AES)
1	3.225.84.233 3.225.84.233	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.215.114 143.204.215.114	16509 (AMAZON-02) (AMAZON-02)
1	52.216.241.28 52.216.241.28	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.35 13.32.99.35	16509 (AMAZON-02) (AMAZON-02)
2	52.236.186.216 52.236.186.216	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:e600:a:e047:753:be1	() ()
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	13.48.111.81 13.48.111.81	16509 (AMAZON-02) (AMAZON-02)
2	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
161	54

1 199.88.148.105 (United States) 1 redirects

ASN14913 (MEDIA-NEWS-GROUP, US)

m.thereporter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 192.0.66.2 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.thereporter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.194.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-194-123.mxp53.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:7a00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-120.fra60.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.138.17.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-66.fra56.r.cloudfront.net

p644.thereporter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2450:e000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.60.62.4 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prodmg2.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2450:7a00:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.58.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-58-178.us-west-2.compute.amazonaws.com

session.thereporter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.150.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-150-15.compute-1.amazonaws.com

medianewsgroup.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.1.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-1-100.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.23.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-147.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:44f0:4850:2edb:26e1:441c:ea2d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2insights-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.czx5eyk0exbhwp43ya.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pranmcpkx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:220a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-77.fra56.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-104.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1c26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.166 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.19.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.84.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-84-233.compute-1.amazonaws.com

i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-114.fra53.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.241.28 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.236.186.216 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:e600:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fb7954d98401ca4df7f4c784bee32b67.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.48.111.81 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-48-111-81.eu-north-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-dfm-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	thereporter.com 2 redirects m.thereporter.com www.thereporter.com — Cisco Umbrella Rank: 510037 p644.thereporter.com session.thereporter.com	1 MB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 fb7954d98401ca4df7f4c784bee32b67.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	135 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216	205 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 407	148 KB
5	google.com accounts.google.com — Cisco Umbrella Rank: 67 adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	79 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3867 launchpad.privacymanager.io — Cisco Umbrella Rank: 3466 geo.privacymanager.io — Cisco Umbrella Rank: 2056	11 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 438	62 KB
3	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1593	730 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	168 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	7 KB
3	amazonaws.com paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 39328 ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 13582	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	42 KB
3	czx5eyk0exbhwp43ya.biz cdn.czx5eyk0exbhwp43ya.biz — Cisco Umbrella Rank: 40732	645 KB
3	azureedge.net loader-cdn.azureedge.net — Cisco Umbrella Rank: 28565 fp-cdn.azureedge.net — Cisco Umbrella Rank: 51519 g2insights-cdn.azureedge.net — Cisco Umbrella Rank: 51949	73 KB
3	gstatic.com fonts.gstatic.com	81 KB
3	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4834 k.p-n.io — Cisco Umbrella Rank: 3060	58 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	98 KB
2	azurewebsites.net prod-dfm-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 50270	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 683	280 B
2	pranmcpkx.com cdn.pranmcpkx.com — Cisco Umbrella Rank: 29434	5 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1560	103 KB
2	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 11259 i.viafoura.co — Cisco Umbrella Rank: 11243	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	196 KB
2	blueconic.net medianewsgroup.blueconic.net — Cisco Umbrella Rank: 98325	1 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2759 pixel.wp.com — Cisco Umbrella Rank: 2584	5 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 5937	81 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 ajax.googleapis.com — Cisco Umbrella Rank: 433	89 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 11321	109 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 23596	779 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	316 B
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 162	226 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1768	669 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2394	22 KB
1	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 10870	12 KB
1	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3062	21 KB
1	windows.net prodmg2.blob.core.windows.net — Cisco Umbrella Rank: 66900	111 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 7670	38 KB
161	40

	Domain	Requested by
29	www.thereporter.com	1 redirects www.thereporter.com cmp.osano.com
12	tpc.googlesyndication.com	cmp.osano.com www.thereporter.com
10	securepubads.g.doubleclick.net	www.thereporter.com cmp.osano.com az416426.vo.msecnd.net www.googletagservices.com
8	cdn.cookielaw.org	cmp.osano.com cdn.cookielaw.org www.thereporter.com
8	p644.thereporter.com	www.thereporter.com p644.thereporter.com cmp.osano.com az416426.vo.msecnd.net
4	pagead2.googlesyndication.com	az416426.vo.msecnd.net tpc.googlesyndication.com
3	protected-by.clarium.io	www.thereporter.com
3	www.googletagservices.com	www.thereporter.com
3	www.google-analytics.com	cmp.osano.com
3	cdn.czx5eyk0exbhwp43ya.biz	ajax.googleapis.com cmp.osano.com www.thereporter.com
3	fonts.gstatic.com	fonts.googleapis.com
3	c.amazon-adsystem.com	cmp.osano.com c.amazon-adsystem.com
3	accounts.google.com	www.thereporter.com cmp.osano.com accounts.google.com
3	cdn.jsdelivr.net	www.thereporter.com cdn.jsdelivr.net cmp.osano.com
2	prod-dfm-proxy-connext.azurewebsites.net	www.thereporter.com
2	gum.criteo.com	1 redirects cmp.osano.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	geo.privacymanager.io	launchpad.privacymanager.io
2	paywall-ad-bucket.s3.amazonaws.com	www.thereporter.com
2	cdn.pranmcpkx.com	cmp.osano.com
2	cdn.confiant-integrations.net	cmp.osano.com
2	www.googletagmanager.com	cmp.osano.com
2	k.p-n.io	cdn.p-n.io
2	medianewsgroup.blueconic.net	p644.thereporter.com cmp.osano.com
2	cmp.osano.com	www.thereporter.com cmp.osano.com
2	htlbid.com	www.thereporter.com
1	www.google.com	cmp.osano.com
1	mug.criteo.com
1	id5-sync.com	az416426.vo.msecnd.net
1	fb7954d98401ca4df7f4c784bee32b67.safeframe.googlesyndication.com	cmp.osano.com
1	static.criteo.net	cmp.osano.com
1	cdn.prod.uidapi.com	cmp.osano.com
1	cdn.id5-sync.com	cmp.osano.com
1	adservice.google.com	cmp.osano.com
1	ams-pageview-public.s3.amazonaws.com	www.thereporter.com
1	launchpad.privacymanager.io	cmp.osano.com
1	i.viafoura.co	www.thereporter.com
1	api-mg2.db-ip.com	www.thereporter.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	g2insights-cdn.azureedge.net	ajax.googleapis.com
1	fp-cdn.azureedge.net	ajax.googleapis.com
1	sb.scorecardresearch.com	www.thereporter.com
1	launchpad-wrapper.privacymanager.io	cmp.osano.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	loader-cdn.azureedge.net	ajax.googleapis.com
1	pixel.wp.com	www.thereporter.com
1	api.viafoura.co	cdn.viafoura.net
1	session.thereporter.com	www.thereporter.com
1	polyfill.io	ajax.googleapis.com
1	az416426.vo.msecnd.net	www.thereporter.com
1	stats.wp.com	www.thereporter.com
1	cdn.viafoura.net	www.thereporter.com
1	cdn.parsely.com	www.thereporter.com
1	prodmg2.blob.core.windows.net	www.thereporter.com
1	cdn.p-n.io	www.thereporter.com
1	cdn.auth0.com	www.thereporter.com
1	ajax.googleapis.com	www.thereporter.com
1	fonts.googleapis.com	www.thereporter.com
1	m.thereporter.com	1 redirects
161	59

This site contains links to these domains. Also see Links.

Domain
checkout.thereporter.com
www.accuweather.com
enewspaper.thereporter.com
comicskingdom.com
puzzles.comicskingdom.com
www.legacy.com
www.norcalnewsobits.com
www.pageturnpro.com
www.norcalaudiencesolutions.com
businessdirectory.thereporter.com
homesforsale.thereporter.com
myaccount.thereporter.com
facebook.com
twitter.com
instagram.com
www.ocregister.com
www.nydailynews.com
www.denverpost.com
www.pilotonline.com
www.sun-sentinel.com
mng-vacaville.smugmug.com
myworkdaycenter.wd5.myworkdayjobs.com
www.medianewsgroup.com
www.digitalfirstmedia.com
www.capublicnotice.com
my.datasubject.com
vip.wordpress.com
www.tribpub.com
www.iabprivacy.com
optout.aboutads.info
optout.networkadvertising.org
www.aboutads.info
www.onetrust.com

Subject Issuer	Validity	Valid
thereporter.com R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-02-21` - `2023-11-19`	9 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
pushlycdn.com Amazon RSA 2048 M02	`2023-02-27` - `2024-02-13`	a year	crt.sh
m349.eptrail.com Amazon RSA 2048 M01	`2023-05-17` - `2024-06-15`	a year	crt.sh
cmp.osano.com Amazon RSA 2048 M02	`2023-02-21` - `2023-09-30`	7 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-03-20` - `2024-03-20`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
viafoura.com Amazon RSA 2048 M01	`2023-02-28` - `2023-10-06`	7 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.thereporter.com Amazon RSA 2048 M01	`2023-04-19` - `2024-05-18`	a year	crt.sh
*.blueconic.net Amazon RSA 2048 M01	`2023-06-08` - `2024-07-06`	a year	crt.sh
*.p-n.io Amazon RSA 2048 M01	`2023-02-10` - `2024-01-21`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
snibe7egl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
sni2bf2agl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-11-02`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2023-04-20` - `2024-04-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
protected-by.clarium.io Amazon RSA 2048 M01	`2022-12-16` - `2024-01-14`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 02	`2023-03-10` - `2024-03-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.thereporter.com/
Frame ID: 2D726CF5E433DB0B012B922277EB477D
Requests: 129 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: A4B8798A530E1B8938E4729E4DBA32A1
Requests: 1 HTTP requests in this frame

Frame: https://fb7954d98401ca4df7f4c784bee32b67.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9178BCB173F03A615878270BB2EFEC8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.thereporter.com&us_privacy=1---
Frame ID: 0420F8167596C26AD9DE616EAE41E391
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZGLxPbUa_dt3rMa1nI4n9lmQTT4iEOtxqQq4xLU3vdlY4f5ReXDShqI2Xmj4egQOnQDh9EVZALNZ5vLAWDtGlnQDtj2RkZbHS0vZwfrWQCqehROIDSMnw8TAZXG3B-QZq9BatXhSCxZuFYLoGwFty04y3NP58Bn3iCNpSWRvzviHmt7MAviZI90E8spgpSG7mLrpGVueb1Q7hVpvuueFe6asTO0m_oaRpKGnQR59M89Trg8gg31H63oOFlzFv35VhSL1FeVUSJStgEhitvKC_hYDjUQA44g1eKpuk25AHEpYIo-tDuvGG2-OjMWD2Ah5-_esBE-dCTOcmh4v2Bj28NHDQ0iJDgUI-Oa1HVq4&sai=AMfl-YQWyNpE7ShjbHiSV8l998RaSrdtkHKaP-acYHdyPtYLhE1GeSpuT6OVQexK4fRoqdzhINKIJajhlJDZnRo&sig=Cg0ArKJSzLgogFBEfIq8EAE&uach_m=[UACH]&adurl=
Frame ID: 5FE9B32544BFF243E6647C63C2ED40F9
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQwEgVQ3nyTj3rMyL34wXxnk0GgPJUPpGNuu60kt3OqGnTc8H0E_EfYIT0FXB5TPCXglpGwMJBuqL2uzzKZdMww1a7JR-ojy1mpxZ1exPEhvjN8lJcO7OPlmmkASjPpz2Np3ASAZ2Ahnl1rrll8RUtsQuyBkOw9FloAWVUFjxksdDEN8V5thu5sPvZ62YN-UKrUvAOy93SKHWBCQK6rBWziaTDfS6D27S9zLJXwNCLdz6SsC5Zd2pwJdD7g5XD-tisLb5zEzsE0T4DLZnwb0IALgDvm7WVprD3y-640IoFgB1AQT_BF7DPGIc_kbzKT8PcwE6rYEa8wZVfjmvK5jrYtVy0n9WqVygvNQT4KHTT4Q&sai=AMfl-YSUb-AVPuYAAkKq7m8555jN-g20jOtYdyaCndqvlsjLf05TYPzFIUE2uO8vkW1qhZQ_2dsQStmSB4risJg&sig=Cg0ArKJSzMsBjMSwAA7QEAE&uach_m=[UACH]&adurl=
Frame ID: C47ED870F22007C39FA9DA77D856023A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8ELCd1OaEHiJbPqImxV9W8_kEBEf0fuBRxqJsXZvEjhxAlH2XtKOm_o64B0rpuRxavE9ESUXMpjQ1You0QvcFpcLDXLfZuYNEW0W2MIXhYiFjheundggi8_SxXi3QgCIGHO9L-OzoVyyZkug9rzdDRLZspNG-aMOAJADyYkfd_0PVt3LjkQZCfSMihKfL8unrSi_wr61ltHvp4lsliztRqveX85Ut8SPyvrrhguYVKMdiMh3cn83gcs2-wgCYBvmDFjL48-zVSMYREvLw01_b5UnUKkECnqoNwDWWinfY55Jowsi2TxZZeWNCNAVAX9L15iShKdLiLe5wdNSHMhr-6YISQjaJmXroPIwX-TlOaw&sai=AMfl-YSNe4BV_QHF0O5_MjG-WCP9xubOz2Le27p7XPfYusMOzbRn50Bg4-5S7jioZhWUnyw_AeSzporvJC5dMXU&sig=Cg0ArKJSzP-ROtqRb4Z_EAE&uach_m=[UACH]&adurl=
Frame ID: C8EB69130DD8837E4141173D3B253BE8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F67BF7BB7655248F0F64C06AEE295680
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 51F8F9F1E2EEA747F9EE43B8053C538F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thereporter.com covers local news in Vacaville, California. Keep up with all business, local sports, outdoors, local columnists and more.Back ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://m.thereporter.com/ HTTP 301
http://www.thereporter.com/ HTTP 301
https://www.thereporter.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

