www.newberryobserver.com Open in urlscan Pro
52.72.211.249 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newberryobserver.com/
Effective URL:
https://www.newberryobserver.com/
Submission: On February 19 via api (February 19th 2021, 7:34:46 pm UTC) from US

Summary HTTP 278 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 64 IPs in 7 countries across 65 domains to perform 278 HTTP transactions. The main IP is 52.72.211.249, located in Queens, United States and belongs to AMAZON-AES, US. The main domain is www.newberryobserver.com.
TLS certificate: Issued by R3 on January 30th 2021. Valid for: 3 months.

This is the only time www.newberryobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	52.72.211.249 52.72.211.249	14618 (AMAZON-AES) (AMAZON-AES)
37	13.226.159.54 13.226.159.54	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	104.40.187.26 104.40.187.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.42.152.64 104.42.152.64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::2014	15169 (GOOGLE) (GOOGLE)
1	68.71.161.21 68.71.161.21	27264 (MI-CONNEC...) (MI-CONNECTION)
7	184.25.114.71 184.25.114.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
1 5	54.81.50.0 54.81.50.0	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700:303... 2606:4700:3030::6815:5795	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	130.211.10.17 130.211.10.17	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
16	2606:2800:233... 2606:2800:233:9de:380:d6:22cb:12e3	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
16	40.79.44.59 40.79.44.59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	65.9.63.164 65.9.63.164	16509 (AMAZON-02) (AMAZON-02)
1	65.9.96.121 65.9.96.121	16509 (AMAZON-02) (AMAZON-02)
1	23.218.209.87 23.218.209.87	16625 (AKAMAI-AS) (AKAMAI-AS)
4	54.236.68.122 54.236.68.122	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:64:... 2a02:26f0:64::210:6b83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
23	13.88.145.64 13.88.145.64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:5c00:f:c7b3:ce40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	148.66.196.157 148.66.196.157	13649 (ASN-VINS) (ASN-VINS)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 6	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1 5	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1 6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	162.247.243.147 162.247.243.147	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	23.218.208.187 23.218.208.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	52.95.124.170 52.95.124.170	16509 (AMAZON-02) (AMAZON-02)
1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
11	63.251.86.49 63.251.86.49	10913 (INTERNAP-BLK) (INTERNAP-BLK)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
3 3	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
3 3	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
15	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1 20	18.200.32.70 18.200.32.70	16509 (AMAZON-02) (AMAZON-02)
3 5	52.57.230.211 52.57.230.211	16509 (AMAZON-02) (AMAZON-02)
2 3	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	52.6.106.191 52.6.106.191	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.202.125.251 52.202.125.251	14618 (AMAZON-AES) (AMAZON-AES)
2	193.122.174.27 193.122.174.27	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 2	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
5 5	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
2 4	52.214.43.215 52.214.43.215	16509 (AMAZON-02) (AMAZON-02)
2 2	213.19.147.151 213.19.147.151	26120 (RHYTHMONE) (RHYTHMONE)
1 1	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 3	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2 2	124.146.215.43 124.146.215.43	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
5	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	34.234.111.29 34.234.111.29	14618 (AMAZON-AES) (AMAZON-AES)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
278	64

3 52.72.211.249 (Queens, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-211-249.compute-1.amazonaws.com

newberryobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.newberryobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 13.226.159.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-54.dus51.r.cloudfront.net

s24514.pcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.40.187.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

zdwidget3-bs.sphereup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.42.152.64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

widget.eviesays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

japfg-trending-content.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.71.161.21 (Salisbury, United States)

ASN27264 (MI-CONNECTION, US)
PTR: sub-68-71-161-21.mi-connection.com

site1.midtcweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.25.114.71 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-114-71.deploy.static.akamaitechnologies.com

oap.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vortex.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.81.50.0 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-50-0.compute-1.amazonaws.com

www.civicscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::6815:5795 (United States)

ASN13335 (CLOUDFLARENET, US)

championads.midtc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.10.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.10.211.130.bc.googleusercontent.com

www.justapinch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:2800:233:9de:380:d6:22cb:12e3 (United States)

ASN15133 (EDGECAST, US)

60a6ae725fca.bitsngo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-ps-cdn-us1.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 40.79.44.59 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-sb-appanalytics-us1.servicebus.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

8993311.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.164 (United States)

ASN16509 (AMAZON-02, US)

cloudfront.loggly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.121 (United States)

ASN16509 (AMAZON-02, US)

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.236.68.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-68-122.compute-1.amazonaws.com

logs-01.loggly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64::210:6b83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 13.88.145.64 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citysparkstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5c00:f:c7b3:ce40:21 (United States)

ASN16509 (AMAZON-02, US)

d2zqfs55y95cft.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.66.196.157 (United States)

ASN13649 (ASN-VINS, US)

liqwid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5c43e71528bcec9eea4c6e482ddcd085.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.145 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.95.124.170 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.30 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.139 (New York, United States) 3 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 18.200.32.70 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.230.211 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.191 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.106.191 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-106-191.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.125.251 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-125-251.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.150 (United Kingdom) 5 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.214.43.215 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-43-215.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.58 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.155.181 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.215.43 (Setagaya-ku, Japan) 2 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.111.29 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	windows.net prod-sb-appanalytics-us1.servicebus.windows.net citysparkstorage.blob.core.windows.net	378 KB
37	pcdn.co s24514.pcdn.co	684 KB
20	gumgum.com 1 redirects rtb.gumgum.com	6 KB
20	pubmatic.com ads.pubmatic.com image6.pubmatic.com	158 KB
17	doubleclick.net 2 redirects 8993311.fls.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	120 KB
16	lijit.com 1 redirects ap.lijit.com ce.lijit.com	21 KB
16	bitsngo.net 60a6ae725fca.bitsngo.net	258 KB
13	googlesyndication.com 5c43e71528bcec9eea4c6e482ddcd085.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	202 KB
9	sphereup.com zdwidget3-bs.sphereup.com	21 KB
8	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	7 KB
7	accuweather.com oap.accuweather.com vortex.accuweather.com www.accuweather.com	115 KB
5	1rx.io 5 redirects sync.1rx.io	3 KB
5	bidswitch.net 3 redirects x.bidswitch.net	2 KB
5	google-analytics.com 1 redirects www.google-analytics.com ssl.google-analytics.com	37 KB
5	loggly.com cloudfront.loggly.com logs-01.loggly.com	3 KB
5	midtc.com championads.midtc.com	19 KB
5	civicscience.com 1 redirects www.civicscience.com	1 KB
4	adsrvr.org 2 redirects match.adsrvr.org	1 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com	948 B
4	googletagservices.com www.googletagservices.com	112 KB
4	outbrain.com 2 redirects widgets.outbrain.com sync.outbrain.com	4 KB
4	cloudflare.com cdnjs.cloudflare.com	41 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	emxdgt.com 3 redirects cs.emxdgt.com	536 B
3	contextweb.com 3 redirects bh.contextweb.com	1 KB
3	creativecdn.com 3 redirects creativecdn.com ams.creativecdn.com	994 B
3	google.de adservice.google.de www.google.de	667 B
3	google.com adservice.google.com www.google.com	900 B
3	googleusercontent.com lh3.googleusercontent.com	50 KB
3	newberryobserver.com 2 redirects newberryobserver.com www.newberryobserver.com	18 KB
2	socdm.com 2 redirects tg.socdm.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	607 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com	576 B
2	technoratimedia.com sync.technoratimedia.com	723 B
2	stackadapt.com sync.srv.stackadapt.com	336 B
2	openx.net 2 redirects us-u.openx.net	635 B
2	rubiconproject.com pixel-eu.rubiconproject.com	478 B
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	advertising.com adserver-us.adtech.advertising.com	376 B
2	sonobi.com apex.go.sonobi.com	1 KB
2	casalemedia.com as-sec.casalemedia.com	930 B
2	azureedge.net prod-ps-cdn-us1.azureedge.net csp.azureedge.net	68 KB
2	cityspark.com cdn.cityspark.com p.cityspark.com	19 KB
2	justapinch.com www.justapinch.com	94 KB
2	googletagmanager.com www.googletagmanager.com	71 KB
2	gstatic.com fonts.gstatic.com	18 KB
1	turn.com 1 redirects d.turn.com	418 B
1	clickagy.com 1 redirects aorta.clickagy.com	650 B
1	mathtag.com 1 redirects sync.mathtag.com	611 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	837 B
1	quantserve.com 1 redirects pixel.quantserve.com	512 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	270 B
1	media.net contextual.media.net	371 B
1	newrelic.com js-agent.newrelic.com	11 KB
1	liqwid.net liqwid.net	46 KB
1	cloudfront.net d2zqfs55y95cft.cloudfront.net	35 KB
1	analysis.fi ecdn.analysis.fi	2 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	5 KB
1	disqus.com disqus.com	2 KB
1	midtcweb.com site1.midtcweb.com	43 KB
1	appspot.com japfg-trending-content.appspot.com	2 KB
1	eviesays.com widget.eviesays.com	985 B
278	65