161
Requests

92 %
HTTPS

52 %
IPv6

40
Domains

59
Subdomains

54
IPs

5
Countries

4064 kB
Transfer

10914 kB
Size

21
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.thereporter.com/?g2i_source=website&g2i_medium=link&g2i_campaign=nav&g2i_or_o=Internet&g2i_or_p=nav&returnUrl=https%253A%252F%252Fwww.thereporter.com%252F
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: http://www.accuweather.com/en/us/vacaville-ca/95688/current-weather/40160_pc?lang=en-us&partner=mng_35
Title: 89°F

Search URL Search Domain Scan URL

URL: https://enewspaper.thereporter.com/
Title: e-Edition

Search URL Search Domain Scan URL

URL: https://comicskingdom.com/?utm_source=dfm
Title: Comics

Search URL Search Domain Scan URL

URL: http://puzzles.comicskingdom.com/?utm_source=dfm
Title: Puzzles

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/thereporter/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://www.norcalnewsobits.com/
Title: Place an Obit

Search URL Search Domain Scan URL

URL: https://www.pageturnpro.com/NORCAL-Community-Newspaper-Group/107068-Solano-Countys-Best-of-2022/sdefault.html
Title: Best of 2022 Magazine

Search URL Search Domain Scan URL

URL: http://www.norcalaudiencesolutions.com/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: http://www.pageturnpro.com/NORCAL-Community-Newspaper-Group/60812-AE-Source-The-Reporter/index.html
Title: A&E Source

Search URL Search Domain Scan URL

URL: https://businessdirectory.thereporter.com/marketplace/
Title: Local Guide

Search URL Search Domain Scan URL

URL: http://homesforsale.thereporter.com/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://businessdirectory.thereporter.com/marketplace/todays_ads/
Title: Today’s Ads

Search URL Search Domain Scan URL

URL: https://myaccount.thereporter.com/vr/preference
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/thereporter
Title: View Obits

Search URL Search Domain Scan URL

URL: https://facebook.com/thereporter
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/vacareporter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/thevacavillereporter
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.ocregister.com/2023/06/29/police-say-tourist-filmed-allegedly-carving-ivanhayley-on-romes-colosseum-has-been-identified/?itm_source=parsely-api
Title: Tourist filmed defacing Rome’s Colosseum has been identified, police say

Search URL Search Domain Scan URL

URL: https://www.nydailynews.com/snyde/ny-madonna-still-sick-after-leaving-hospital-20230630-audy2wfspvg57hqxu3k7jjzezm-story.html?itm_source=parsely-api
Title: Madonna still bedridden, ‘vomiting uncontrollably’ after leaving the hospital: report

Search URL Search Domain Scan URL

URL: https://www.denverpost.com/2023/06/29/united-cancellations-delays-denver-international-airport/
Title: United Airlines troubles worsen at Denver airport with more than 500 cancellations, 1,000 delays over 5 days

Search URL Search Domain Scan URL

URL: http://www.pilotonline.com/2023/06/29/pornhub-blocks-access-to-virginia-users-in-response-to-new-age-verification-law/?itm_source=parsely-api
Title: Pornhub blocks access to Virginia users in response to new age verification law

Search URL Search Domain Scan URL

URL: http://www.sun-sentinel.com/2023/06/29/parkland-school-shooting-verdict-reached-in-ex-deputys-child-neglect-trial/?itm_source=parsely-api
Title: Ex-deputy Scot Peterson found not guilty of all charges in Parkland mass shooting

Search URL Search Domain Scan URL

URL: https://checkout.thereporter.com/?g2i_source=website&g2i_medium=link&g2i_campaign=footer&g2i_or_o=Internet&g2i_or_p=footer
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://mng-vacaville.smugmug.com/
Title: Photo Reprints

Search URL Search Domain Scan URL

URL: https://myworkdaycenter.wd5.myworkdayjobs.com/MNG
Title: Work With Us

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/accessibility-statement/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.digitalfirstmedia.com/advertise-with-us/
Title: MediaNews Group Advertising

Search URL Search Domain Scan URL

URL: https://www.capublicnotice.com/
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://checkout.thereporter.com/?g2i_source=website&g2i_medium=link&g2i_campaign=nav&g2i_or_o=Internet&g2i_or_p=nav&returnUrl=https%3A%2F%2Fwww.thereporter.com%2F
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://www.digitalfirstmedia.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://www.digitalfirstmedia.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy#section-9
Title: California Notice at Collection

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy#financial
Title: Notice of Financial Incentive

Search URL Search Domain Scan URL

URL: https://my.datasubject.com/16A1AnRt2Fn8i1unj/77
Title: Do Not Sell/Share My Personal Information

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/ccpa/
Title: here

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.iabprivacy.com/optout.html
Title: https://www.iabprivacy.com/optout.html

Search URL Search Domain Scan URL

URL: http://optout.aboutads.info/
Title: http://optout.aboutads.info/

Search URL Search Domain Scan URL

URL: http://optout.networkadvertising.org/
Title: http://optout.networkadvertising.org/

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/appchoices
Title: http://www.aboutads.info/appchoices

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/#Tribune_Publishings_use_of_online_analytics_and_interest_based_advertising
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.thereporter.com/ HTTP 301
http://www.thereporter.com/ HTTP 301
https://www.thereporter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 127

https://gum.criteo.com/sid/json?origin=publishertagids&domain=www.thereporter.com&sn=ChromeSyncframe&so=0&topUrl=www.thereporter.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8opG63xNcnl5cHJyMERjTWk5YS96cFcraGs3NUlES2NpOGJEbkd4NGFrSjRBdFJ2djhQSy9RQ1pKNE5WQTRnYXY5K2RWOG9MR2gzcG9maTZzcC92TzNuNHJkNFVDUCtBWDNTeVBqNjFYRkZwQlRUanlxVzZkTm1xS3l1NW16amp5Tkx2ZkUxWkF4YTRkU2dZQm5mYkpCQmVYS01KRFlhbUxXOXE2R0RzRzBlak9OTnR3R2ZUdUs0WGtoK3pzRWZYbUY0bElHNjdPRytoTDNRZTFyU3lJOVpFQTlwZ0dhYjhjb0ppRUMvM3A2L2tOcGsvbUVFNmZqQ0V4SEpiaHoreEtnUkE5YlZpSm01M0VHZHUydlZ5T2kvcUZsZ25DOXdaSk5JbWtxUzh4YlloSWxJWT18&cppv=2

161 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thereporter.com/
Redirect Chain

http://m.thereporter.com/
http://www.thereporter.com/
https://www.thereporter.com/

233 KB
48 KB

321ms
303ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e30e0d0fb970d162bc9d4830615cf751412949a5e397132db2fc4199b880589f

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Strict-Transport-Security

max-age=31536000;includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type: text/html; charset=UTF-8
date: Fri, 30 Jun 2023 19:00:20 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.thereporter.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/adh8z>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains
vary: Accept-Encoding
x-cache: miss
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn2 123 243 443

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 30 Jun 2023 19:00:20 GMT
Location: https://www.thereporter.com/
Server: nginx

GET
H2 200 measuredvibrant.css
www.thereporter.com/wp-content/themes/assets/static/css/ 420 KB
62 KB 8ms
8ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/themes/assets/static/css/measuredvibrant.css?ver=1688069714

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

de1ed9d99a53e5b46254a255dadc139367bb299ce9ac866444b84b1fd81f5dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 20:15:08 GMT
server: nginx
x-rq: hhn2 123 243 443
etag: W/"649de64c-68f91"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 wp-emoji-release.min.js Show response
www.thereporter.com/wp-includes/js/ 18 KB
5 KB 11ms
9ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 20 Jun 2023 18:26:17 GMT
server: nginx
x-rq: hhn2 123 243 443
etag: W/"6491ef49-4904"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 screen.min.css
www.thereporter.com/wp-content/plugins/site-plugins/site-thereporter/static/css/ 0
71 B 9ms
8ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/plugins/site-plugins/site-thereporter/static/css/screen.min.css?m=1670265512g

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 123 242 443
last-modified: Mon, 05 Dec 2022 18:38:32 GMT
server: nginx
etag: "638e3aa8-0"
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 0

GET
H2 200 htlbid.css
htlbid.com/v3/thereporter.com/ 1 KB
543 B 507ms
434ms Stylesheet
text/css 108.157.194.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thereporter.com/htlbid.css?ver=6.2.2
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.194.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-194-123.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8bd6af2d953e076cb3e255e0c2328e020c672632302230f9896e07b2ba01ca65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: br
via: 1.1 3de0ed29a487a6f92da6f95631474aee.cloudfront.net (CloudFront)
last-modified: Mon, 05 Jun 2023 22:55:44 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P2
x-amz-server-side-encryption: AES256
etag: W/"a1a24bc8de60aa36a1b2db034c6f5a6e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: -kTTweb6iqFEa75hqonJyk_CMxboSrnS6S7RnwEVgxYFNN6AiKWIbA==

GET
H2 200 style.css
www.thereporter.com/wp-content/client-mu-plugins/src/Sitemap/includes/ 880 B
392 B 10ms
9ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/client-mu-plugins/src/Sitemap/includes/style.css?m=1672871479g

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 04 Jan 2023 22:31:19 GMT
server: nginx
x-rq: hhn2 123 243 443
etag: W/"63b5fe37-370"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 mng-digisubs.styles.css
www.thereporter.com/wp-content/plugins/mng-digisubs/static/ 14 KB
5 KB 10ms
9ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/plugins/mng-digisubs/static/mng-digisubs.styles.css?ver=6.2.2

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

aff8084000d2c0e029860444700f6c44b5d0124101ae9f87a9bb7d6b574fe24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 16:18:14 GMT
server: nginx
x-rq: hhn2 123 242 443
etag: W/"649daec6-385c"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 mobile-adhesion-style.css
www.thereporter.com/wp-content/client-mu-plugins/src/Ads/assets/css/ 1 KB
460 B 10ms
9ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/client-mu-plugins/src/Ads/assets/css/mobile-adhesion-style.css?m=1672871479g

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 04 Jan 2023 22:31:19 GMT
server: nginx
x-rq: hhn2 123 242 443
etag: W/"63b5fe37-441"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 56 KB
9 KB 38ms
8ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Jun 2023 19:00:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6952910
x-jsd-version: 1.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8819
x-served-by: cache-fra-etou8220097-FRA
x-jsd-version-type: version
etag: W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 48ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.2.2

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a427ed185d88f3532615503efeec9c1afc35cb984aeda357b789701d152747d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thereporter.com/
Origin: https://www.thereporter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 19:00:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 19:00:21 GMT

GET
H2 200 /
www.thereporter.com/_static/ 98 KB
18 KB 10ms
10ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/_static/??-eJyNj9EKgzAMRX9obdQH0YexbyltlG62CSad+PerMGEwBnvLvck93MDGxlNWzAq8lDlmgTAl44JJFAREnUYPXuroV8RsU8y2ygv8SD6jm6iszvBKSroznpDPrRXdF5QvUirmhN1R2fmHaTvbQS1T6j1sMcyoAkpsmESPhhX0N+d45G0cmVu6tv0wNP3YjO0LB9liaQ==

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4fe7d8233af6c4aae18ed333b6df88155c7c9440b56c1d9c4215238f722db335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 20:04:51 GMT
server: nginx
x-rq: hhn2 123 242 443
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000

GET
H2 200 htlbid.js Show response
htlbid.com/v3/thereporter.com/ 400 KB
109 KB 461ms
461ms Script
application/javascript 108.157.194.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thereporter.com/htlbid.js?ver=6.2.2
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.194.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-194-123.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7145861b63f46a68c2ba65c797aa76b530aa56634214c7ccc8a69364f7e87e60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: br
via: 1.1 3de0ed29a487a6f92da6f95631474aee.cloudfront.net (CloudFront)
last-modified: Mon, 05 Jun 2023 22:55:43 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P2
x-amz-server-side-encryption: AES256
etag: W/"97a063c3a2586246ebce2c6eb71cba91"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: XIlgHCzeMBP0ff0rnT_MsKjsXdoEOVIE8n3kus8BcHiw7Oy3AT9XfA==

GET
H2 200 sso-tools.min.js Show response
www.thereporter.com/wp-content/client-mu-plugins/src/SSO/assets/js/ 5 KB
1 KB 10ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1672871479g

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

feb0e7f17014201ea9124f23e3f63965411385abf0103fc682595d0674087a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 04 Jan 2023 22:31:19 GMT
server: nginx
x-rq: hhn2 123 243 443
etag: W/"63b5fe37-1536"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
88 KB 39ms
9ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:51 GMT
x-content-type-options: nosniff
age: 187470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89476
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 14:55:51 GMT

GET
H2 200 loader.min.js Show response
www.thereporter.com/wp-content/plugins/loader-wp/static/ 19 KB
6 KB 10ms
8ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.8

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

55ae555c3de73491aeff78da9644886ef48e990ef46e73b9206e741a1a89ef92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 22 Jun 2023 15:17:02 GMT
server: nginx
x-rq: hhn2 123 242 443
etag: W/"649465ee-4c3d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 auth0-spa-js.production.js Show response
cdn.auth0.com/js/auth0-spa-js/1.13/ 105 KB
38 KB 59ms
10ms Script
application/javascript 2600:9000:214f:7a00:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=6.2.2
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7a00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding: gzip
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
date: Fri, 30 Jun 2023 17:08:34 GMT
last-modified: Thu, 07 Jan 2021 14:32:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 6708
etag: W/"8bea9e0d733d097381a1b5eb8c40983d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=10800,public
x-amz-replication-status: FAILED
x-amz-cf-id: sAGHfPA9H9IOsndqPX7R2yVIyq07YUFnHYum0Pz_tbpnpuU9ZHciVw==

GET
H2 200 client Show response
accounts.google.com/gsi/ 193 KB
76 KB 66ms
38ms Script
application/javascript 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client?ver=6.2.2

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2255355ef9ea2477f20f81567e53ee272cdf6a20309d0b812a9fbcab481eb860

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1lb3cCqxhXRkQfO8hIe63w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-1lb3cCqxhXRkQfO8hIe63w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 30 Jun 2023 19:00:21 GMT

GET
H2 200 / Show response
www.thereporter.com/_static/ 290 KB
95 KB 10ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/_static/??-eJylzMEOQDAQBNAfokuCcBBXv1HVNCvtErsNn69O4sppksnMg2PLzUpiSWDz0SExBHL5jA45TgwsWtC8OhU0kpoizd6qhTP4YqQD2VP+MmmM4m1IyX+tiKO+gf2BhtCXTdsWdV111XIBv5RxIg==

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

947b3447366a61d547c23e80651d4595f0694cbedbe29227dc4eb6a7ca101df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 16:18:14 GMT
server: nginx
x-rq: hhn2 123 243 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 300 KB
58 KB 59ms
14ms Script
application/javascript 13.32.99.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=WzK76JChZu8eSC0TTrqi4UMtlX0XD5dDL7UH&ver=6.2.2
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b74e5e9e8713f3d6e108a5b835c10c873f6252d02889a38d304a3bf57caba952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
last-modified: Fri, 30 Jun 2023 04:05:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 557
x-amz-server-side-encryption: AES256
etag: W/"b0f88e4ac1cb0008106132f3bbed6124"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: AV6DqePDfpNSaxrD_-ve3CCPfVmfMSUDcXIi9xwdCWRs0nCt8iP33A==

GET
H2 200 dfm-pushly.min.js Show response
www.thereporter.com/wp-content/plugins/dfm-pushly/static/js/ 160 B
205 B 11ms
8ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1688055494g

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 123 243 443
last-modified: Thu, 29 Jun 2023 16:18:14 GMT
server: nginx
etag: "649daec6-a0"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160

GET
H2 200 script.js Show response
p644.thereporter.com/ 155 KB
46 KB 51ms
10ms Script
text/javascript 108.138.17.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p644.thereporter.com/script.js

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-66.fra56.r.cloudfront.net

Software

- /

Resource Hash

66ad4b06dd35da5d0c5a8ba094616d9fff17a44882192cd820cb0e46ef4bbbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 18:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
age: 490
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 46052
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jun 2023 18:52:03 GMT
server: -
etag: 565a06506bddbe57d6345c9623fe6af8
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: Pf7oOHaC41dmpHGiWfYM3hWxcy5hyxqg5iAdM20teScD0cFnRoKf4A==
expires: Fri, 30 Jun 2023 19:02:11 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 354 KB
80 KB 105ms
34ms Script
application/javascript 2600:9000:2450:e000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:e000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6e631293b9e324745b57f8229f3b4588c1cf09bbf4d1c69c0e5496db5bb12e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 18:59:41 GMT
content-encoding: br
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG50-P4
age: 40
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 81408
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 30 Jun 2023 18:18:41 GMT
server: CloudFront
etag: "81dba3b91ea508f15884f265aa7480d5"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: 0FoTmSdwDpI3I39dFT5WXcua2ml2soUftvPqkoWAm8QnlJecZ5-eOw==

GET
H/1.1 200
OK MG2Widget-newsletterwidget-nojquery.min.js Show response
prodmg2.blob.core.windows.net/newsletterwidget/mng/dfm/ 110 KB
111 KB 414ms
100ms Script
application/javascript 20.60.62.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmg2.blob.core.windows.net/newsletterwidget/mng/dfm/MG2Widget-newsletterwidget-nojquery.min.js
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2ecf69d9fb8539e9f6d4e044f126b8fd00e83ff6c8444bc8fda1e11403e50ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 30 Jun 2023 19:00:20 GMT
Last-Modified: Thu, 12 Apr 2018 08:56:48 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: B+XdhqRpOdmGctTBzubJpg==
ETag: 0x8D5A053538677F7
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 3d231463-301e-002a-7a85-ab28ae000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 112680

GET
H2 200 / Show response
www.thereporter.com/_static/ 53 KB
18 KB 19ms
17ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/_static/??/wp-content/plugins/dfm-ad-mods/static/js/hhsl-check.min.js,/wp-content/plugins/mng-digisubs/static/mng-digisubs.articleShare.bundle.js?m=1688055494j

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0152a088a37330522c1458229707cbc27e42f802e1ba385d887b8a0069927618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 16:18:14 GMT
server: nginx
x-rq: hhn2 123 242 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 VAC_main.svg
www.thereporter.com/wp-content/uploads/2018/08/ 28 KB
10 KB 7ms
7ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thereporter.com/wp-content/uploads/2018/08/VAC_main.svg

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d5b5a0367cfb0697eb135a7372c1deaceb0f6b30ff298366afdae6de0946847f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Fri, 14 Sep 2018 18:35:00 GMT
server: nginx
x-rq: hhn2 109 144 443
etag: W/"29de5e03574ed135"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000

GET
H2 200 SOHnew.png
www.thereporter.com/wp-content/uploads/2022/08/ 26 KB
26 KB 8ms
7ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thereporter.com/wp-content/uploads/2022/08/SOHnew.png

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e223243e990844f1e58f7aac4c159a132c3f4d2150be378a3247c6b79abe9453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 139 443
last-modified: Wed, 03 May 2023 18:11:35 GMT
server: nginx
etag: "6dbe12ffca6e0c74"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26494

GET
H2 200 VAC-Filler-Photo.png
www.thereporter.com/wp-content/uploads/2018/08/ 587 KB
588 KB 8ms
8ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thereporter.com/wp-content/uploads/2018/08/VAC-Filler-Photo.png

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e9b537a01b2cb28719365ef6e05a6ca665a128d6cd8e98ba74de34807cceef8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 142 443
last-modified: Thu, 04 May 2023 04:53:01 GMT
server: nginx
etag: "34bcbb3a085d33f9"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 600926

GET
H2 200 / Show response
www.thereporter.com/_static/ 58 KB
21 KB 8ms
8ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/_static/??-eJyVkNFuwzAIRX9oDt0qVenDtG/xYpaQYrAMbpV+/RKpfZhUTe0rnMMF4FLCoOIoDoXbSGKQZQyTM0QzdINE5vdayJqsyyTdbG/wwC2TusoPMcMZJWmFQoO3ilvpNZHjdTG64p88koFbQoP5ttgNXltFedn8lcHqz0gVR1zZ6FpDbeKU8cWsf/FJ9fTwWbmF+9nbrFgNeQn7rofvRpyANSasq/WVP98Pfb87HHfHj/kXS0eftQ==

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e9ab8b73e9477f11ebabddc0426370dfad8a24cccfd1b116942a8f7ec91bfd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 20:04:52 GMT
server: nginx
x-rq: hhn2 123 243 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thereporter.com/ 56 KB
21 KB 52ms
9ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thereporter.com/p.js?ver=3.8.4
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f69935888cbeed993f202fc358a84d6b6628bc2e92b124ee937f27f78cee133a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Fri, 30 Jun 2023 05:10:44 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Fri, 31 Dec 2021 19:19:21 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 49777
etag: W/"61cf57b9-df44"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: CrNeouycruoH60rwrnIjCZP1A0ZhC3yBRFZvJxp2gEQvmcwMv1oURQ==
expires: Sat, 01 Jul 2023 05:10:44 GMT

GET
H2 200 ads.js Show response
www.thereporter.com/wp-content/themes/wp-mason/static/js/ 87 B
132 B 7ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 123 242 443
last-modified: Mon, 05 Dec 2022 18:38:32 GMT
server: nginx
etag: "638e3aa8-57"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87

GET
H2 200 / Show response
www.thereporter.com/_static/ 112 KB
30 KB 12ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/_static/??-eJydzkEKwjAQQNELmU51UetCPEtM0jY1MxM6k4q3t6ALBRHr9sODD9dsHJMGUtAhYBCwIkEFRK1GB6OAY0Smyg2FLhVGqkbZwA8uc7p1MSVZgzBYKVPwczxPlvQLXQpaYXrBiXs2EXtjVadPNKfSRxLwHRrrDbKXN760x9F6LDuaow/8h8ysy/UTnvC4bdq2bg77uh3v1c6aMg==

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

08c7516496acbd43355eade6e10c9c202a4c045c01b05e950f6c7456796c05b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 20:15:08 GMT
server: nginx
x-rq: hhn2 123 243 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 index.js Show response
cdn.viafoura.net/entry/ 35 KB
12 KB 80ms
20ms Script
text/javascript 2600:9000:2450:7a00:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/entry/index.js?ver=2.0
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:7a00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec39731f213524c0c4fb04959b24ba04ec9855e2d6d916fe1015674e38a1b511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: LFejblL3ol0ldASz1O2IM7mPz8vQ_saL
content-encoding: br
via: 1.1 9d1195da2196f119f0b70fe9bda25e10.cloudfront.net (CloudFront)
date: Fri, 30 Jun 2023 18:56:09 GMT
x-amz-cf-pop: CDG50-P4
age: 254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 26 Jun 2023 12:54:01 GMT
server: AmazonS3
etag: W/"1a56ecabf4519ecef4443865eff81eda"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=600,s-max-age=60
x-amz-cf-id: fSYKrGTLUw2p_bT8SInIf3LGs5adHnFDVh8P8Jp7-0xT4q74o96swg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
26 KB 103ms
59ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js?ver=2.0

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ff85e14ab7393bb38237a5217381812a1dbcfdc7c1c43b791e7e2a02261e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26100
x-xss-protection: 0
server: cafe
etag: 335 / 19538 / 31075788 / config-hash: 327100832698525116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 19:00:22 GMT

GET
H2 200 dfm-viafoura.main.bundle.js Show response
www.thereporter.com/wp-content/plugins/dfm-viafoura-prototype/static/ 24 KB
8 KB 8ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/plugins/dfm-viafoura-prototype/static/dfm-viafoura.main.bundle.js?m=1687296121g

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

820bbf383e1e212ca7bd59f29af6ab490ea9da86e84d61ed3322b9c77ac2fc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 20 Jun 2023 21:22:01 GMT
server: nginx
x-rq: hhn2 123 242 443
etag: W/"64921879-603c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 e-202326.js Show response
stats.wp.com/ 13 KB
4 KB 37ms
10ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202326.js
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: br
last-modified: Fri, 19 May 2023 02:56:22 GMT
server: nginx
etag: W/"6466e556-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 23 Jun 2024 21:00:08 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 45ms
7ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 711
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 18818fe8-d01e-00e7-6d83-ab5cf2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 30 Jun 2023 19:30:22 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
669 B 37ms
10ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 19:00:22 GMT
age: 914703
detected-user-agent: Chrome/114.0.0
useragent_normaliser: chrome/114.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/114.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 session Show response
session.thereporter.com/api/ 93 B
256 B 537ms
167ms XHR
application/json 52.33.58.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.thereporter.com/api/session
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/_static/??-eJylzMEOQDAQBNAfokuCcBBXv1HVNCvtErsNn69O4sppksnMg2PLzUpiSWDz0SExBHL5jA45TgwsWtC8OhU0kpoizd6qhTP4YqQD2VP+MmmM4m1IyX+tiKO+gf2BhtCXTdsWdV111XIBv5RxIg==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.58.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-58-178.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.thereporter.com
date: Fri, 30 Jun 2023 19:00:22 GMT
access-control-allow-credentials: true
content-length: 93
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 cs Show response
medianewsgroup.blueconic.net/DG/DEFAULT/ 16 B
701 B 316ms
102ms Script
text/javascript 34.206.150.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://medianewsgroup.blueconic.net/DG/DEFAULT/cs?&callback=bc_json603

Requested by

Host: p644.thereporter.com
URL: https://p644.thereporter.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.206.150.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-150-15.compute-1.amazonaws.com

Software

- /

Resource Hash

39a8f2c4850593fd18dbdc75dc0cdd9f6fe73e34d77e9d612cb4ff257c8a866c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK e793da79-bc40-4e33-966a-65714eec4301
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/e793da79-bc40-4e33-966a-65714eec4301
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 42ms
8ms Fetch 3.76.1.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=WzK76JChZu8eSC0TTrqi4UMtlX0XD5dDL7UH&ver=6.2.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.1.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-1-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 19:00:22 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 8ms
8ms Fetch 3.76.1.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=WzK76JChZu8eSC0TTrqi4UMtlX0XD5dDL7UH&ver=6.2.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.1.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-1-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 19:00:22 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
26 KB 129ms
97ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

024f44142822eff2a6a3f7983d6123537397f01b525f52122d90ff512d78189b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26087
x-xss-protection: 0
server: cafe
etag: 4 / 19538 / m202306270101 / config-hash: 327100832698525116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 19:00:22 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 73ms
23ms Script
application/javascript 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 18:02:09 GMT
content-encoding: gzip
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 e34b146b2a4038019e9b2a95fac837fc.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 3494
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: N5LR3cT2K-46NPqCfUmS_eSt9YRaJbaifQbXoY7NXYtNRfOdHBqr-Q==

GET
H2 200 cs Show response
medianewsgroup.blueconic.net/DG/DEFAULT/ 16 B
699 B 316ms
103ms Script
text/javascript 34.206.150.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://medianewsgroup.blueconic.net/DG/DEFAULT/cs?&callback=bc_json604

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.206.150.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-150-15.compute-1.amazonaws.com