	Domain	Requested by
37	s24514.pcdn.co	www.newberryobserver.com s24514.pcdn.co
23	citysparkstorage.blob.core.windows.net	www.newberryobserver.com
20	rtb.gumgum.com	1 redirects ap.lijit.com rtb.gumgum.com
16	prod-sb-appanalytics-us1.servicebus.windows.net	cdnjs.cloudflare.com
16	60a6ae725fca.bitsngo.net	zdwidget3-bs.sphereup.com
15	ads.pubmatic.com	ap.lijit.com ads.pubmatic.com rtb.gumgum.com
11	ce.lijit.com	ap.lijit.com rtb.gumgum.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.newberryobserver.com
9	zdwidget3-bs.sphereup.com	www.newberryobserver.com s24514.pcdn.co cdnjs.cloudflare.com
7	securepubads.g.doubleclick.net	www.googletagservices.com cdnjs.cloudflare.com www.newberryobserver.com
5	image6.pubmatic.com	ads.pubmatic.com
5	sync.1rx.io	5 redirects
5	x.bidswitch.net	3 redirects rtb.gumgum.com
5	ap.lijit.com	1 redirects cdnjs.cloudflare.com www.justapinch.com
5	vortex.accuweather.com	oap.accuweather.com vortex.accuweather.com www.newberryobserver.com
5	championads.midtc.com	www.newberryobserver.com cdnjs.cloudflare.com
5	www.civicscience.com	1 redirects www.newberryobserver.com cdnjs.cloudflare.com
4	cm.g.doubleclick.net	1 redirects rtb.gumgum.com ap.lijit.com
4	match.adsrvr.org	2 redirects rtb.gumgum.com
4	aax-eu.amazon-adsystem.com	2 redirects ap.lijit.com
4	www.googletagservices.com	60a6ae725fca.bitsngo.net securepubads.g.doubleclick.net
4	logs-01.loggly.com	cdnjs.cloudflare.com
4	cdnjs.cloudflare.com	zdwidget3-bs.sphereup.com cdn.cityspark.com
4	fonts.googleapis.com	www.newberryobserver.com zdwidget3-bs.sphereup.com
3	cs.emxdgt.com	3 redirects
3	sync.outbrain.com	2 redirects rtb.gumgum.com
3	secure.adnxs.com	1 redirects acdn.adnxs.com
3	bh.contextweb.com	3 redirects
3	pagead2.googlesyndication.com	cdnjs.cloudflare.com tpc.googlesyndication.com
3	ib.adnxs.com	1 redirects cdnjs.cloudflare.com
3	stats.g.doubleclick.net	cdnjs.cloudflare.com www.newberryobserver.com
3	www.google-analytics.com	www.newberryobserver.com cdnjs.cloudflare.com
3	lh3.googleusercontent.com	www.newberryobserver.com
2	tg.socdm.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	sync.technoratimedia.com	rtb.gumgum.com
2	sync.srv.stackadapt.com	rtb.gumgum.com
2	us-u.openx.net	2 redirects
2	pixel-eu.rubiconproject.com	ap.lijit.com
2	creativecdn.com	2 redirects
2	p.rfihub.com	2 redirects
2	acdn.adnxs.com	www.justapinch.com
2	bam-cell.nr-data.net	js-agent.newrelic.com cdnjs.cloudflare.com
2	adserver-us.adtech.advertising.com	cdnjs.cloudflare.com
2	apex.go.sonobi.com	cdnjs.cloudflare.com
2	as-sec.casalemedia.com	cdnjs.cloudflare.com
2	ssl.google-analytics.com	1 redirects www.newberryobserver.com
2	adservice.google.de	adservice.google.com securepubads.g.doubleclick.net
2	adservice.google.com	8993311.fls.doubleclick.net securepubads.g.doubleclick.net
2	8993311.fls.doubleclick.net	1 redirects prod-ps-cdn-us1.azureedge.net
2	www.justapinch.com	www.newberryobserver.com
2	www.googletagmanager.com	www.newberryobserver.com
2	fonts.gstatic.com	fonts.googleapis.com
2	newberryobserver.com	2 redirects
1	d.turn.com	1 redirects
1	aorta.clickagy.com	1 redirects
1	sync.mathtag.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	ams.creativecdn.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	contextual.media.net	ap.lijit.com
1	js-agent.newrelic.com	www.newberryobserver.com
1	www.google.de	www.newberryobserver.com
1	www.google.com	www.newberryobserver.com
1	5c43e71528bcec9eea4c6e482ddcd085.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	liqwid.net	www.newberryobserver.com
1	d2zqfs55y95cft.cloudfront.net	www.newberryobserver.com
1	www.accuweather.com	vortex.accuweather.com
1	csp.azureedge.net	cdn.cityspark.com
1	widgets.outbrain.com	www.newberryobserver.com
1	ad.doubleclick.net	www.newberryobserver.com
1	ecdn.analysis.fi	prod-ps-cdn-us1.azureedge.net
1	cloudfront.loggly.com	prod-ps-cdn-us1.azureedge.net
1	maxcdn.bootstrapcdn.com	s24514.pcdn.co
1	prod-ps-cdn-us1.azureedge.net	zdwidget3-bs.sphereup.com
1	p.cityspark.com	cdn.cityspark.com
1	cdn.cityspark.com	widget.eviesays.com
1	disqus.com	www.newberryobserver.com
1	oap.accuweather.com	www.newberryobserver.com
1	site1.midtcweb.com	www.newberryobserver.com
1	japfg-trending-content.appspot.com	www.newberryobserver.com
1	widget.eviesays.com	www.newberryobserver.com
1	www.newberryobserver.com
278	87

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.facebook.com
twitter.com
pro32.ap.org
summergames.ap.org
racing.ap.org
collegebasketball.ap.org
collegefootball.ap.org
www.legacy.com
eeditions.championcarolinas.com
fliphtml5.com
s24514.pcdn.co
online.fliphtml5.com
portal.cityspark.com
japfg-trending-content.appspot.com
www.accuweather.com
newberryobserver.com
championads.midtc.com
championmedia.com
championcarolinas.com

Subject Issuer	Validity	Valid
www.newberryobserver.com R3	`2021-01-30` - `2021-04-30`	3 months	crt.sh
pcdn.co Amazon	`2020-11-12` - `2021-12-11`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.sphereup.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-11-10`	a year	crt.sh
*.eviesays.com AlphaSSL CA - SHA256 - G2	`2020-05-20` - `2022-05-21`	2 years	crt.sh
*.appspot.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
site1.midtcweb.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-30` - `2021-03-28`	2 years	crt.sh
*.accuweather.com DigiCert SHA2 Secure Server CA	`2019-06-26` - `2021-09-13`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.civicscience.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-06` - `2021-05-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
justapinch.com Go Daddy Secure Certificate Authority - G2	`2020-04-22` - `2022-05-30`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.raynw.net DigiCert SHA2 Secure Server CA	`2020-07-28` - `2022-08-05`	2 years	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-19` - `2021-11-22`	a year	crt.sh
*.cityspark.com Go Daddy Secure Certificate Authority - G2	`2020-02-13` - `2022-04-13`	2 years	crt.sh
snid928gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-08-31`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
servicebus.windows.net Microsoft Azure TLS Issuing CA 05	`2021-01-21` - `2022-01-16`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.loggly.com Amazon	`2021-02-10` - `2022-03-11`	a year	crt.sh
analysis.fi Amazon	`2021-01-03` - `2022-02-01`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
logs-01.loggly.com Starfield Secure Certificate Authority - G2	`2020-03-06` - `2022-04-10`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-02-12` - `2022-02-12`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.liqwid.net Go Daddy Secure Certificate Authority - G2	`2020-01-26` - `2022-01-26`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-28` - `2021-05-07`	4 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 36 frames:

Primary Page: https://www.newberryobserver.com/
Frame ID: 8BD70C76AB5C6DECF57E7291614FF3EE
Requests: 180 HTTP requests in this frame