Software

- /

Resource Hash

a1ea29e281d91f7a062688016f3bc3e99a08bebae7db5c68812c015f6b2af6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 5f0e2327-f666-47a6-bcce-78e30ff4688c
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/5f0e2327-f666-47a6-bcce-78e30ff4688c
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a6bb52b1-d3f4-41a8-bbb7-0452b55200e2
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/a6bb52b1-d3f4-41a8-bbb7-0452b55200e2
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Referer
Origin: https://www.thereporter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thereporter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 11:05:17 GMT
x-content-type-options: nosniff
age: 546905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 11:05:17 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 41ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thereporter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:20:43 GMT
x-content-type-options: nosniff
age: 524379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:20:43 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 19ms
7ms Font
font/woff2 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin: https://www.thereporter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Jun 2023 19:00:22 GMT
x-content-type-options: nosniff
age: 3954932
x-jsd-version: 1.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 90528
x-served-by: cache-fra-eddf8230104-FRA
x-jsd-version-type: version
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 44ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thereporter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 00:06:44 GMT
x-content-type-options: nosniff
age: 586418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 00:06:44 GMT

GET
H2 200 VAC-L-BRAMES-0618-01.jpg
www.thereporter.com/wp-content/uploads/2023/06/ 61 KB
62 KB 8ms
8ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thereporter.com/wp-content/uploads/2023/06/VAC-L-BRAMES-0618-01.jpg?w=467

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d252b6def69e973f97533faa3299eb1caedff3f63b9744dd81f6018886d3e9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 28 443
last-modified: Sun, 18 Jun 2023 19:53:02 GMT
server: nginx
etag: "14819a7a3021db20"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 62856

GET
H2 200 FAIR1.jpg
www.thereporter.com/wp-content/uploads/2023/06/ 49 KB
49 KB 9ms
8ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thereporter.com/wp-content/uploads/2023/06/FAIR1.jpg?w=318

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ee04a8e34d170a8bdde8a635f68d2ff80b5306c7ba209c58ea09a9fdbf3bac02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 30 443
last-modified: Wed, 28 Jun 2023 19:46:35 GMT
server: nginx
etag: "73d12d66e2dc395a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 50084

GET
H2 200 FLYWAYCENTER.jpg
www.thereporter.com/wp-content/uploads/2023/06/ 21 KB
21 KB 9ms
8ms Image
image/jpeg 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thereporter.com/wp-content/uploads/2023/06/FLYWAYCENTER.jpg?w=287

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ad6a90222190eef907f73a59d343678096583629e59d30438fa3d5c1e95293d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 27 443
last-modified: Wed, 28 Jun 2023 19:46:35 GMT
server: nginx
etag: "c8f4cd3cd4bba0a0"
vary: Accept
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21381

GET
H2 200 common.chunk.min.js Show response
www.thereporter.com/wp-content/themes/assets/static/js/ 42 KB
10 KB 7ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/themes/assets/static/js/common.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 17:13:43 GMT
server: nginx
x-rq: hhn2 123 243 443
etag: W/"649dbbc7-a619"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 common-async.chunk.min.js Show response
www.thereporter.com/wp-content/themes/assets/static/js/ 64 KB
9 KB 7ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a832c721859e66024092445300431d52b19ce96eb53588ad13954e78be2a8580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 20:15:08 GMT
server: nginx
x-rq: hhn2 123 243 443
etag: W/"649de64c-10029"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 measuredvibrant-async.chunk.min.js Show response
www.thereporter.com/wp-content/themes/assets/static/js/ 3 KB
1 KB 8ms
8ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thereporter.com/wp-content/themes/assets/static/js/measuredvibrant-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b9b255031ea3667a75c31a52b4608aae035fbb22b72e257a29a4fb1f84db1a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 29 Jun 2023 17:13:43 GMT
server: nginx
x-rq: hhn2 123 242 443
etag: W/"649dbbc7-c79"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 67ms
64ms Stylesheet
text/css 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9UbcEdjLIZpe_Jnx4mG_mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-9UbcEdjLIZpe_Jnx4mG_mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 30 Jun 2023 19:00:22 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
530 B 36ms
36ms XHR
application/json 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=186687227862-a5rg25s6h18741s8oplqfvuav96dammb.apps.googleusercontent.com&as=MZjQWFP6dijOWFR1u5bTbA

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4226330cc300101ffc4a0f9828cf2a23480db0f0904ce9fb564c98a8a353b2ed

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-M65KKIS8TVOlNrpFyrETuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-M65KKIS8TVOlNrpFyrETuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thereporter.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 529 KB
124 KB 92ms
69ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d11c80612363d2f33d21ff4a5ed5ba296acae5bfaf84c3c82ae92d7cebfbe2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 126076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Jun 2023 19:00:23 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 58ms
19ms XHR
application/javascript 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
date: Fri, 30 Jun 2023 09:28:38 GMT
x-amz-cf-pop: VIE50-P1
age: 34305
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 1VQ55htXl2SfY4ajUK1piG8EU51qu7ETJ3zygWLBEA-3yms57_qG7Q==

GET
BLOB 200
OK fc364b12-6028-4b87-ad87-50d0c266d77c
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/fc364b12-6028-4b87-ad87-50d0c266d77c
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 / Show response
cmp.osano.com/ Frame A4B8 4 KB
1 KB 18ms
17ms Document
text/html 2600:9000:2450:e000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:e000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thereporter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28039
content-encoding: br
content-type: text/html
date: Fri, 30 Jun 2023 11:13:04 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-id: 10f5gY20IuWG0J5Gqjp6pyvTpLhmrcRAa5hfy4Z6ELJ71WHITmUQ7Q==
x-amz-cf-pop: CDG50-P4
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 v2 Show response
api.viafoura.co/v2/www.thereporter.com/bootstrap/ 7 KB
3 KB 363ms
117ms Fetch
application/json 2600:1f18:44f0:4850:2edb:26e1:441c:ea2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.thereporter.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js?ver=2.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4850:2edb:26e1:441c:ea2d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4dd6d6642192d12c4ced6d3bbd1a101672e6645dba0fdc6074de76024d6852cf

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-instance-id: i-0f634dbd2cab02dea
pragma: no-cache
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.thereporter.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Fri, 30 Jun 2023 19:00:23 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 391 KB
125 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 11:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27294
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127464
x-xss-protection: 0
server: cafe
etag: 4704578582152062329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 29 Jun 2024 11:25:28 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 12ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=150927503&post=0&tz=-7&srv=www.thereporter.com&hp=vip&j=1%3A12.2.1&host=www.thereporter.com&ref=&fcp=2632&rand=0.3638672531386955
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 19:00:22 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 loader-config.json Show response
loader-cdn.azureedge.net/prod/dfm/ 4 KB
2 KB 82ms
8ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1688151621612
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB2) /
Resource Hash: 5ce0cb7f558c1aca9c6e94c7d85d76db859218132923c039b7ef7b38a29f8dfd

Request headers

Accept: */*
Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
content-md5: 1iDtMuqZEAqLGRPxG2wEug==
age: 40501
x-cache: HIT
content-length: 1300
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 07:44:01 GMT
server: ECAcc (frc/4CB2)
etag: 0x8DB6B18C9F2D8E6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: baa25861-b01e-0056-3e26-ab0651000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

POST
H2 200 602 Show response
p644.thereporter.com/DG/DEFAULT/rest/rpc/ 67 KB
12 KB 384ms
383ms XHR
application/json 108.138.17.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p644.thereporter.com/DG/DEFAULT/rest/rpc/602?referer=https%3A%2F%2Fwww.thereporter.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-06-30T19%3A00%3A23%2B00%3A00&ts=1688151623018

Requested by

Host: p644.thereporter.com
URL: https://p644.thereporter.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-66.fra56.r.cloudfront.net

Software

- /

Resource Hash

82e967cfd6e2135b773c02bb3f4f100cccea480271b55ad2bbb4acebae694b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11200
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thereporter.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 9VVXUu5MZY2E9hPJ-QWxXo81zGCtr1tjdHNq4n5FPkUJECIOH0faDg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 602 Show response
p644.thereporter.com/DG/DEFAULT/rest/rpc/ 112 B
1 KB 386ms
386ms XHR
application/json 108.138.17.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p644.thereporter.com/DG/DEFAULT/rest/rpc/602?referer=https%3A%2F%2Fwww.thereporter.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-06-30T19%3A00%3A23%2B00%3A00&ts=1688151623018

Requested by

Host: p644.thereporter.com
URL: https://p644.thereporter.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-66.fra56.r.cloudfront.net

Software

- /

Resource Hash

634f11af209a9e28efedd636aa95a4a38d2344963d36597717dfa23853ec2a26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 123
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thereporter.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: SDmaFxTiwRtgqIz4zUQci8lJHt5upeI8GuPT8zYq_z9sEr8cAxEmEg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 320 B
673 B 156ms
156ms XHR
application/json 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3391&u=https%3A%2F%2Fwww.thereporter.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 7bd8b3e8c5d0f5c0a1c5ed3b69c09e4ae5edb40519ad8a1882b007ac3bf91901

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:22 GMT
via: 1.1 e34b146b2a4038019e9b2a95fac837fc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.thereporter.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 320
x-amz-cf-id: o0U851ri_y570F8ZgROJFVOQ6RIKzhjkl6BgXr-F-BdAPqtHqpi5ug==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
507 B 100ms
46ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.thereporter.com%2F&pid=CLeLzJMRCJvF2&cb=0&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%2F8013%2Fthereporter.com%2Fhome%2Fsponsorship_1%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8013%2Fthereporter.com%2Fhome%2Ftop_leaderboard%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F8013%2Fthereporter.com%2Fhome%2Fcube1_rrail_atf%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&gpp=DBACOe~~~&gpp_sid=%5B2%5D&gdpre=1&gdprc=CPuLQ4APuLQ4AEXbXADEDFCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: DV8VPEMW4A4PG9DX6FSV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thereporter.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: IDaVEkZhKijMIkxvqjMiG5Z7SxAe1k1gJYNa6_hiKuNY82c7RdaQFw==

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/ 117 KB
28 KB 176ms
140ms Script
text/javascript 2606:4700:4400::6812:220a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/config.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89501de39ac107e6a08428a0841a90ef3247de81e4c11a8764d9c73a4bedc026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 30 Jun 2023 18:20:13 GMT
server: cloudflare
x-amz-request-id: YH88YPH947TS26SY
etag: W/"d54e35b542fa83bfa8ba57cb4d09a7c9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7df8a6dcea6d8fec-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: S+zpvRfzsqvB7oKrP7Ow/OdHiDwKr8tMjcf2izB3IDiHaFmWptxKqoBtHFzKIyctdWi0ZXYnE8g=

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/ 9 KB
2 KB 49ms
8ms Script
text/javascript 18.66.97.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/launchpad-liveramp.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21b580c0e786d0ff2b8ef69d2808f19c17e9106f4effdf1771475ac870c81ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 20:00:30 GMT
x-amz-version-id: WVJHJlCeP1N2IpvGFdgw87IN7xdjr1fa
content-encoding: gzip
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 82794
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 18 Jul 2022 17:01:39 GMT
server: AmazonS3
etag: W/"456ed7d264d33c8630706e5b37966010"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: tTxcqhv2RbSQvUKx8Y4VlZ7Czjb7hgF--uVCm_wWGK-4ujjC7JYSHQ==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 47ms
19ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ss3gfiwT9vXTSvNlfc+4JQ==
age: 8839
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6820
x-ms-lease-status: unlocked
last-modified: Thu, 29 Jun 2023 19:28:10 GMT
server: cloudflare
etag: 0x8DB78D6F96BC8B6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 523552d4-401e-00f0-4dc2-aa0888000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7df8a6dcee3f6925-FRA

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 89ms
34ms Image
text/plain 13.32.110.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1688151623133&ns_c=UTF-8&c8=Thereporter.com%20covers%20local%20news%20in%20Vacaville%2C%20California.%20Keep%20up%20with%20all%20business%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&c7=https%3A%2F%2Fwww.thereporter.com%2F&c9=
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-104.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
via: 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: gF7e77pDJjE9w2muyhk5vWmwg8jDrBnCi3clpgWRpyQt7JbV38SqxA==
x-cache: Miss from cloudfront

GET
H2 200 fp.min.js Show response
fp-cdn.azureedge.net/prod/dfm/ 65 KB
23 KB 38ms
9ms XHR
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CEC) /
Resource Hash: f3988a8a95c5faec9bb5307667596b220a12d277072950244393b5f33091e2fb

Request headers

Accept: */*
Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
content-md5: VJ6k3v9dRV/0qT39eqFDjw==
age: 17060
x-cache: HIT
content-length: 23424
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 14:09:43 GMT
server: ECAcc (frc/4CEC)
etag: 0x8DB6B4EABC41F1B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d431df7c-501e-0003-3b5d-ab16da000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
g2insights-cdn.azureedge.net/prod/dfm/ 220 KB
48 KB 45ms
9ms XHR
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE7) /
Resource Hash: 743fab9929b06e6ea08ee7296b84d0068d27d9fe7552b69f351a3298b968910a

Request headers

Accept: */*
Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
content-md5: 3vlRE270poARifXWcdSFQA==
age: 15643
x-cache: HIT
content-length: 49062
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 07:19:27 GMT
server: ECAcc (frc/4CE7)
etag: 0x8DB6B155BA909D6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ac74d82f-001e-001e-5560-ab1b66000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 879 KB
205 KB 88ms
8ms XHR
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 1313e544d95566c0ed767f40117a8287940c2856fb450d6a4224b8db33a97902

Request headers

Accept: */*
Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
content-md5: TKR/2Tq6xUUECucxJTe0nw==
age: 8047
x-cache: HIT
content-length: 209412
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 07:14:24 GMT
server: ECAcc (frc/4CC2)
etag: 0x8DB6B14A70BE01E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2e5334f3-701e-00ad-4a72-abbbcb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
BLOB 200
OK a1e81cf7-366d-4d2b-9659-3b7c1762e114
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/a1e81cf7-366d-4d2b-9659-3b7c1762e114
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 8b7b6620-a7a0-4b13-abe1-dc5f5e772a2f
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/8b7b6620-a7a0-4b13-abe1-dc5f5e772a2f
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 1031_NWS_VAC-L-SCPROBATION-01.jpg
www.thereporter.com/wp-content/uploads/2021/10/ 16 KB
16 KB 8ms
8ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thereporter.com/wp-content/uploads/2021/10/1031_NWS_VAC-L-SCPROBATION-01.jpg?w=225

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c5d1668d9c953f6acb29986eed3d4fb52924791fbfd83e230a90ae84cf150f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 27 443
last-modified: Fri, 30 Jun 2023 12:05:26 GMT
server: nginx
etag: "427547c2a04211cd"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16308

GET
H2 200 PENAADOBE-01.jpg
www.thereporter.com/wp-content/uploads/2023/06/ 37 KB
37 KB 9ms
8ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thereporter.com/wp-content/uploads/2023/06/PENAADOBE-01.jpg?w=356

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4c34133e47c0c3822c0a1787642b326f35e3afcb32a977cc48e4ed227ada4967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 27 443
last-modified: Fri, 30 Jun 2023 12:05:26 GMT
server: nginx
etag: "5ee880c2389ec2f9"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38064

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 62ms
15ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 17:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6942
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 30 Jun 2023 19:04:41 GMT

GET
H2 200 1c206a7b-4620-4af6-ab1e-788ad8dbaef4.json Show response
cdn.cookielaw.org/consent/1c206a7b-4620-4af6-ab1e-788ad8dbaef4/ 3 KB
2 KB 45ms
29ms XHR
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1c206a7b-4620-4af6-ab1e-788ad8dbaef4/1c206a7b-4620-4af6-ab1e-788ad8dbaef4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20e98b335721c81d56cf4c48dfee8d9ca5be81ac71337db9044fa641781d97c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 20776
content-md5: OjKCeoOqYJKv0lXGtJEnDQ==
content-length: 1441
x-ms-lease-status: unlocked
last-modified: Mon, 08 Aug 2022 02:10:37 GMT
server: cloudflare
etag: 0x8DA78E32FAABFC3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 56e5b787-801e-00ed-2eca-a3d162000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7df8a6dd5adf1db0-FRA
expires: Sat, 01 Jul 2023 19:00:23 GMT

GET
BLOB 200
OK 72533165-c273-44be-be90-1389fd2bb4be
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/72533165-c273-44be-be90-1389fd2bb4be
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 18:25:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 30 Jun 2023 19:25:52 GMT

GET
H2 200 t8y9347t.min.css
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 389 KB
54 KB 32ms
9ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.css?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C87) /
Resource Hash: 8f5b3f7177261796d36de2d220664c09162d3877eb2e3868406c27ac952520a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
content-md5: w1JcKG+K3j0xPG8xaqE6vA==
age: 8043
x-cache: HIT
content-length: 55210
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 07:14:24 GMT
server: ECAcc (frc/4C87)
etag: 0x8DB6B14A70ACED9
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: bd7b56be-701e-0014-3072-abbfd1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 78 B
316 B 248ms
21ms XHR
application/json 2606:4700::6812:1c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

792074561f2d94442c8648916f41fc6016817b61d554daa9c67301aeecca14bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7df8a6df3b9a1e18-FRA
access-control-allow-headers: Content-Type

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 580 B
779 B 437ms
209ms XHR
application/json 172.67.75.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1688151623328
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f22ed12f05c8b76fa645ecbf1311edaa03f680758efc92639cb8c7f216155258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 30 Jun 2023 19:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDucblzR275skLDDuiy7KS4rv56pAHW%2FOG9q0msizZokUIiRNsIGF23XhlNY4tikLs3U5nf8akIOoRGfz3RJj7NpsLHse2X3bnya2JVrc9W7wF7RbfthcxqyZQ9PF5MgsTGg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 7df8a6df3cfa37f7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
3 KB 216ms
8ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
content-md5: nynBpfvYghYqzIzsvfssRw==
age: 198878
x-cache: HIT
content-length: 2382
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
server: ECAcc (frc/4CBD)
etag: 0x8DA5083F65AD9E0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 97b995a8-d01e-000d-07b6-a93f6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 DFM__NORCALPRODWP__VR.json Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/data/dfm/ 385 KB
386 KB 369ms
369ms Fetch
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/data/dfm/DFM__NORCALPRODWP__VR.json?_=1688151623354
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ed1eb47d8135568109d8793e9f39535ca104eec9a699f8c200349185d55381db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: AppendBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
last-modified: Thu, 22 Jun 2023 15:07:34 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count: 1
etag: 0x8DB733268F5D24B
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 8328337c-101e-004f-6e85-ab86ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control: no-cache
x-ms-version: 2009-09-19
content-length: 394664

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 363ms
128ms Image
image/jpeg 3.5.19.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.19.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 19:00:24 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: 2D4G2E0ND1PJQ3W6
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: IaqTuF2zimEVQwvdqpXORnmMiRRt6DxzN6m/kEoJiMmoj/qqwPwGpjeMivyHEKyf9pflmjThXYtZna5T5FDoBg==
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H2 200 bb9229a9ecb354948c02ff5e27bd9856 Show response
p644.thereporter.com/plugin/plugin/ 217 KB
53 KB 8ms
8ms Script
text/javascript 108.138.17.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p644.thereporter.com/plugin/plugin/bb9229a9ecb354948c02ff5e27bd9856

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-66.fra56.r.cloudfront.net

Software

- /

Resource Hash

11b438908905d787f79553b2d8a98ebaa12a542944650390a7fb4a68e47dfc74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
age: 215717
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 54073
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Jun 2023 07:05:06 GMT
server: -
etag: bb9229a9ecb354948c02ff5e27bd9856
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: L5z0nhRgqFvxj3LqMQtqnGYfUq7eoI8jaeCMJ0lipndu35k-Hc0YsQ==
expires: Thu, 27 Jun 2024 07:05:06 GMT

GET
BLOB 200
OK c42cc5bf-8c97-4a56-a5d0-19c5ec73fd8b
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/c42cc5bf-8c97-4a56-a5d0-19c5ec73fd8b
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 ingest
i.viafoura.co/v3/www.thereporter.com/ 67 B
325 B 385ms
101ms Image
image/png 3.225.84.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.thereporter.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.thereporter.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-13121e959387%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1688151623%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%2296fa545a-199f-4052-a5d5-4719d8f8bb00%22%2C%22firstVisit%22%3A1688151623%2C%22previousVisit%22%3A1688151623%2C%22currentVisit%22%3A1688151623%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1688151623%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.thereporter.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-13121e959387%22%2C%22section%22%3A%2200000000-0000-4000-8000-13121e959387%22%2C%22pageImage%22%3A%22https%3A%2F%2Fwww.thereporter.com%2Fwp-content%2Fuploads%2F2018%2F08%2FVAC-Filler-Photo.png%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.thereporter.com%2F2023%2F06%2F30%2Fsteven-v-roberts-abortion-gets-personal-and-powerful%2F%22%2C%22path%22%3A%22%2F2023%2F06%2F30%2Fsteven-v-roberts-abortion-gets-personal-and-powerful%2F%22%2C%22title%22%3A%22The%20Vacaville%20Reporter%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22Vacaville%20Reporter%3A%20Breaking%20News%2C%20Sports%2C%20Business%2C%20Entertainment%20and%20Vacaville%20News%22%2C%22topics%22%3A%5B%22The%20Reporter%22%2C%22Solano%20County%20News%22%2C%22Solano%20County%20Sports%22%2C%22Vacaville%20News%22%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%223475113%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Thereporter.com%20covers%20local%20news%20in%20Vacaville%2C%20California.%20Keep%20up%20with%20all%20business%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en-US%22%7D%2C%22rq%22%3A%22b4ea4e0e-4794-4876-9fb0-c15346917285%22%2C%22w%22%3A%5B%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.84.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-84-233.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
date: Fri, 30 Jun 2023 19:00:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.35.0/ 360 KB
85 KB 17ms
17ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bDp57sS049dDkRqCL4m53Q==
age: 52683
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 87115
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:06 GMT
server: cloudflare
etag: 0x8DA4784BD4AE529
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8441e95d-601e-00a3-16e1-5a1487000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7df8a6dffa3f6925-FRA

GET
BLOB 200
OK a063f6d4-a225-4609-84b9-21eb4f07c456
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/a063f6d4-a225-4609-84b9-21eb4f07c456
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK d2f0780b-c0e0-4945-a124-3ad77c2f9d24
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/d2f0780b-c0e0-4945-a124-3ad77c2f9d24
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
72 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a21490ca12d310001340950ad567144ad322612d127431f8d0529eb57f241d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73608
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Jun 2023 19:00:23 GMT

GET
H2 200 5ff8da6822c16cc5f664a11184b23b6b Show response
p644.thereporter.com/plugin/library/ 417 KB
132 KB 8ms
8ms Script
text/javascript 108.138.17.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p644.thereporter.com/plugin/library/5ff8da6822c16cc5f664a11184b23b6b

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-66.fra56.r.cloudfront.net

Software

- /

Resource Hash

f377d1bbfbdf31f4dbeab596449d637b0cde54cc892809aa70bdff875de21dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
age: 215717
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 134922
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Jun 2023 07:05:06 GMT
server: -
etag: 5ff8da6822c16cc5f664a11184b23b6b
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: dBdDki_txNbmOaYate2pE8ot074DrVpk1yvfP1PLDHxszY4uRFgkxQ==
expires: Thu, 27 Jun 2024 07:05:06 GMT

POST
H2 200 LB-Zone-3 Show response
p644.thereporter.com/DG/DEFAULT/rest/rpc/602/ 91 B
699 B 376ms
376ms XHR
application/json 108.138.17.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p644.thereporter.com/DG/DEFAULT/rest/rpc/602/LB-Zone-3?referer=https%3A%2F%2Fwww.thereporter.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-06-30T19%3A00%3A23%2B00%3A00&ts=1688151623715

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-66.fra56.r.cloudfront.net

Software

- /

Resource Hash

a961fc57196777d879f66a5c5bb5836f5e0cf9bdb4de1693876ea687051a6654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 19:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 107
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thereporter.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: s6yyVKrMgbWHvpFs2NTy_buIXYuSWkAaKNix2iJpuTdkoHhGFamKOQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202305161109/ 247 KB
76 KB 21ms
21ms Script
application/javascript 2606:4700:4400::6812:220a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202305161109/wrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 May 2023 15:12:41 GMT
server: cloudflare
x-amz-request-id: H8AY7EWHWDJ0SSBK
age: 3897750
etag: W/"c445da83949e16f2c7f56d37a9f719f0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7df8a6e03eb58fec-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KxO1XyzF6owtzYUy2ZXsvQGh8FuYxBlPyUGnc4SE0rDup49wADt9M/RAqELNGqeLcAR26M98bwbwojl/fqDTXOMZz/uWbDRt53Du3WfBdwU=

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
8 KB 237ms
8ms Script
application/x-javascript 143.204.215.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-114.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: br
via: 1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
date: Fri, 30 Jun 2023 18:07:45 GMT
x-amz-cf-pop: FRA53-C1
age: 3159
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: pn2gQL6LhbTq_3OfeMCkq08_mKvSas--mhiMUSUFBerRb6MnaR8QLg==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1c206a7b-4620-4af6-ab1e-788ad8dbaef4/847ef055-3b35-4b2b-b5b0-6e18235a2a0b/ 180 KB
31 KB 26ms
25ms Fetch
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1c206a7b-4620-4af6-ab1e-788ad8dbaef4/847ef055-3b35-4b2b-b5b0-6e18235a2a0b/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

749c246fc42cd7cfb7378c500ae5c87405320dc3661acac369453c201ece5a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 47346
content-md5: 7M1u1h8k+3Zk1/daPxEnHg==
content-length: 31879
x-ms-lease-status: unlocked
last-modified: Mon, 08 Aug 2022 02:10:43 GMT
server: cloudflare
etag: 0x8DA78E332CE9641
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 64eb8f59-401e-0096-4bca-a3bad2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7df8a6e04ee91db0-FRA
expires: Sat, 01 Jul 2023 19:00:23 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 10 KB
3 KB 20ms
19ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b663ab6a199de613fa46b2c524da1bfb8a889234879c5ccdb239602468e5f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +uprNKuR/LB9OxQq0vcYYA==
age: 47346
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2690
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:20:57 GMT
server: cloudflare
etag: 0x8DA4784B800072D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ba5108d8-001e-0116-5fca-a35f2d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7df8a6e1c8cb1db0-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/ 59 KB
13 KB 23ms
23ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: LrLVzrJD9h3ON5w7RMLtUg==
age: 29380
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12974
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:20:59 GMT
server: cloudflare
etag: 0x8DA4784B8F89D0B
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9f525c50-a01e-00fa-21ca-a31101000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7df8a6e1d8cc1db0-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 21 KB
4 KB 17ms
17ms Fetch
text/css 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 20775
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3a1bccd5-f01e-000c-14d4-a33617000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7df8a6e1d8cf1db0-FRA

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 376ms
137ms Image
image/png 52.216.241.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=5d46a2377f43
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.241.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 19:00:25 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: V0WDGRX8ZKG9MCS0
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: SwW7U5Tb7tsI71brBJSV2OIx2WodnS3+5DjTOM7p+i07k4R5KxpQss2xoXdKl/pw92jpEsF3X8Y=

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
607 B 9ms
9ms Fetch
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash: a79f00e0930c3c99dbebf0a0f79384a8ab93dc88bb87e04b572f51a3b4b8367e