Frame: https://8993311.fls.doubleclick.net/activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108
Frame ID: 2A0995FA5524167806ED0A1C0C4DC87A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https://www.newberryobserver.com/
Frame ID: 1CEDBECE8225FCD8B31027733BC85B6C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https://www.newberryobserver.com/
Frame ID: C6DD8C2BC78F2CDE4C82D64CA915BEE3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhO6L2g82hb-BlzdAr1PUBtfMdodQvkLcw9Q4qdzJYY6952E9T8RyKjVQzWCM0Fbq8btFMGGHo-MStmSL1TuegQHPpFbzrUG2XW26LLjdcDjeS24pf5yOrhYptJiGnj64eSYe5dHKW4C9cHWVObMEBt2Ed9u-MaTxqwNNm068G669bnNU0i56a-utJ0Ep0nEqh5dB-894u6Y5dtCKVA5VfcfG6s_fChLR0nw1u93e2xyqYN59U67srKXCMB1Xq7mDZNYt9-siWbQS9SbCjC0-o7y2_tS2lPfIje5XS2EYG1snf9-yAKgyKdA95&sig=Cg0ArKJSzGX9ybAKdOkWEAE&adurl=
Frame ID: B028CFE9B5573E3F9844A19A99DF90F7
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXYkCmIkj6OWnQJrCOVcome32muaMcxuU4Xm70WzO7Br0Oddon-l53EDxdpzzZacgj1yv117_71S8g9uJctGTW0bSN3AU1i5rgzl-BObrWAKXLBzrMKg4ishPYFyWjDgXGn7otzvV53F67Ql1Xiwo4mrQdwTVF7__AsGCWgMGJpwIdZ9gxfZGAu-S5U889kEG6G2GHK2ba7JNjsFVzHNkBeq2_qH35cWaj-fADqQIWWWvXnOVr6swmEZqnujZ-SxQYsSMqodj1xqILl9m_THT2a6J4Ztr_tvLFIOJjmvMND2VfUrqNokFRbCM9wIjcbo67&sig=Cg0ArKJSzMcV3me7sQh_EAE&adurl=
Frame ID: 8847A5F237D8F8AE435C0272C7E6470C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 03691F7268A320A40DA2C0E9E0F3BCBF
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Frame ID: 3A5A26804D11FF177A96A7E549359575
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 0A5BD2C06D8F9C5D13823D2B38F61154
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: EF3C227510D66840083A8D9BF4D999C0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 6D48F11F037F7CCF980E5BEC6358C040
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3AB3F7DCB9FEE73581CE013A246A9A0C
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=7e846030-12c6-4c00-b744-2faad1b80b42&gdpr=1&gdpr_consent=
Frame ID: 9003B94237F9B37CF079A9C39A966F11
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YDASxgAAAG9xSjoG&gdpr=1&gdpr_consent=&_test=YDASxgAAAG9xSjoG
Frame ID: F02AE66BDC815DCA173B667980CA244C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xYTM3YzMwOS1hY2I4LTQ3ZjktYjk1Yi1lODg4MmMxY2Q5Y2I=&gdpr=1&gdpr_consent=
Frame ID: 060F3140BCE29CBE1F0FB59D1CBD1B33
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 56B12647E03B0D6FA8963EA6454CA9AA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: D7C0763247040C1EEBDD79C0199152D5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=emx&uid=5525161056102060062brt153501613763270462648f1
Frame ID: C02CBB46B4E80A2AF554E9764D0C0328
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YDASxsCo8YsAALV5JlAAAAAA
Frame ID: A314E832950A2DBFFF10EA485B8C820E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316017573437743
Frame ID: 3E58C1A9813158EFBCB59C1BE265F0E7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=gvBje1ySIHC3zlaceD3F&pi=gumgum
Frame ID: 5B46AD1813E59CCD6E0B8FB375991840
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1BE3BAF8B760B363E8615F9DE49D0E31
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F03480E026478F3E520441A7BCF9B084
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Frame ID: 0A2CE467A84A2BC93826449B5BFD0013
Requests: 7 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=2786913436553577462&gdpr=1&gdpr_consent=
Frame ID: D6DEF8F891C5E91A039566A68D46A1C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 65C18E8E69BEB71BF13B095073507370
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: CCB34BE407412D81C4DF40C5C292E308
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: CF37AFE15DB5CDCFE51C11CDB1ED35E3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AF1ECF70207E137EF470C3709E558186
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D2407D6AEF2599E8B99EE58891B01C9D
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=emx&i=5525161056102060062brt153501613763270462648f1
Frame ID: C026E9CED7296F7299E4D5BED893C3DB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YDASx8Co8YsAALV5JoEAAAAA
Frame ID: 86604968B2A00D244530AEF40C04F9C8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xYTM3YzMwOS1hY2I4LTQ3ZjktYjk1Yi1lODg4MmMxY2Q5Y2I=&gdpr=1&gdpr_consent=
Frame ID: 64FB7BED46DECE610412CFCD899104F7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 58F989737DB87829580AA34FB0DB0CEF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: B1111B1C717B6354BEA5C321243C200F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 125475451FB774A404F375362174EF58
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://newberryobserver.com/ HTTP 301
https://newberryobserver.com/ HTTP 301
https://www.newberryobserver.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

278
Requests

100 %
HTTPS

33 %
IPv6

65
Domains

87
Subdomains

64
IPs

7
Countries

2679 kB
Transfer

5118 kB
Size

15
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/us/app/the-newberry-observer/id1045619876?mt=8
Title: iPhone/iPad App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.vervewireless.droid.newberry
Title: Android App

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/The-Newberry-Observer/158289544627
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/TheNBOnews
Title: Twitter

Search URL Search Domain Scan URL

URL: http://pro32.ap.org/newberryobserver
Title: Pro32

Search URL Search Domain Scan URL

URL: http://summergames.ap.org/newberryobserver
Title: AP Olympics Coverage

Search URL Search Domain Scan URL

URL: http://racing.ap.org/newberryobserver
Title: Auto Racing

Search URL Search Domain Scan URL

URL: http://collegebasketball.ap.org/newberryobserver
Title: College Basketball

Search URL Search Domain Scan URL

URL: http://collegefootball.ap.org/newberryobserver
Title: College Football

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/newberryobserver
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://eeditions.championcarolinas.com/books/updu
Title:

Search URL Search Domain Scan URL

URL: https://fliphtml5.com/bxbne/uzlo
Title:

Search URL Search Domain Scan URL

URL: https://s24514.pcdn.co/wp-content/uploads/2020/11/2020VeteransDayNBO.pdf
Title:

Search URL Search Domain Scan URL

URL: https://online.fliphtml5.com/bxbne/aucy/
Title:

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/newberryobserver
Title: Add Your Event

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10190&p=/recipes/main-course/main-course-chicken/fix-it-and-forget-it-creamy-chicken.html&s=10000&do=www.newberryobserver.com

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10190&p=/recipes/main-course/chicken/creamy-chicken-pillows.html&s=10000&do=www.newberryobserver.com

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10190&p=/recipes/main-course/chicken/hungarian-chicken-paprikash-chicken-and-dumplings.html&s=10000&do=www.newberryobserver.com

Search URL Search Domain Scan URL

URL: http://www.accuweather.com/en/us/newberry-sc/29108/weather-forecast/335474
Title:

Search URL Search Domain Scan URL

URL: https://newberryobserver.com/weather
Title: Newberry, SC48°2:34 pm EST Cloudy

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/free-weather-widgets
Title: Get this widget

Search URL Search Domain Scan URL

URL: https://championads.midtc.com/www/delivery/ck.php?oaparams=2__bannerid=4201__zoneid=183__cb=03dc7e729c__oadest=http%3A%2F%2Fwillinghamandsons.com%2F

Search URL Search Domain Scan URL

URL: http://championmedia.com/

Search URL Search Domain Scan URL

URL: http://championcarolinas.com/terms
Title: Terms Of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newberryobserver.com/ HTTP 301
https://newberryobserver.com/ HTTP 301
https://www.newberryobserver.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://8993311.fls.doubleclick.net/activityi;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108 HTTP 302
https://8993311.fls.doubleclick.net/activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108

Request Chain 146

https://www.civicscience.com/jspoll/5/csw-polyfills.js HTTP 302
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

Request Chain 147

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=382581849&utmhn=www.newberryobserver.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Newberry%20Observer&utmhid=715964273&utmr=-&utmp=%2F&utmht=1613763266382&utmac=UA-6686294-4&utmcc=__utma%3D257048724.941903050.1613763266.1613763266.1613763266.1%3B%2B__utmz%3D257048724.1613763266.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=240779539&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6686294-4&cid=941903050.1613763266&jid=240779539&_v=5.7.2&z=382581849