Request headers

Accept: application/json
Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 04:34:49 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront), 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 51935
x-amzn-requestid: 1eec83de-9e8e-4605-85b0-a2c20e4b1020
x-amzn-trace-id: Root=1-649e5b69-44ea212716aadc1c7840284d;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: HUM4dH3kDoEFiqw=
content-length: 30
x-amz-cf-id: vGS-MJ0KQjxsBN0mP1UpzDt4AK3pwSCtrllRBl6VrP64da4QF9i54g==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 89ms
38ms Preflight
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.thereporter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 30 Jun 2023 19:00:24 GMT
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-apigw-id: HWLrTG8XDoEFS8w=
x-amz-cf-id: OfRx7CV_9vb-airaW5TgBQwLWGOtXHHPL6sLfQsyfFJYU28AS0xFsw==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: a5a9ad09-70c7-4468-abef-45556ee09c90
x-cache: Miss from cloudfront

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 17ms
16ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 53406
x-ms-lease-status: unlocked
last-modified: Thu, 29 Jun 2023 19:28:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 75015445-801e-0107-66d4-aa6836000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7df8a6e2adfb6925-FRA

POST
H2 200 602 Show response
p644.thereporter.com/DG/DEFAULT/rest/rpc/ 643 B
1 KB 399ms
399ms XHR
application/json 108.138.17.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p644.thereporter.com/DG/DEFAULT/rest/rpc/602?referer=https%3A%2F%2Fwww.thereporter.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-06-30T19%3A00%3A24%2B00%3A00&ts=1688151624185

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-66.fra56.r.cloudfront.net

Software

- /

Resource Hash

f7af8e3390bed84bda3ea02f7a8db512d84e0c69588c6ab20dde5324dd54e473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 19:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 199
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thereporter.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Dp68LpsWogGZJEXUstzMBOn3zFhNUKYjtlA0BqxoywIBJ6BO984uZw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 602 Show response
p644.thereporter.com/DG/DEFAULT/rest/rpc/ 215 B
1 KB 400ms
399ms XHR
application/json 108.138.17.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p644.thereporter.com/DG/DEFAULT/rest/rpc/602?referer=https%3A%2F%2Fwww.thereporter.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-06-30T19%3A00%3A24%2B00%3A00&ts=1688151624186

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-66.fra56.r.cloudfront.net

Software

- /

Resource Hash

8cce6df27f08d5fcf08988a6fa9e88d72b1a987d14e567649cbedfff2a71a0da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 19:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 187
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thereporter.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: L2i1NalCyMecF3x8W_aM7B2txlnkdK6F8TA3kL5PauwjU7wTfkvBkQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 5520ee6f-d00a-45be-93fc-f7f8c8a0f625
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/5520ee6f-d00a-45be-93fc-f7f8c8a0f625
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
280 B 66ms
65ms XHR
application/json 52.236.186.216
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7e0e8aa8b79a82ed3333ae5ad64bb6ca9c0ab19ecf23bc04e921c26be1f9a9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 063E9343-B689-4B53-87A1-12A2928D0228
strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 19:00:24 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 301ms
43ms Preflight 52.236.186.216
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.thereporter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 30 Jun 2023 19:00:24 GMT
x-content-type-options: nosniff

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 62ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thereporter.com

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 63ms
20ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: EYAFV55K4BXD4QAJ
age: 1067
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7df8a6ef6def3669-FRA
x-amz-id-2: whWkBhGm1ASZrNS/p6BPS7n04HervMshZG7qaxgZ9WSN3A3Ln15Wm67BYkFJkBlsBofx4C+mrXI=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
609 B 8ms
7ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Jun 2023 19:00:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27638
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-etou8220097-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 48ms
9ms Script
text/javascript 2600:9000:2250:e600:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e600:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Fri, 30 Jun 2023 05:58:56 GMT
Via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 46891
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: eNnbECuP6fCuj-IbssDs6UgOUyw0D3nZRorBApbawSyHtLXL00MpkQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 89ms
21ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 01 Jul 2023 19:00:26 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 178 KB
29 KB 360ms
358ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=57541078928105&correlator=2648097253270977&eid=31072020%2C31074651%2C31075762%2C31075788%2C31074653&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=8013%2Cthereporter.com%2Chome%2Csponsorship_1%2Cinterstitial%2Ctop_leaderboard%2Ccube1_rrail_atf&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=300x50%7C320x50%2C1x1%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C300x1050%7C160x600&ifi=1&adks=2515598710%2C160837046%2C874255770%2C2050394383&didk=1622125026~356144529~303353385~359666826&sfv=1-0-40&prev_scp=pos%3DSponsorship_1%7Cpos%3Dinterstitial%7Cpos%3Dtop_leaderboard%7Cpos%3DCube1_RRail_ATF&eri=1&cust_params=htlbidid%3D20956%26is_testing%3Dno%26kv%3Dhome%26page%3Dhome%26content%3D%26RPN%3D239844281254%26rurl%3D%26articleid%3D&sc=1&abxe=1&dt=1688151626137&lmt=1688151626&dlt=1688151620758&idt=2284&adxs=3085%2C1360%2C1636%2C2338&adys=79%2C242%2C368%2C525&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.thereporter.com%2F&frm=20&vis=1&psz=300x0%7C1x0%7C728x0%7C304x0&msz=300x0%7C1x0%7C728x0%7C304x0&fws=3076%2C1028%2C3076%2C3076&ohw=1254%2C1%2C1280%2C304&ga_vid=1780012743.1688151623&ga_sid=1688151626&ga_hid=1923120862&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY-6K27ZAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIajtu2QMUgAUgIIZBIZCgp1aWRhcGkuY29tGICjtu2QMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8aK27ZAxSABSAghk

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ccf193737a3c88dd9540099dae696e556d9b639c7ddc498e4f42534473a014b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29249
x-xss-protection: 0
google-lineitem-id: 6209910398,-2,6209910398,6209910398
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308791786,-2,138308791522,138308373314
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thereporter.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 99ms
63ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306290101&st=env

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76120da9f74956d23796a879910c3f6af2955ee2d77a4ed5decc9a7436f7d14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11264
x-xss-protection: 0

GET
H2 200 container.html Show response
fb7954d98401ca4df7f4c784bee32b67.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A917 6 KB
3 KB 120ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb7954d98401ca4df7f4c784bee32b67.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thereporter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 19:00:26 GMT
expires: Sat, 29 Jun 2024 19:00:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
328 B 105ms
17ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.thereporter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thereporter.com
date: Fri, 30 Jun 2023 19:00:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0420 15 KB
6 KB 219ms
35ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.thereporter.com&us_privacy=1---

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.thereporter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 19:00:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 323705
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 307ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 19:00:26 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0420
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=www.thereporter.com&sn=ChromeSyncframe&so=0&topUrl=www.thereporter.com&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=8opG63xNcnl5cHJyMERjTWk5YS96cFcraGs3NUlES2NpOGJEbkd4NGFrSjRBdFJ2djhQSy9RQ1pKNE5WQTRnYXY5K2RWOG9MR2gzcG9maTZzcC92TzNuNHJkNFVDUCtBWDNTeVBqNjFYRkZwQlRUanlxVzZkTm1xS3l1NW...

419 B
642 B

96ms
17ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8opG63xNcnl5cHJyMERjTWk5YS96cFcraGs3NUlES2NpOGJEbkd4NGFrSjRBdFJ2djhQSy9RQ1pKNE5WQTRnYXY5K2RWOG9MR2gzcG9maTZzcC92TzNuNHJkNFVDUCtBWDNTeVBqNjFYRkZwQlRUanlxVzZkTm1xS3l1NW16amp5Tkx2ZkUxWkF4YTRkU2dZQm5mYkpCQmVYS01KRFlhbUxXOXE2R0RzRzBlak9OTnR3R2ZUdUs0WGtoK3pzRWZYbUY0bElHNjdPRytoTDNRZTFyU3lJOVpFQTlwZ0dhYjhjb0ppRUMvM3A2L2tOcGsvbUVFNmZqQ0V4SEpiaHoreEtnUkE5YlZpSm01M0VHZHUydlZ5T2kvcUZsZ25DOXdaSk5JbWtxUzh4YlloSWxJWT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

604d4b04db60bb181dcc3a658b2c0e85ec1acb7d7338025ccf16b40267a2f0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 19:00:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1825891
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 19:00:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=8opG63xNcnl5cHJyMERjTWk5YS96cFcraGs3NUlES2NpOGJEbkd4NGFrSjRBdFJ2djhQSy9RQ1pKNE5WQTRnYXY5K2RWOG9MR2gzcG9maTZzcC92TzNuNHJkNFVDUCtBWDNTeVBqNjFYRkZwQlRUanlxVzZkTm1xS3l1NW16amp5Tkx2ZkUxWkF4YTRkU2dZQm5mYkpCQmVYS01KRFlhbUxXOXE2R0RzRzBlak9OTnR3R2ZUdUs0WGtoK3pzRWZYbUY0bElHNjdPRytoTDNRZTFyU3lJOVpFQTlwZ0dhYjhjb0ppRUMvM3A2L2tOcGsvbUVFNmZqQ0V4SEpiaHoreEtnUkE5YlZpSm01M0VHZHUydlZ5T2kvcUZsZ25DOXdaSk5JbWtxUzh4YlloSWxJWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 288118
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FE9 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZGLxPbUa_dt3rMa1nI4n9lmQTT4iEOtxqQq4xLU3vdlY4f5ReXDShqI2Xmj4egQOnQDh9EVZALNZ5vLAWDtGlnQDtj2RkZbHS0vZwfrWQCqehROIDSMnw8TAZXG3B-QZq9BatXhSCxZuFYLoGwFty04y3NP58Bn3iCNpSWRvzviHmt7MAviZI90E8spgpSG7mLrpGVueb1Q7hVpvuueFe6asTO0m_oaRpKGnQR59M89Trg8gg31H63oOFlzFv35VhSL1FeVUSJStgEhitvKC_hYDjUQA44g1eKpuk25AHEpYIo-tDuvGG2-OjMWD2Ah5-_esBE-dCTOcmh4v2Bj28NHDQ0iJDgUI-Oa1HVq4&sai=AMfl-YQWyNpE7ShjbHiSV8l998RaSrdtkHKaP-acYHdyPtYLhE1GeSpuT6OVQexK4fRoqdzhINKIJajhlJDZnRo&sig=Cg0ArKJSzLgogFBEfIq8EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 19:00:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 5FE9 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5FE9 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 14:46:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FE9 179 KB
57 KB 48ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 19:00:26 GMT

GET
H2 200 8083224042621984012
tpc.googlesyndication.com/simgad/ Frame 5FE9 9 KB
9 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8083224042621984012

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d33f5f38a2fffd365e989462b78c6c704ff65582dd5f8bb9176e717d7bd8e522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 02:10:01 GMT
x-content-type-options: nosniff
age: 60625
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9041
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 16:05:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Jun 2024 02:10:01 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 5FE9 68 B
243 B 108ms
32ms Image
image/png 13.48.111.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_M0l5UTgxV25uLWQ2YmllUUx1V2VEdU40UFdNLzMxNDUwMTczMTI6MzIweDUw&v=5&s=v31h46qr4s4&id=eyJkZnAiOnsiYWQiOjE4Nzc2MDI5NCwiYyI6MTM4MzA4NzkxNzg2LCJsIjo2MjA5OTEwMzk4LCJvIjozMTQ1MDE3MzEyLCJBIjoiLzgwMTMvdGhlcmVwb3J0ZXIuY29tL2hvbWUvc3BvbnNvcnNoaXBfMSIsInkiOjAsImNvIjowLCJzIjoiaHRsYWQtMS1ncHQifX0%3D&cb=6217495&h=www.thereporter.com&d=eyJ3aCI6Ik0wbDVVVGd4VjI1dUxXUTJZbWxsVVV4MVYyVkVkVTQwVUZkTkx6TXhORFV3TVRjek1USTZNekl3ZURVdyIsIndkIjp7Im8iOjMxNDUwMTczMTIsInciOiIzMjAiLCJoIjoiNTAifSwid3IiOjJ9
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.111.81 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-111-81.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 30 Jun 2023 19:00:26 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5FE9 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1decabcb6091c674bad12cea32384dc66661b7611397cdbbef70ed5bca77f207

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 90 B
1 KB 231ms
230ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=e869585855d3dcff6d0154036de914ec&ConfigCode=NORCALPRODWP&SiteCode=DFM&SettingsKey=NORCAL%2CVR
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
accept-language: de-DE,de;q=0.9
settingskey: NORCAL,VR
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3NjAxNTE2MjN9.8hzCV64wF9DunGpJl-j4kUaaNTonc73fC_u9t29qWSc
ssid: 285a168375ea5cca84ca0b9a59da94b4
environment: prod
config-code: NORCALPRODWP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json
access-control-allow-origin: *
accept: application/json
attr: VR
location: System
Referer: https://www.thereporter.com/
version: Version: 2.8.5

Response headers

Expires: -1
Pragma: no-cache
Date: Fri, 30 Jun 2023 19:00:27 GMT
Content-Encoding: gzip
X-Server-Time: 6/30/2023 7:00:27 PM
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 193
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 1146ms
139ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=e869585855d3dcff6d0154036de914ec&ConfigCode=NORCALPRODWP&SiteCode=DFM&SettingsKey=NORCAL%2CVR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method: GET
Origin: https://www.thereporter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Fri, 30 Jun 2023 19:00:27 GMT
X-Powered-By: ASP.NET

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C47E 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQwEgVQ3nyTj3rMyL34wXxnk0GgPJUPpGNuu60kt3OqGnTc8H0E_EfYIT0FXB5TPCXglpGwMJBuqL2uzzKZdMww1a7JR-ojy1mpxZ1exPEhvjN8lJcO7OPlmmkASjPpz2Np3ASAZ2Ahnl1rrll8RUtsQuyBkOw9FloAWVUFjxksdDEN8V5thu5sPvZ62YN-UKrUvAOy93SKHWBCQK6rBWziaTDfS6D27S9zLJXwNCLdz6SsC5Zd2pwJdD7g5XD-tisLb5zEzsE0T4DLZnwb0IALgDvm7WVprD3y-640IoFgB1AQT_BF7DPGIc_kbzKT8PcwE6rYEa8wZVfjmvK5jrYtVy0n9WqVygvNQT4KHTT4Q&sai=AMfl-YSUb-AVPuYAAkKq7m8555jN-g20jOtYdyaCndqvlsjLf05TYPzFIUE2uO8vkW1qhZQ_2dsQStmSB4risJg&sig=Cg0ArKJSzMsBjMSwAA7QEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame C47E 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 18:04:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame C47E 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 14:46:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C47E 179 KB
56 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 19:00:26 GMT

GET
H3 200 7298721018739740374
tpc.googlesyndication.com/simgad/ Frame C47E 27 KB
27 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7298721018739740374

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9331ddc30a89e7c09e2502d274082187de59ec761f73f74f2cb4717ee0f48881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 20:08:04 GMT
x-content-type-options: nosniff
age: 168742
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28019
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 16:05:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Jun 2024 20:08:04 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame C47E 68 B
244 B 37ms
31ms Image
image/png 13.48.111.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_M0l5UTgxV25uLWQ2YmllUUx1V2VEdU40UFdNLzMxNDUwMTczMTI6NzI4eDkw&v=5&s=v31h46qr4ua&id=eyJkZnAiOnsiYWQiOjE4Nzc2MDI5NCwiYyI6MTM4MzA4NzkxNTIyLCJsIjo2MjA5OTEwMzk4LCJvIjozMTQ1MDE3MzEyLCJBIjoiLzgwMTMvdGhlcmVwb3J0ZXIuY29tL2hvbWUvdG9wX2xlYWRlcmJvYXJkIiwieSI6MCwiY28iOjAsInMiOiJodGxhZC0zLWdwdCJ9fQ%3D%3D&cb=4352112&h=www.thereporter.com&d=eyJ3aCI6Ik0wbDVVVGd4VjI1dUxXUTJZbWxsVVV4MVYyVkVkVTQwVUZkTkx6TXhORFV3TVRjek1USTZOekk0ZURrdyIsIndkIjp7Im8iOjMxNDUwMTczMTIsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.111.81 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-111-81.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 30 Jun 2023 19:00:26 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8EB 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8ELCd1OaEHiJbPqImxV9W8_kEBEf0fuBRxqJsXZvEjhxAlH2XtKOm_o64B0rpuRxavE9ESUXMpjQ1You0QvcFpcLDXLfZuYNEW0W2MIXhYiFjheundggi8_SxXi3QgCIGHO9L-OzoVyyZkug9rzdDRLZspNG-aMOAJADyYkfd_0PVt3LjkQZCfSMihKfL8unrSi_wr61ltHvp4lsliztRqveX85Ut8SPyvrrhguYVKMdiMh3cn83gcs2-wgCYBvmDFjL48-zVSMYREvLw01_b5UnUKkECnqoNwDWWinfY55Jowsi2TxZZeWNCNAVAX9L15iShKdLiLe5wdNSHMhr-6YISQjaJmXroPIwX-TlOaw&sai=AMfl-YSNe4BV_QHF0O5_MjG-WCP9xubOz2Le27p7XPfYusMOzbRn50Bg4-5S7jioZhWUnyw_AeSzporvJC5dMXU&sig=Cg0ArKJSzP-ROtqRb4Z_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame C8EB 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 18:04:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame C8EB 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 14:46:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8EB 179 KB
56 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 19:00:26 GMT

GET
H3 200 17983125580742959242
tpc.googlesyndication.com/simgad/ Frame C8EB 28 KB
28 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17983125580742959242

Requested by

Host: www.thereporter.com
URL: https://www.thereporter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48d1dc3c3bb2103d4019c1de9651507ebaaaa3f6f0d2d3cb3d0d387ca294af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 11:14:10 GMT
x-content-type-options: nosniff
age: 27976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28323
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 16:05:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Jun 2024 11:14:10 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame C8EB 68 B
243 B 29ms
29ms Image
image/png 13.48.111.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_M0l5UTgxV25uLWQ2YmllUUx1V2VEdU40UFdNLzMxNDUwMTczMTI6MzAweDI1MA==&v=5&s=v31h46qr4vt&id=eyJkZnAiOnsiYWQiOjE4Nzc2MDI5NCwiYyI6MTM4MzA4MzczMzE0LCJsIjo2MjA5OTEwMzk4LCJvIjozMTQ1MDE3MzEyLCJBIjoiLzgwMTMvdGhlcmVwb3J0ZXIuY29tL2hvbWUvY3ViZTFfcnJhaWxfYXRmIiwieSI6MCwiY28iOjAsInMiOiJodGxhZC00LWdwdCJ9fQ%3D%3D&cb=8688022&h=www.thereporter.com&d=eyJ3aCI6Ik0wbDVVVGd4VjI1dUxXUTJZbWxsVVV4MVYyVkVkVTQwVUZkTkx6TXhORFV3TVRjek1USTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjozMTQ1MDE3MzEyLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.111.81 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-111-81.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 30 Jun 2023 19:00:26 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C47E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b62a3a68e7a82d6cdd7eba252e514af110b093222d3bf50f609738241e08ef7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C8EB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ed05de39e7c967fa74e75fb366d4251fe9847b20f2da203e247dbe5603e111c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 117ms
117ms Image
image/jpeg 3.5.19.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.thereporter.com
URL: https://www.thereporter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.19.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 19:00:27 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: 22VG96MEG5E8ZX43
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: 6EAivtst/EZgulF2773LGOVCf0WZUoF8/gKtqU9Bx3qo6UcEkw4X3TsLocMytJ9ajpe4a8jPuHHJm3znIVtiCQ==
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
2 KB 11ms
10ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Jun 2023 19:00:26 GMT
content-encoding: gzip
content-md5: nynBpfvYghYqzIzsvfssRw==
age: 198881
x-cache: HIT
content-length: 2382
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
server: ECAcc (frc/4CBD)
etag: 0x8DA5083F65AD9E0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 97b995a8-d01e-000d-07b6-a93f6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F67B 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thereporter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 17:38:14 GMT
expires: Sat, 29 Jun 2024 17:38:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 51F8 783 B
1 KB 55ms
20ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77978d92208ccba4b8b4fb493c0cb94104d125b6c8a1c6234eb0a0b7e96edfd9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bsq8T88BfjaOP5a2LhOopQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thereporter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Bsq8T88BfjaOP5a2LhOopQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 19:00:26 GMT
expires: Fri, 30 Jun 2023 19:00:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FE9 0
0 69ms
48ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjRyRQh8AR8k5nUh1eohhUKd-pkZI4e9xl4vp4YukkT1llCiSVhBDwW8PCzySPb5Q8KVSt6iB7UOXH-p_nSpT_g3Yneyq3O5BXmLIbo9bJQhuYmvTJKH1tfDBidjYEdI67KkNjxdtN28pHs75g9lp3weTQwQKolNRw1Or9DmGAhEqPHtgoGVpZWuTxGIPLTu7kedvwQCpJishYn7iOtDcPMSw2VgfoNV-0P6iDa0pNeIIXfmyB01XD4ZHV5WuAQr4sZ2aDFuEr0Y0OhLfMw5WXh_pGEU0TC3QzviMwR6qiKH7rPwFR2wXjXfGB98SV8fsenZnhqEWkIh-YhKdsZenxbI8gtAHnIAZQsFh5Cj5byw&sai=AMfl-YRkRqu7ngJcWF3WfmjQZ3huIxRf_qktBjAhH4AeHlt5o82jwCgCwZAdxX0Oyx5hTDPRaYKFzCJDxZb4PVo&sig=Cg0ArKJSzO0OklCIpY3BEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 19:00:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8EB 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstY79kiw8Hrbj-OEcrwej9FdGIEMadSjWmMGPeDJkLR4f8TA7Bvo-r0nQRQqlzt0pSuRKUXjfSbXPsZTVr-jhBrCg2_ce_iDMocIEYPdf9FiodoGdCwDWazr1AOxGUjOdVcVdolMcX2mmrYZWtC9C0h8ZoFNBCuSq842dwt_ynan1EWvcX2l45Gx6l8rGPwQx3egWByzPYMNwQzAbcoYJppXkXP5u5em6NPJe5o2re12xcvJEgdJhF1mlIa3skx29D9vimkB-RIRgPoBZaiGg0dAlRqYu8NlAqlDa9DylzHTKWzsItoGEblv1aGu5egcbkJsEh_qi4g2NrOpzNpIV7fKRhM-NaRV_tp-6MkjQNshHJV&sai=AMfl-YROvYB6VuZtcoixLSvogN7VuDlwzv7ukv1ZLMz_OhHUvNYq9K9XYzjNaQNNswneOcc6Zx9QDKSYJfiytQc&sig=Cg0ArKJSzE6QwlEGeU__EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 19:00:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C47E 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcG0gatVriDUXPl89Z5y4yHMiNRiBgVGhW2Va2H5X9k_Z_fQ-ElJyA4JugWrqOVHsGPto77Jjhtnax43jGxY3JRWIMUAeimWRuW9aPTWsne7zbLp6j5CE8SSGATKzhaumgvcAXCv7kj0AhNzPDaOZvSsUkrMTdNV6Vxp2q1Mb-MH8Zt7S0NWd3ARg_Cc_2Hqicvxj3FXIQ3_gJZ6hvtcFchNCzwH_i3P9siZ7yCgu--37Bu-IvDNkQ-RSHEGK1sHKZ3XRpjljgwLelkRdcy-yB4jtQZFb-2-dNwvsXSs2zw3ymfVpxcgOjf8oicWM46tZZvDAocb_8bARTrsXivdghkIrIE1bPdTPYU4krq5PTlNAV&sai=AMfl-YTuy0WLVP0RzPUU2CyszHzOt9cwms8wiWQAVxZfeSzhlU3jviPLwNevl_iqxBN7EWCr3BT9x55qj5Fs9IQ&sig=Cg0ArKJSzGUwE0IS09vBEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 19:00:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 51F8 0
0 59ms
41ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306290101&jk=57541078928105&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame F67B 38 KB
14 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 16:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 16:19:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F67B 0
10 B 12ms
11ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BBo4Sw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:00:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
BLOB 200
OK e3f8f22c-e4a8-4747-99f7-24ba7beaf559
https://www.thereporter.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thereporter.com/e3f8f22c-e4a8-4747-99f7-24ba7beaf559
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306290101&jk=57541078928105&bg=!GBulG0_NAAb90kgr3dI7ADkAdvg8WuJhQf9xC_EGjN0HYUqo7rq66aZzRyUxh57GaZCmSXs33G957fH2yktNGkWEQTcHXVHLfv4CAAAAcFIAAAAEaAEHmQKt9iYVlS79xMST2qwyt4uOZmWkbWYYfIpm1w4wneWh-eaIg0LJHZQwlJ6utXIY-YOJb92Ug3Fn880523XilWif9fIA-4Q1wa9WvBvjjO5cA6yPNUdqAAXLNNc5d5YErRg9F5GJ_9XqKvvvzLC6VusLqUk8vcgkiYvVdiQghirDb9W3-zzk7cdTDPeXiEQ8vbbKPUi9saRa8mUEQC1lNzEP0jS2nYILB_ODz4bL_CFuwy7U2PnBhFTDGHB9w7K9RC2FMZXO7g5DoTSRaG-CcFI8StsQMIe5Z7OdBtvRPn1hI9XIjUYKkgD1O-CIkgoAuPYK-v_n3eEbz4DMeS1s5H9E2gLCbroS9lLWe46H6mu9PBsllSlyIU4w7u-Hm-mOAylEwnd-o4qCgJOJY3A3MGyDLXxQnmb_xfJCUnmdwKV2hfYPZUUj40PJuMh574Zs6G1IAKETxJtcpCutMCvjKxmApI3Ra3xCcBRhB1Altz4vzkkpb__KrOOlwpQT-EDcTve0Vx9C8KtR5D2FxWUyzL_GIsY2ti_0AJpFo3Ec9914PibyVjYOGNfc_RZPKvhHT1nbk9vxh2wWlRR_Ps7iOvk_oELug8rgXbSajPWTyNmsu2OU6fiMQzZxZux5JzjDQAEEsRCAOXq7ERHcorJlcSPHeokDsoZomAMGlSLkCLprZ4G8ElP78-62icgpDeLpICKlL2sqCdhBzHkXmZA5PG5pKoRVod414tmWcPiOMA9tOP_CwRpzgAc21PBEXBdCp_vOEaScWFA90YndXzlPawjNtYI2skkBfii0vwgV2rJXCA3MB0-H64lyFOatE8vgT5GMEQwU8goOIGyAQ-kPXAas0r-Ss8mMxNs2DpIg1-hYETzg-3RNcQxQHQzU4OMJi1pPPDpa2k_LwGCgWGQeHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thereporter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 17:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6947
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 30 Jun 2023 19:04:41 GMT