Request Chain 207

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

Request Chain 209

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

Request Chain 210

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1870471592671566049

Request Chain 211

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://ams.creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=gvBje1ySIHC3zlaceD3F&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

Request Chain 212

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=NP9QwzP9AMUv_1XAZvZOkmT8V5Av_1GXYfwf5PTa

Request Chain 213

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=GxHT5Jw7SW6l&ev=1&pid=558511&gdpr_consent=&gdpr=1

Request Chain 219

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=5525161056102060062

Request Chain 221

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28HrHEr1kEy7ejegR9zFGBsXLcX6Qw6lIoPAlVfTzXivuUichQ6AcFnpVZ5y-T3TE6%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28HrHEr1kEy7ejegR9zFGBsXLcX6Qw6lIoPAlVfTzXivuUichQ6AcFnpVZ5y-T3TE6%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb&obuid=ENC(HrHEr1kEy7ejegR9zFGBsXLcX6Qw6lIoPAlVfTzXivuUichQ6AcFnpVZ5y-T3TE6) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 222

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=dc888080-c466-45ce-9cb5-7da511795c7c

Request Chain 224

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-OJ0tXrV1lxABvL1EOd2GIVH.69_0dlXbl2_e

Request Chain 225

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=7c7f3613-72e9-11eb-9f80-fbe73b761c37

Request Chain 227

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

Request Chain 228

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3460989308 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3460989308 HTTP 302
https://sync.1rx.io/usersync/tradedesk/16c99b79-61fa-4794-bcd9-4f998b0ca175 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8562036c-a736-448d-b942-ac4942265c1c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8562036c-a736-448d-b942-ac4942265c1c-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8562036c-a736-448d-b942-ac4942265c1c-003

Request Chain 229

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=W2CoX0Gj5ght&ev=1&pid=558355

Request Chain 231

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=7e846030-12c6-4c00-b744-2faad1b80b42&gdpr=1&gdpr_consent=

Request Chain 232

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YDASxgAAAG9xSjoG HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YDASxgAAAG9xSjoG&gdpr=1&gdpr_consent=&_test=YDASxgAAAG9xSjoG

Request Chain 236

https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=5525161056102060062&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID HTTP 302
https://rtb.gumgum.com/usersync?b=emx&uid=5525161056102060062brt153501613763270462648f1

Request Chain 237

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YDASxsCo8YsAALV5JlAAAAAA

Request Chain 238

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871316017573437743

Request Chain 239

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=gvBje1ySIHC3zlaceD3F&pi=gumgum

Request Chain 245

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

Request Chain 247

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZjcxODljZTFlMzJhMTcxZjdjZTE4MTY4

Request Chain 248

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

Request Chain 249

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=3OzWz6dbUQ1r&ev=1&pid=558511&gdpr_consent=&gdpr=1

Request Chain 250

https://aorta.clickagy.com/pixel.gif?ch=185&cm=f7189ce1e32a171f7ce18168&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:42329ae9b72ec213826e940bf5b9c9cd

Request Chain 251

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=2786913436553577462&gdpr=1&gdpr_consent=

Request Chain 259

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

Request Chain 260

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8562036c-a736-448d-b942-ac4942265c1c-003&rndcb=1288105287 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-8562036c-a736-448d-b942-ac4942265c1c-003&rndcb=1288105287 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=7fcf83d7-6858-43e4-9145-f981e6e7f2e4&google_hm=N2ZjZjgzZDctNjg1OC00M2U0LTkxNDUtZjk4MWU2ZTdmMmU0 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMkNo1fci-CeEW1CCLNS4q4&google_cver=1&ssp=adconductor&bsw_param=7fcf83d7-6858-43e4-9145-f981e6e7f2e4 HTTP 302
https://sync.1rx.io/usersync/bidswitch/7fcf83d7-6858-43e4-9145-f981e6e7f2e4?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8562036c-a736-448d-b942-ac4942265c1c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8562036c-a736-448d-b942-ac4942265c1c-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8562036c-a736-448d-b942-ac4942265c1c-003

Request Chain 263

https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID HTTP 302
https://rtb.gumgum.com/usersync?b=emx&i=5525161056102060062brt153501613763270462648f1

Request Chain 264

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YDASx8Co8YsAALV5JoEAAAAA

278 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.newberryobserver.com/
Redirect Chain

http://newberryobserver.com/
https://newberryobserver.com/
https://www.newberryobserver.com/

93 KB
17 KB

239ms
230ms

Document
text/html

52.72.211.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.72.211.249 Queens, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-211-249.compute-1.amazonaws.com
Software: Pagely-ARES/1.8.4 /
Resource Hash: 261a57cf8f316bdcb45d9998369ca0a5aff137868dc2c4fd3571439bb1c883d5

Request headers

:method: GET
:authority: www.newberryobserver.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:23 GMT
content-type: text/html; charset=UTF-8
content-length: 17427
vary: Accept-Encoding Accept-Encoding
server: Pagely-ARES/1.8.4
x-gateway-request-id: 8437bbef7d2c650fef253bffa6d75a0d
x-gateway-rate-limit-delayed: 0.232
link: <https://www.newberryobserver.com/wp-json/>; rel="https://api.w.org/", <https://www.newberryobserver.com/>; rel=shortlink
x-cookie-hider: triggered
expires: Fri, 19 Feb 2021 19:40:40 GMT
content-encoding: gzip
x-gateway-cache-key: 1613761835.166|standard|https|www.newberryobserver.com||/
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0

Redirect headers

date: Fri, 19 Feb 2021 19:34:23 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.newberryobserver.com/
server: Pagely-ARES/1.8.4
x-gateway-request-id: beb78472afe82e05f5f431c1f97fda5d
x-cookie-hider: triggered
expires: Fri, 19 Feb 2021 19:55:45 GMT
x-redirect-by: WordPress
x-gateway-cache-key: 0|standard|https|newberryobserver.com||/
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0

GET
H2 200 style.min.css
s24514.pcdn.co/wp-includes/css/dist/block-library/ 40 KB
7 KB 193ms
66ms Stylesheet
text/css 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-includes/css/dist/block-library/style.min.css?ver=5.3.5
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 03:32:39 GMT
content-encoding: gzip
age: 1094505
x-cache: Hit from cloudfront
content-length: 6132
x-gateway-cache-status: MISS
x-gateway-request-id: d0b2d44d2af8026b114a6271866c9bc6
last-modified: Mon, 02 Nov 2020 14:17:35 GMT
server: Pagely-ARES/1.8.2
etag: "a055-5b320685ffdc0-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-includes/css/dist/block-library/style.min.css?ver=5.3.5
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: 0E_VgsA4jXR1nOVLV5rzuPZFyHcmSGEMnrcSgh2vz1ObK167kuEIKA==
expires: Tue, 09 Mar 2021 03:32:39 GMT

GET
H2 200 simple-staff-list-public.css
s24514.pcdn.co/wp-content/plugins/simple-staff-list/public/css/ 457 B
890 B 194ms
67ms Stylesheet
text/css 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-content/plugins/simple-staff-list/public/css/simple-staff-list-public.css?ver=2.2.0
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: fd927536a19a1583559667290bad2f79ee2994a0bab4a8a2abf1a002e14c2565

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 08:51:44 GMT
content-encoding: gzip
age: 816160
x-cache: Hit from cloudfront
content-length: 266
x-gateway-cache-status: MISS
x-gateway-request-id: a2791f9c4cf29a5fd6a277bc3642b6c3
last-modified: Sat, 25 May 2019 08:05:16 GMT
server: Pagely-ARES/1.8.2
etag: "1c9-589b1c68d177b-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/plugins/simple-staff-list/public/css/simple-staff-list-public.css?ver=2.2.0
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: 89tMp_wtzjhQUZc_NmsOjM844bvLaBQ6Ir8bDp4O4kJc-nC2TwoAng==
expires: Fri, 12 Mar 2021 08:51:44 GMT

GET
H2 200 vfb-style.min.css
s24514.pcdn.co/wp-content/plugins/vfb-pro/public/assets/css/ 66 KB
11 KB 249ms
122ms Stylesheet
text/css 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:20:50 GMT
content-encoding: gzip
age: 728014
x-cache: Hit from cloudfront
content-length: 10605
x-gateway-cache-status: MISS
x-gateway-request-id: 3660c112a5b13bba7a513fa9688fb92d
last-modified: Wed, 22 Jul 2020 19:18:34 GMT
server: Pagely-ARES/1.8.2
etag: "108dd-5ab0c9b24284a-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: KMltX3w6kcZKtzsGBQFik2PI0vSBCnPWBNebgHhQOjvB6reY8qBMpQ==
expires: Sat, 13 Mar 2021 09:20:50 GMT

GET
H2 200 style.css
s24514.pcdn.co/wp-content/themes/mh-magazine/ 85 KB
15 KB 216ms
89ms Stylesheet
text/css 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-content/themes/mh-magazine/style.css?ver=3.8.3
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 518a9d587bdaecdd96340e67db078e823ff43f9f23f2f0d9f0ceafe4cca72a0f

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 08:51:44 GMT
content-encoding: gzip
age: 816160
x-cache: Hit from cloudfront
content-length: 15065
x-gateway-cache-status: MISS
x-gateway-request-id: 6dfcb72280320fcca4ecd20b1a8b2e32
last-modified: Mon, 26 Feb 2018 23:22:16 GMT
server: Pagely-ARES/1.8.2
etag: "1557c-56625c7d673c8-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/themes/mh-magazine/style.css?ver=3.8.3
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: P_3vv2eMh8m2voAXnOq-9GuQ86ihUchtUk2sBcxGi8OyeZHP_74cnQ==
expires: Fri, 12 Mar 2021 08:51:44 GMT

GET
H2 200 font-awesome.min.css
s24514.pcdn.co/wp-content/themes/mh-magazine/includes/ 30 KB
7 KB 216ms
89ms Stylesheet
text/css 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-content/themes/mh-magazine/includes/font-awesome.min.css
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 04:56:13 GMT
content-encoding: gzip
age: 1348691
x-cache: Hit from cloudfront
content-length: 7053
x-gateway-cache-status: MISS
x-gateway-request-id: c2032aecc4f6fe09da8962fac770bdd8
last-modified: Mon, 26 Feb 2018 23:22:46 GMT
server: Pagely-ARES/1.8.2
etag: "7918-56625c9a5e304-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/themes/mh-magazine/includes/font-awesome.min.css
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: VaZ2o2Smsn9uR1ApQujS8SwZn2k53V-0Fg0vIqyMv8EWCdJW-Bqa8g==
expires: Sat, 06 Mar 2021 04:56:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00c73164abbada7946bfef6df7e63d4308c68ca0610d7c77abd57c126f38b3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.newberryobserver.com
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 18:26:27 GMT
server: ESF
date: Fri, 19 Feb 2021 19:34:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 19:34:23 GMT

GET
H2 200 jquery.js Show response
s24514.pcdn.co/wp-includes/js/jquery/ 95 KB
34 KB 237ms
110ms Script
application/javascript 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:48:21 GMT
content-encoding: gzip
age: 1014363
x-cache: Hit from cloudfront
content-length: 33776
x-gateway-cache-status: MISS
x-gateway-request-id: b9f03d48428f8e081937114faaae26f0
last-modified: Mon, 02 Nov 2020 14:17:35 GMT
server: Pagely-ARES/1.8.2
etag: "17a69-5b320685ffdc0-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 0LGVDUetvT0JDfLvcIgIYPqsSsVHRgelz6wti1k1kmgYNT3HNa2T_Q==
expires: Wed, 10 Mar 2021 01:48:21 GMT

GET
H2 200 jquery-migrate.min.js Show response
s24514.pcdn.co/wp-includes/js/jquery/ 10 KB
5 KB 225ms
98ms Script
application/javascript 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.0 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 04:16:22 GMT
content-encoding: gzip
age: 1783082
x-cache: Hit from cloudfront
content-length: 4014
x-gateway-cache-status: MISS
x-gateway-request-id: ed9e00d3e67428158a8314d71311e66d
last-modified: Mon, 02 Nov 2020 14:17:35 GMT
server: Pagely-ARES/1.8.0
etag: "2748-5b320685ffdc0-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: BvkMQq8TsLxTSc-bgzguPb8gJIgsor9B1P352wGBtHs8IvBqCW90tA==
expires: Mon, 01 Mar 2021 04:16:22 GMT

GET
H2 200 scripts.js Show response
s24514.pcdn.co/wp-content/themes/mh-magazine/js/ 38 KB
12 KB 223ms
97ms Script
application/javascript 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-content/themes/mh-magazine/js/scripts.js?ver=3.8.3
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 8df7667db11a1cbae8ba0332258e0d3da3c26d2bab794bdcf8805df869482200

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 10:52:56 GMT
content-encoding: gzip
age: 981688
x-cache: Hit from cloudfront
content-length: 12063
x-gateway-cache-status: MISS
x-gateway-request-id: 3865a4e4d55a1385d7f18106ce319b37
last-modified: Mon, 26 Feb 2018 23:22:48 GMT
server: Pagely-ARES/1.8.2
etag: "9836-56625c9ca33c8-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/themes/mh-magazine/js/scripts.js?ver=3.8.3
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 3xdVct1Y4C-6Ht4UDLLSvD8h-Jsks8-TB_QgUXd2GJqka3WVy6Misg==
expires: Wed, 10 Mar 2021 10:52:56 GMT

GET
H/1.1 200
OK Script Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 29 KB
14 KB 883ms
691ms Script
application/x-javascript 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f51ad103bb1b81ae65981899fed07ecb2a68590e657191fdaceb79ad31992b2

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:24 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Fri, 19 Feb 2021 19:34:24 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: public, max-age=3600
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 13819
Expires: Fri, 19 Feb 2021 20:34:24 GMT

GET
H2 200 nboscaled-923.png
s24514.pcdn.co/wp-content/uploads/2020/09/ 20 KB
20 KB 72ms
60ms Image
image/png 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2020/09/nboscaled-923.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 644ff791128e3eea7b0923932ced64048252205ef17888b9c62f6be7e6ce3881

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 04:56:13 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 1348691
x-cache: Hit from cloudfront
content-length: 20188
x-gateway-cache-status: MISS
x-gateway-request-id: daff0579c1177d4b12dc17c4f359caab
last-modified: Wed, 23 Sep 2020 13:14:15 GMT
server: Pagely-ARES/1.8.2
etag: "4edc-5affadc45748d"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2020/09/nboscaled-923.png
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: NeLy929r_Po-eYNd0GAoqPVfMCkWmcutB3P6gwonymJe2XfNhEd8XA==
expires: Sat, 06 Mar 2021 04:56:13 GMT

GET
H2 200 126488498_web1_Bishop-465x438.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 21 KB
21 KB 77ms
64ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126488498_web1_Bishop-465x438.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: af22980db27a05bb442baf6303786a5d283d6fba657f84154a1604063947bde0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 13:49:13 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 193511
x-cache: Hit from cloudfront
content-length: 21353
x-gateway-cache-status: MISS
x-gateway-request-id: 2ea309938632a60945537ae6c28390d4
last-modified: Tue, 16 Feb 2021 21:31:26 GMT
server: Pagely-ARES/1.8.4
etag: "5369-5bb7ad3218b7b"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1613569457.893||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126488498_web1_Bishop-465x438.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: S4qz022pdvjnCPgIzrjVaeAeWq2jRhNjPJmYHOAbcpeucx-8xewkng==
expires: Fri, 19 Mar 2021 13:49:13 GMT

GET
H2 200 126487371_web1_149767606_10157829032106003_6716030464584126311_n-361x438.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 34 KB
35 KB 81ms
69ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126487371_web1_149767606_10157829032106003_6716030464584126311_n-361x438.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 13a761039c037b1a269a39d3df870d9a9b03e9ff4c6203e9c5b32b4c54bff17d

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:13:54 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 256830
x-cache: Hit from cloudfront
content-length: 35239
x-gateway-cache-status: HIT
x-gateway-request-id: bdda072b1eb4f85329e6297b7ac0b53e
last-modified: Tue, 16 Feb 2021 20:07:13 GMT
server: Pagely-ARES/1.8.4
etag: "89a7-5bb79a5f8c5be"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126487371_web1_149767606_10157829032106003_6716030464584126311_n-361x438.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: lW2rytFAr4MNmFSyrd8jSrqvqYbge72cBbb81BTowRW7BagTo0y0ig==
expires: Thu, 18 Mar 2021 20:07:26 GMT

GET
H2 200 126441634_web1_DSC_0152-e1613581350235-500x438.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 82 KB
82 KB 94ms
82ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126441634_web1_DSC_0152-e1613581350235-500x438.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: dbf2c0aad804d3afd9439b0a7313725d0c347fe63d32a5a978f1818310ec7320