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
p644.thereporter.com/DG/DEFAULT	1970-01-20 12:55:52	Name: BCTempID Value: 74583f96-8ff8-493c-a5b9-0fee7331b7ac
.thereporter.com/	1970-01-20 21:41:27	Name: bc_tstgrp Value: 10
.thereporter.com/	1970-01-20 22:31:51	Name: _pnvl Value: false
.thereporter.com/	1970-01-20 22:31:51	Name: pushly.user_puuid Value: uqYB04MpeS1mWr54isNhnIb8O2VlWcRy
.thereporter.com/	1970-01-20 22:31:51	Name: _pnlspid Value: 12514
.thereporter.com/	1970-01-20 22:31:51	Name: _pnss Value: dismissed
.thereporter.com/	1970-01-20 13:05:56	Name: _pnpdm Value: true
medianewsgroup.blueconic.net/	1970-01-20 13:05:56	Name: AWSALBCORS Value: dOsH0QeqbXjm2WYYTmDHgPsbePfZCxzrOyfxJb5yr5wxpwXkhbPDOmW3D7tQXLUNZUkkl6y9XniRe7Ri5PCmiVnOgR/RhTAq9H0V2oZ3OITctUcCKS9FetNlk5py
.viafoura.co/	1970-01-20 13:39:03	Name: VfSess Value: m8qeacmrspkgc67s11ip25beek
.viafoura.co/	1969-12-31 23:59:59	Name: vfThirdpartyCookiesEnabled Value: true
.thereporter.com/	1970-01-20 22:31:51	Name: nxt_last_visit Value: 1688151623349
www.thereporter.com/	1970-01-20 21:41:27	Name: _vfa Value: www%2Ethereporter%2Ecom.00000000-0000-4000-8000-13121e959387.96fa545a-199f-4052-a5d5-4719d8f8bb00.1688151623.1688151623.1688151623.2
www.thereporter.com/	1970-01-20 12:55:51	Name: _vfz Value: www%2Ethereporter%2Ecom.00000000-0000-4000-8000-13121e959387.1688151623.2.medium=direct\|source=\|sharer_uuid=\|terms=
.thereporter.com/	1970-01-20 22:31:51	Name: anonDeviceId Value: e869585855d3dcff6d0154036de914ec
.viafoura.co/	1970-01-20 21:41:27	Name: vfDeviceId Value: 428d3eee-470c-4f92-bddc-9deb556ed60e
p644.thereporter.com/	1970-01-20 13:05:56	Name: AWSALB Value: 2hOZz2b7SGrWrvIzAu2boLDro45dPUrd6Zc4tmYU/FrT+MQ78TuZ6yYCbwH5Jy3r/7qcqi7JiIWYIol4efTF9c+C0Ros3kWSyuIkrzTtUL/jdJoEZxjm/3BOZ4/9
p644.thereporter.com/	1970-01-20 13:05:56	Name: AWSALBCORS Value: 2hOZz2b7SGrWrvIzAu2boLDro45dPUrd6Zc4tmYU/FrT+MQ78TuZ6yYCbwH5Jy3r/7qcqi7JiIWYIol4efTF9c+C0Ros3kWSyuIkrzTtUL/jdJoEZxjm/3BOZ4/9
.criteo.com/	1970-01-20 22:17:27	Name: uid Value: cbb6d2d7-6392-471f-8649-b947f9cdc517
.doubleclick.net/	1970-01-20 22:17:27	Name: IDE Value: AHWqTUmqNToflff4JjfnOA9LoUlLvO0jiLTZSex-fj7AN2Ni3frYSXnWFHzYvQ-XhB8
.www.thereporter.com/	1970-01-20 12:57:18	Name: sub_nxt_upd_ac_DFM_NORCALPRODWP_PROD Value: 1
.www.thereporter.com/	1970-01-20 22:31:51	Name: sub_nxt_DFM_NORCALPRODWP_PROD Value: {%221%22:{%22103995%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:1688151628197}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:%22103995%22}}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js(Line 1) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
accounts.google.com
adservice.google.com
ajax.googleapis.com
ams-pageview-public.s3.amazonaws.com
api-mg2.db-ip.com
api.viafoura.co
az416426.vo.msecnd.net
c.amazon-adsystem.com
cdn.auth0.com
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.czx5eyk0exbhwp43ya.biz
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.p-n.io
cdn.parsely.com
cdn.pranmcpkx.com
cdn.prod.uidapi.com
cdn.viafoura.net
cmp.osano.com
dc.services.visualstudio.com
fb7954d98401ca4df7f4c784bee32b67.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
geo.privacymanager.io
geolocation.onetrust.com
gum.criteo.com
htlbid.com
i.viafoura.co
id5-sync.com
k.p-n.io
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
loader-cdn.azureedge.net
m.thereporter.com
medianewsgroup.blueconic.net
mug.criteo.com
p644.thereporter.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pixel.wp.com
polyfill.io
prod-dfm-proxy-connext.azurewebsites.net
prodmg2.blob.core.windows.net
protected-by.clarium.io
sb.scorecardresearch.com
securepubads.g.doubleclick.net
session.thereporter.com
static.criteo.net
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.thereporter.com
108.138.17.66
108.157.194.123
13.32.110.104
13.32.119.77
13.32.99.120
13.32.99.35
13.48.111.81
13.85.16.224
143.204.215.114
162.19.138.117
172.67.75.166
178.250.1.11
18.66.100.58
18.66.23.147
18.66.97.77
192.0.66.2
192.0.76.3
199.88.148.105
20.60.62.4
2600:1f18:44f0:4850:2edb:26e1:441c:ea2d
2600:9000:214f:7a00:10:474e:104a:2961
2600:9000:2250:e600:a:e047:753:be1
2600:9000:2450:7a00:8:2ae1:d740:93a1
2600:9000:2450:e000:3:b7e:8940:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::ac43:266a
2606:4700:4400::6812:220a
2606:4700::6812:1c26
2606:4700::6812:aa72
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::200d
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a02:2638:3::3
2a02:2638:d::d
2a04:4e42:400::282
2a04:4e42::485
3.225.84.233
3.5.19.149
3.76.1.100
34.206.150.15
52.216.241.28
52.236.186.216
52.33.58.178
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
0152a088a37330522c1458229707cbc27e42f802e1ba385d887b8a0069927618
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
024f44142822eff2a6a3f7983d6123537397f01b525f52122d90ff512d78189b
04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
08c7516496acbd43355eade6e10c9c202a4c045c01b05e950f6c7456796c05b3
11b438908905d787f79553b2d8a98ebaa12a542944650390a7fb4a68e47dfc74
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
1313e544d95566c0ed767f40117a8287940c2856fb450d6a4224b8db33a97902
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1decabcb6091c674bad12cea32384dc66661b7611397cdbbef70ed5bca77f207
20e98b335721c81d56cf4c48dfee8d9ca5be81ac71337db9044fa641781d97c7
21b580c0e786d0ff2b8ef69d2808f19c17e9106f4effdf1771475ac870c81ea1
2255355ef9ea2477f20f81567e53ee272cdf6a20309d0b812a9fbcab481eb860
2b62a3a68e7a82d6cdd7eba252e514af110b093222d3bf50f609738241e08ef7
2b663ab6a199de613fa46b2c524da1bfb8a889234879c5ccdb239602468e5f8e
2ecf69d9fb8539e9f6d4e044f126b8fd00e83ff6c8444bc8fda1e11403e50ba7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39a8f2c4850593fd18dbdc75dc0cdd9f6fe73e34d77e9d612cb4ff257c8a866c
3ccf193737a3c88dd9540099dae696e556d9b639c7ddc498e4f42534473a014b
4226330cc300101ffc4a0f9828cf2a23480db0f0904ce9fb564c98a8a353b2ed
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4c34133e47c0c3822c0a1787642b326f35e3afcb32a977cc48e4ed227ada4967
4dd6d6642192d12c4ced6d3bbd1a101672e6645dba0fdc6074de76024d6852cf
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fe7d8233af6c4aae18ed333b6df88155c7c9440b56c1d9c4215238f722db335
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ae555c3de73491aeff78da9644886ef48e990ef46e73b9206e741a1a89ef92
5ce0cb7f558c1aca9c6e94c7d85d76db859218132923c039b7ef7b38a29f8dfd
604d4b04db60bb181dcc3a658b2c0e85ec1acb7d7338025ccf16b40267a2f0f6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634f11af209a9e28efedd636aa95a4a38d2344963d36597717dfa23853ec2a26
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
66ad4b06dd35da5d0c5a8ba094616d9fff17a44882192cd820cb0e46ef4bbbfe
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6e631293b9e324745b57f8229f3b4588c1cf09bbf4d1c69c0e5496db5bb12e51
6ed05de39e7c967fa74e75fb366d4251fe9847b20f2da203e247dbe5603e111c
6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31
7145861b63f46a68c2ba65c797aa76b530aa56634214c7ccc8a69364f7e87e60
743fab9929b06e6ea08ee7296b84d0068d27d9fe7552b69f351a3298b968910a
749c246fc42cd7cfb7378c500ae5c87405320dc3661acac369453c201ece5a4b
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
76120da9f74956d23796a879910c3f6af2955ee2d77a4ed5decc9a7436f7d14d
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
77978d92208ccba4b8b4fb493c0cb94104d125b6c8a1c6234eb0a0b7e96edfd9
792074561f2d94442c8648916f41fc6016817b61d554daa9c67301aeecca14bb
7bd8b3e8c5d0f5c0a1c5ed3b69c09e4ae5edb40519ad8a1882b007ac3bf91901
7e0e8aa8b79a82ed3333ae5ad64bb6ca9c0ab19ecf23bc04e921c26be1f9a9a8
8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db
820bbf383e1e212ca7bd59f29af6ab490ea9da86e84d61ed3322b9c77ac2fc6c
82e967cfd6e2135b773c02bb3f4f100cccea480271b55ad2bbb4acebae694b83
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
89501de39ac107e6a08428a0841a90ef3247de81e4c11a8764d9c73a4bedc026
8a21490ca12d310001340950ad567144ad322612d127431f8d0529eb57f241d7
8bd6af2d953e076cb3e255e0c2328e020c672632302230f9896e07b2ba01ca65
8cce6df27f08d5fcf08988a6fa9e88d72b1a987d14e567649cbedfff2a71a0da
8f5b3f7177261796d36de2d220664c09162d3877eb2e3868406c27ac952520a1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9331ddc30a89e7c09e2502d274082187de59ec761f73f74f2cb4717ee0f48881
93ff85e14ab7393bb38237a5217381812a1dbcfdc7c1c43b791e7e2a02261e01
947b3447366a61d547c23e80651d4595f0694cbedbe29227dc4eb6a7ca101df9
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
a1ea29e281d91f7a062688016f3bc3e99a08bebae7db5c68812c015f6b2af6df
a427ed185d88f3532615503efeec9c1afc35cb984aeda357b789701d152747d0
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a48d1dc3c3bb2103d4019c1de9651507ebaaaa3f6f0d2d3cb3d0d387ca294af6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a79f00e0930c3c99dbebf0a0f79384a8ab93dc88bb87e04b572f51a3b4b8367e
a832c721859e66024092445300431d52b19ce96eb53588ad13954e78be2a8580
a961fc57196777d879f66a5c5bb5836f5e0cf9bdb4de1693876ea687051a6654
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
ad6a90222190eef907f73a59d343678096583629e59d30438fa3d5c1e95293d0
aff8084000d2c0e029860444700f6c44b5d0124101ae9f87a9bb7d6b574fe24e
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01
b74e5e9e8713f3d6e108a5b835c10c873f6252d02889a38d304a3bf57caba952
b9b255031ea3667a75c31a52b4608aae035fbb22b72e257a29a4fb1f84db1a10
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53
c5d1668d9c953f6acb29986eed3d4fb52924791fbfd83e230a90ae84cf150f4c
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93
d11c80612363d2f33d21ff4a5ed5ba296acae5bfaf84c3c82ae92d7cebfbe2b5
d252b6def69e973f97533faa3299eb1caedff3f63b9744dd81f6018886d3e9b3
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d33f5f38a2fffd365e989462b78c6c704ff65582dd5f8bb9176e717d7bd8e522
d5b5a0367cfb0697eb135a7372c1deaceb0f6b30ff298366afdae6de0946847f
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
de1ed9d99a53e5b46254a255dadc139367bb299ce9ac866444b84b1fd81f5dfc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e223243e990844f1e58f7aac4c159a132c3f4d2150be378a3247c6b79abe9453
e30e0d0fb970d162bc9d4830615cf751412949a5e397132db2fc4199b880589f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e9ab8b73e9477f11ebabddc0426370dfad8a24cccfd1b116942a8f7ec91bfd95
e9b537a01b2cb28719365ef6e05a6ca665a128d6cd8e98ba74de34807cceef8e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec39731f213524c0c4fb04959b24ba04ec9855e2d6d916fe1015674e38a1b511
ed1eb47d8135568109d8793e9f39535ca104eec9a699f8c200349185d55381db
ee04a8e34d170a8bdde8a635f68d2ff80b5306c7ba209c58ea09a9fdbf3bac02
f22ed12f05c8b76fa645ecbf1311edaa03f680758efc92639cb8c7f216155258
f377d1bbfbdf31f4dbeab596449d637b0cde54cc892809aa70bdff875de21dbd
f3988a8a95c5faec9bb5307667596b220a12d277072950244393b5f33091e2fb
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f69935888cbeed993f202fc358a84d6b6628bc2e92b124ee937f27f78cee133a
f7af8e3390bed84bda3ea02f7a8db512d84e0c69588c6ab20dde5324dd54e473
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
feb0e7f17014201ea9124f23e3f63965411385abf0103fc682595d0674087a0c
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

www.thereporter.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

92 %HTTPS

52 %IPv6

40 Domains

59 Subdomains

54 IPs

5 Countries

4064 kBTransfer

10914 kBSize

21 Cookies

47 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thereporter.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

92 %
HTTPS

52 %
IPv6

40
Domains

59
Subdomains

54
IPs

5
Countries

4064 kB
Transfer

10914 kB
Size

21
Cookies

161 HTTP transactions
4 data transactions