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:09:15 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 167109
x-cache: Hit from cloudfront
content-length: 83648
x-gateway-cache-status: MISS
x-gateway-request-id: f299d7368fe916e4f347c47ed8503c91
last-modified: Wed, 17 Feb 2021 17:02:51 GMT
server: Pagely-ARES/1.8.4
etag: "146c0-5bb8b3072700a"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1613569457.893||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126441634_web1_DSC_0152-e1613581350235-500x438.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 1GJidTcCPY6fQ0a4noa2-dPPDwKH9Kkyf6qvujRth6guudSUBYbUoA==
expires: Fri, 19 Mar 2021 21:09:15 GMT

GET
H2 200 placeholder-slider.png
s24514.pcdn.co/wp-content/themes/mh-magazine/images/ 10 KB
10 KB 128ms
116ms Image
image/png 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/themes/mh-magazine/images/placeholder-slider.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 936c5a9fc8bfcc2e5d9e89c226f43c701b8dd477218cd9c9de25d9fd1c9632f9

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 23:39:04 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 417320
x-cache: Hit from cloudfront
content-length: 9914
x-gateway-cache-status: MISS
x-gateway-request-id: e1b9eac7a603c2729194a6e0d12da93e
last-modified: Mon, 26 Feb 2018 23:22:45 GMT
server: Pagely-ARES/1.8.4
etag: "26ba-56625c997ba0f"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/themes/mh-magazine/images/placeholder-slider.png
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: KMxIaAZevrssYUHEzu3NF5QzFAXd4ZLT03fYXVkxv5KiMWDKVx9_mA==
expires: Tue, 16 Mar 2021 23:39:04 GMT

GET
H2 200 126427989_web1_DSC_0780.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 102 KB
103 KB 108ms
97ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126427989_web1_DSC_0780.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 79312d1250791673e5379c0f60ea417b1e4fc1016a51ae176e2f77729b714847

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 16:03:58 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 617426
x-cache: Hit from cloudfront
content-length: 104362
x-gateway-cache-status: HIT
x-gateway-request-id: 591f015e3f7c52069e649f90740d1fc0
last-modified: Fri, 12 Feb 2021 16:03:07 GMT
server: Pagely-ARES/1.8.4
etag: "197aa-5bb25c5a8595c"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126427989_web1_DSC_0780.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: L3FxgGCvPPhWS1Uo3EE7pQfldz0pmSo3EqxbgfLm4CxntjmYg9pg4Q==
expires: Sun, 14 Mar 2021 16:03:41 GMT

GET
H2 200 126488498_web1_Bishop-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 2 KB
3 KB 127ms
115ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126488498_web1_Bishop-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: aef4bda7b4c0a2ada0896fdbe039577cc447e143af452bd3189b15f8b605bc14

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 13:34:45 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 194379
x-cache: Hit from cloudfront
content-length: 2124
x-gateway-cache-status: HIT
x-gateway-request-id: 5d3009b46d76465b5326f5931b683510
last-modified: Tue, 16 Feb 2021 21:31:26 GMT
server: Pagely-ARES/1.8.4
etag: "84c-5bb7ad3240c1a"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126488498_web1_Bishop-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: W6Qz9YgH-GgbUHsvWBZuRZI_8brbg_uQIDtwyfKOl01LArlrm3ySZg==
expires: Fri, 19 Mar 2021 13:29:08 GMT

GET
H2 200 126487371_web1_149767606_10157829032106003_6716030464584126311_n-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 3 KB
4 KB 126ms
114ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126487371_web1_149767606_10157829032106003_6716030464584126311_n-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: e911a8c9d791d1fad87a7adc13a6aadf103d6aa151b0c4a612d87b0bc8ddcbfc

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:13:54 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 256830
x-cache: Hit from cloudfront
content-length: 3464
x-gateway-cache-status: HIT
x-gateway-request-id: 2f288a7a7c83490aca70147b2ce99b5f
last-modified: Tue, 16 Feb 2021 20:07:13 GMT
server: Pagely-ARES/1.8.4
etag: "d88-5bb79a5f913de"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126487371_web1_149767606_10157829032106003_6716030464584126311_n-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: vfrlg0Tb_AasD9rUjL8PMUvKkbSEprezufyl5gzyzk5P-l3xcmST7A==
expires: Thu, 18 Mar 2021 20:07:26 GMT

GET
H2 200 126389398_web1_DSC_0046-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 4 KB
4 KB 128ms
116ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126389398_web1_DSC_0046-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 6af498452b3a7a2d4d3f082e2964b094e544c6fbb7a7e618a7f1d28c6774d04d

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 18:53:21 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 952863
x-cache: Hit from cloudfront
content-length: 3735
x-gateway-cache-status: MISS
x-gateway-request-id: f04638f2878e888c660f4f0e98739f58
last-modified: Mon, 08 Feb 2021 16:40:17 GMT
server: Pagely-ARES/1.8.2
etag: "e97-5bad5d332e6b9"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126389398_web1_DSC_0046-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: IRH_xD3N_CRfPHZxZziouhfh960LlV2L0OeSJt-c5Fq15GOSb9fwbw==
expires: Wed, 10 Mar 2021 18:53:21 GMT

GET
H2 200 126346500_web1_Deas-Guys-Orchestra-Group-Picture-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/01/ 3 KB
3 KB 129ms
117ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/01/126346500_web1_Deas-Guys-Orchestra-Group-Picture-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: c610e1b0683db4e64070d4059918ca087c83a5a26a942140fa3716be01a4c9a6

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 15:46:06 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 964098
x-cache: Hit from cloudfront
content-length: 2987
x-gateway-cache-status: MISS
x-gateway-request-id: f35eceeb248d8fc19f33d51d1cf8ee65
last-modified: Wed, 27 Jan 2021 20:00:13 GMT
server: Pagely-ARES/1.8.2
etag: "bab-5b9e7381f8fd0"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/01/126346500_web1_Deas-Guys-Orchestra-Group-Picture-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: mEu12NzDHOyt_8GE9FUwki0MalClXC4b2zbrNFl6jKL0zn-QQqcurw==
expires: Wed, 10 Mar 2021 15:46:06 GMT

GET
H2 200 126289688_web1_MikeFrank--1--70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/01/ 4 KB
4 KB 129ms
117ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/01/126289688_web1_MikeFrank--1--70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: adfe4d4950bbf638480b46c08d085f0d7f4d2267486f05d2542e0bce9d23cd09

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 23:39:04 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 417320
x-cache: Hit from cloudfront
content-length: 3748
x-gateway-cache-status: MISS
x-gateway-request-id: ff9c39bbbfc4f74fda8a49bc17eba1ee
last-modified: Mon, 18 Jan 2021 20:56:14 GMT
server: Pagely-ARES/1.8.4
etag: "ea4-5b932f3db7735"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/01/126289688_web1_MikeFrank--1--70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: lEw1_kl6yZWhvlkm_8zjePDtVqYW4pdTcm0pmdjCdLEgjWv44cj_zQ==
expires: Tue, 16 Mar 2021 23:39:04 GMT

GET
H2 200 126205291_web1_Abbie-Grooms-01-provided-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/01/ 3 KB
4 KB 135ms
124ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/01/126205291_web1_Abbie-Grooms-01-provided-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 248b18dd819d244074248e3c0951cf7197bd3e1787b502291ed6e9a87b465d81

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 23:39:04 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 417320
x-cache: Hit from cloudfront
content-length: 3255
x-gateway-cache-status: MISS
x-gateway-request-id: fdf6db704cbb18ffe4ffea8d9b4637b8
last-modified: Tue, 12 Jan 2021 18:12:35 GMT
server: Pagely-ARES/1.8.4
etag: "cb7-5b8b7f78f1ba6"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/01/126205291_web1_Abbie-Grooms-01-provided-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: GLiXyzbkVsBLCfGMWxbM7U8bQNuoWxZrFLVKup_hloI5-4P1Xt7zIg==
expires: Tue, 16 Mar 2021 23:39:04 GMT

GET
H2 200 puzgam.png
s24514.pcdn.co/wp-content/uploads/2020/04/ 54 KB
55 KB 129ms
118ms Image
image/png 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2020/04/puzgam.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: e38314a0946795e482eee76d41aaddbd8c296fdd0f0fbec7a2c3a38590acadd2

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 15:46:06 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 964098
x-cache: Hit from cloudfront
content-length: 55505
x-gateway-cache-status: MISS
x-gateway-request-id: ec384c413f2ff4030f4d78225f565a5b
last-modified: Fri, 03 Apr 2020 15:09:54 GMT
server: Pagely-ARES/1.8.2
etag: "d8d1-5a2644f50ef2e"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2020/04/puzgam.png
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: _GPbIiTPLlGGTw84m5vcQvk7ZlDHE9stKzLg3HwFUYstD7H8LjFEtw==
expires: Wed, 10 Mar 2021 15:46:06 GMT

GET
H2 200 126478853_web1_thumbnail_DSC_1256-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 4 KB
5 KB 135ms
125ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126478853_web1_thumbnail_DSC_1256-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 1c969220f8e93addd1404c86c4ddea055a1f76aeb403c4c277a66063e9df8b9f

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 16:23:27 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 11457
x-cache: Hit from cloudfront
content-length: 4114
x-gateway-cache-status: HIT
x-gateway-request-id: d8edcc327628d849f8e8e538621410e2
last-modified: Fri, 19 Feb 2021 16:15:13 GMT
server: Pagely-ARES/1.8.4
etag: "1012-5bbb2c1cce1e7"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1613569457.893||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126478853_web1_thumbnail_DSC_1256-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: -u-pjR_QIYTmuzfrWfDas90E2f1vVjeDak_MyjzTHOr6UKPRkQql4A==
expires: Sun, 21 Mar 2021 16:18:26 GMT

GET
H2 200 wp-emoji-release.min.js Show response
s24514.pcdn.co/wp-includes/js/ 14 KB
5 KB 134ms
124ms Script
application/javascript 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-includes/js/wp-emoji-release.min.js?ver=5.3.5
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 10:59:06 GMT
content-encoding: gzip
age: 894918
x-cache: Hit from cloudfront
content-length: 4626
x-gateway-cache-status: MISS
x-gateway-request-id: 822f6e35bc94ec6551b9d74c0df67e0a
last-modified: Mon, 02 Nov 2020 14:17:35 GMT
server: Pagely-ARES/1.8.2
etag: "362a-5b320685ffdc0-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-includes/js/wp-emoji-release.min.js?ver=5.3.5
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: s4bA9mXhdE3pUp7KOOlX8bbC0jQD_uBosAxS02Mh9suy9wXIleD_RA==
expires: Thu, 11 Mar 2021 10:59:06 GMT

GET
H2 200 126467043_web1_EuDCALoXEAIR1uD-e1613750062339-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 4 KB
4 KB 132ms
122ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126467043_web1_EuDCALoXEAIR1uD-e1613750062339-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 918a9f4519e3908d6f3514d59b3e052e1b4e9856cb33afa3168936cd415e35fc

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 16:23:27 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 11457
x-cache: Hit from cloudfront
content-length: 3857
x-gateway-cache-status: HIT
x-gateway-request-id: eedcd88632a3d56e046ac5bd73c6a264
last-modified: Fri, 19 Feb 2021 15:54:26 GMT
server: Pagely-ARES/1.8.4
etag: "f11-5bbb27770ef0a"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1613569457.893||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126467043_web1_EuDCALoXEAIR1uD-e1613750062339-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: xgE6vRoXX4MdGAG_Po7p1RbG1NNCIOYNPuh60JlaFyhZzLnUnPgFvQ==
expires: Sun, 21 Mar 2021 16:10:10 GMT

GET
H2 200 126460489_web1_FH-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 4 KB
5 KB 133ms
123ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126460489_web1_FH-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: fdf4c61359a7f5ccaf9eeb19a27cc4c1880264c442799c512c8afc4a7bf4948e

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 14:03:35 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 192649
x-cache: Hit from cloudfront
content-length: 4574
x-gateway-cache-status: MISS
x-gateway-request-id: b87a415b801a6f4a7a2cecbde3377af3
last-modified: Wed, 17 Feb 2021 14:00:34 GMT
server: Pagely-ARES/1.8.4
etag: "11de-5bb88a4988786"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1613569457.893||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126460489_web1_FH-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: pydReeTQF2LGconRBVp_FYctrOz7fugPAtz6GPOi_-G2Titb-MKVpA==
expires: Fri, 19 Mar 2021 14:03:35 GMT

GET
H2 200 126428261_web1_SheridanNewShot-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 5 KB
5 KB 132ms
122ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126428261_web1_SheridanNewShot-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 0ce83306c2a3d45ede1b5b4ff27577789383faa0f9e1bb76f482c0437f12bef2

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 20:19:43 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 515681
x-cache: Hit from cloudfront
content-length: 4669
x-gateway-cache-status: MISS
x-gateway-request-id: 69d2216f495227b1bde69264c186c57c
last-modified: Sat, 13 Feb 2021 18:22:12 GMT
server: Pagely-ARES/1.8.4
etag: "123d-5bb3bd4e65976"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126428261_web1_SheridanNewShot-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: ZzkwGEBpnqCYQmhwkZLx9NIcbUBsj3Yv3NdqtqQhZnRsGP5Ueaq39A==
expires: Mon, 15 Mar 2021 20:19:43 GMT

GET
H2 200 126428194_web1_IMG_0290-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 4 KB
5 KB 133ms
124ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126428194_web1_IMG_0290-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 32c31d09bf85839d06022ac473832bc10967d7e1b20ca961cf3cf5c4691d44cc

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 22:58:00 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 506184
x-cache: Hit from cloudfront
content-length: 4206
x-gateway-cache-status: MISS
x-gateway-request-id: 61618a39663beb638cd0b80320b0b0a5
last-modified: Sat, 13 Feb 2021 15:55:30 GMT
server: Pagely-ARES/1.8.4
etag: "106e-5bb39c83a5d71"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126428194_web1_IMG_0290-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: eqJWKnis_0GhiBej7tLXgWSXKhN58yY4hqz9Dkoyv2Cr6Gfd3GRzRQ==
expires: Mon, 15 Mar 2021 22:58:00 GMT

GET
H2 200 126351903_web1_DSC04784a-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 3 KB
4 KB 134ms
125ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126351903_web1_DSC04784a-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 0303483d0cb598ba747efaba6d5ac6a35c10180c9eaa8777400a14c67192086a

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 23:39:04 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 417320
x-cache: Hit from cloudfront
content-length: 3526
x-gateway-cache-status: MISS
x-gateway-request-id: 42c67f77bf9aa0852e48e57b04e8d139
last-modified: Sat, 06 Feb 2021 17:51:19 GMT
server: Pagely-ARES/1.8.4
etag: "dc6-5baae958e166f"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126351903_web1_DSC04784a-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: K-QLDMnYe0FjUKMlfUrI6Wpmwx7Dhmz1Z4njYFhjBnaCK09a9XTtYw==
expires: Tue, 16 Mar 2021 23:39:04 GMT

GET
H2 200 126382752_web1_Headshot-70x120.jpg
s24514.pcdn.co/wp-content/uploads/2021/02/ 3 KB
4 KB 133ms
125ms Image
image/jpeg 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/02/126382752_web1_Headshot-70x120.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 683a5ead813f860e1cb940d9ffef6900cb9334ad8a1562d647c400614c1d5d0e

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 16:08:30 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 1135554
x-cache: Hit from cloudfront
content-length: 3207
x-gateway-cache-status: HIT
x-gateway-request-id: b7aac64b0bf3e5ea583763e0729f108f
last-modified: Sat, 06 Feb 2021 15:41:23 GMT
server: Pagely-ARES/1.8.2
etag: "c87-5baacc4d5b979"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/02/126382752_web1_Headshot-70x120.jpg
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: AKqoMR5nrU_WSHlfbLek32BIiOYqLuaEkSngQ_R39ndZUhV-5KcPiQ==
expires: Mon, 08 Mar 2021 16:03:52 GMT

GET
H2 200 Screen-Shot-2021-01-19-at-11.25.29-AM-70x120.png
s24514.pcdn.co/wp-content/uploads/2021/01/ 17 KB
18 KB 133ms
125ms Image
image/png 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2021/01/Screen-Shot-2021-01-19-at-11.25.29-AM-70x120.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 1ae27e3e4e3a44acbc1250a19d772baf9bbedaf57e80767f95e533df7b97fe09

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 23:39:04 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 417320
x-cache: Hit from cloudfront
content-length: 17581
x-gateway-cache-status: MISS
x-gateway-request-id: 24cf3507c8095d44e1a169f848b34db2
last-modified: Tue, 19 Jan 2021 16:26:49 GMT
server: Pagely-ARES/1.8.4
etag: "44ad-5b9434e2fbfcc"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2021/01/Screen-Shot-2021-01-19-at-11.25.29-AM-70x120.png
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: WENCsHJN-c-ItpRFa84OUVkFpX_a0CJxqyl-xhlIkR8poischVIHUA==
expires: Tue, 16 Mar 2021 23:39:04 GMT

GET
H2 200 Screen-Shot-2020-12-11-at-3.54.00-PM-1-70x120.png
s24514.pcdn.co/wp-content/uploads/2020/12/ 21 KB
22 KB 136ms
127ms Image
image/png 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2020/12/Screen-Shot-2020-12-11-at-3.54.00-PM-1-70x120.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: 424e6bf81a3ceba825ca878b65b6ffef9511de435e37e9a77e876f2d45c9d9fc

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:09:15 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 167109
x-cache: Hit from cloudfront
content-length: 21506
x-gateway-cache-status: MISS
x-gateway-request-id: 810210a03b9540fbce0d8418aa2b32b6
last-modified: Fri, 11 Dec 2020 21:07:31 GMT
server: Pagely-ARES/1.8.4
etag: "5402-5b636ae3f758b"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1613569457.893||https|www.newberryobserver.com||/wp-content/uploads/2020/12/Screen-Shot-2020-12-11-at-3.54.00-PM-1-70x120.png
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: gIIljd461xSA6hw6tGT7gC8roqnpeqbdytbvRxZdDcFjrNGnUUIFAQ==
expires: Fri, 19 Mar 2021 21:09:15 GMT

GET
H2 200 VeteransDayCoverArt-80x80.png
s24514.pcdn.co/wp-content/uploads/2020/11/ 8 KB
9 KB 138ms
130ms Image
image/png 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2020/11/VeteransDayCoverArt-80x80.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 240b5109b8e3d16998bedf57759b4a2632c38f924a40ac42a86c60f0db397b5c

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 15:46:06 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 964098
x-cache: Hit from cloudfront
content-length: 8301
x-gateway-cache-status: MISS
x-gateway-request-id: 04769a7be3c2b68665ba2451c80e3561
last-modified: Tue, 03 Nov 2020 16:41:31 GMT
server: Pagely-ARES/1.8.2
etag: "206d-5b33688fccb76"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2020/11/VeteransDayCoverArt-80x80.png
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: fKEsPDpypTv9mG6os6UEtZ-skiyoCeQoq946GdjQfhX5sqJ92Dtx9A==
expires: Wed, 10 Mar 2021 15:46:06 GMT

GET
H2 200 Screen-Shot-2020-10-07-at-3.00.18-PM-80x80.png
s24514.pcdn.co/wp-content/uploads/2020/10/ 13 KB
13 KB 137ms
129ms Image
image/png 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2020/10/Screen-Shot-2020-10-07-at-3.00.18-PM-80x80.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.4 /
Resource Hash: d702ce72f77b99bd5f2b16545adf7a4901f418442feddcdc59223328ec490e78

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 23:39:04 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 417320
x-cache: Hit from cloudfront
content-length: 12822
x-gateway-cache-status: MISS
x-gateway-request-id: c204b48c314312326edd56142ce9ef56
last-modified: Wed, 07 Oct 2020 19:00:34 GMT
server: Pagely-ARES/1.8.4
etag: "3216-5b1195488ed83"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2020/10/Screen-Shot-2020-10-07-at-3.00.18-PM-80x80.png
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: nFIe3am2BCIikYMpwOKPK4SRZG1STZSE9McLTycOMYz-YC7zTpeOJw==
expires: Tue, 16 Mar 2021 23:39:04 GMT

GET
H/1.1 200
OK default Show response
widget.eviesays.com/newberryobserver/ 470 B
985 B 896ms
213ms Script
application/javascript 104.42.152.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.eviesays.com/newberryobserver/default
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.42.152.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 989bdd02e27c64b740e3e53ef4030b498cf9e5cae1709d80bd7c0956ec7ca23a

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public,max-age=259200
Transfer-Encoding: chunked

GET
H2 200 widgey-dug.php Show response
japfg-trending-content.appspot.com/ 6 KB
2 KB 470ms
440ms Script
text/html 2a00:1450:4001:828::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.appspot.com/widgey-dug.php?s=10190&v=1&q=3&i=1
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 70f1f7a4f140dd5eec0ad8efd5a29abfeb7873df9574f54434cb28706a9bce68

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:24 GMT
via: 1.1 google
server: nginx
content-encoding: gzip
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK latest.jpg
site1.midtcweb.com/ecore/newberry/ 43 KB
43 KB 609ms
137ms Image
image/jpeg 68.71.161.21
MI-CONNECTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site1.midtcweb.com/ecore/newberry/latest.jpg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.161.21 Salisbury, United States, ASN27264 (MI-CONNECTION, US),
Reverse DNS: sub-68-71-161-21.mi-connection.com
Software: Apache/2.4.6 /
Resource Hash: 5a6e046aaf7fe9ee29dcd2fb96c4a7b46b170ef8a8aa8df1bfda7d53f4202505

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:24 GMT
Last-Modified: Wed, 17 Feb 2021 07:07:36 GMT
Server: Apache/2.4.6
ETag: "ab9d-5bb82dfab497d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43933

GET
H2 200 launch.js Show response
oap.accuweather.com/ 17 KB
6 KB 144ms
45ms Script
application/javascript 184.25.114.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oap.accuweather.com/launch.js
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.114.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-114-71.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:24 GMT
content-encoding: gzip
etag: "8513a708788d21:0"
last-modified: Thu, 16 Feb 2017 19:04:02 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v02
accept-ranges: bytes
content-length: 6333

GET
H2 200 corona-300.png
s24514.pcdn.co/wp-content/uploads/2020/03/ 57 KB
57 KB 138ms
132ms Image
image/png 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2020/03/corona-300.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: a7c3d46c165a16eb81692c2a4b402177c3ebc537e0e35508f3c63eb17a731676

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 09:58:16 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 812168
x-cache: Hit from cloudfront
content-length: 57940
x-gateway-cache-status: MISS
x-gateway-request-id: d1ff5eb8fc8125598090228b2c330b64
last-modified: Thu, 12 Mar 2020 16:22:15 GMT
server: Pagely-ARES/1.8.2
etag: "e254-5a0aac187d9aa"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2020/03/corona-300.png
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: A2jvj622qkv9Yjm9Keyhs75ZpLwrZBNcExuCYdxNcqo7L6FVwf8z4w==
expires: Fri, 12 Mar 2021 09:58:16 GMT

GET
H/1.1 200
OK popular_threads_widget.js Show response
disqus.com/forums/newberryobserver/ 1 KB
2 KB 228ms
133ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/forums/newberryobserver/popular_threads_widget.js?num_items=3&num_days=5

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0607c15048f053045027629a02c3ba6c94fa6625e53ebcda178663a7912849b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:24 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 346
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=3600, public, max-age=600
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1090
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
www.civicscience.com/widget/jspoll/ 826 B
615 B 413ms
139ms Script
text/javascript 54.81.50.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/jspoll/?elt=8531a1a3-eecf-ac14-2546-bee4ffca09a5&tgtid=b3c5cbc8-c419-b874-7d88-9efe80324325
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.50.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-50-0.compute-1.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: 169f4e45724d3711d66777e80470ba8169bfb0d532e1d058a52873948826bf93

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:24 GMT
content-encoding: gzip
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 champwhite-300x81.png
s24514.pcdn.co/wp-content/uploads/2018/02/ 11 KB
11 KB 137ms
130ms Image
image/png 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s24514.pcdn.co/wp-content/uploads/2018/02/champwhite-300x81.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: e608186ccd6f03a2090d48b81d18a6223e88864c418a39a06e7f57ca218c7e5f

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:20:50 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
age: 728014
x-cache: Hit from cloudfront
content-length: 11166
x-gateway-cache-status: MISS
x-gateway-request-id: 34ea989f89f85a1571f18983e1b05f23
last-modified: Tue, 27 Feb 2018 17:02:25 GMT
server: Pagely-ARES/1.8.2
etag: "2b9e-566349741f8c1"
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/uploads/2018/02/champwhite-300x81.png
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: VWqZy_qFPhws8Ly2ZlPJest9NQ5xXhATA-ZPdCNn2qVm17mUG0Ninw==
expires: Sat, 13 Mar 2021 09:20:50 GMT

GET
H2 200 asyncjs.php Show response
championads.midtc.com/www/delivery/ 10 KB
4 KB 2123ms
2089ms Script
text/javascript 2606:4700:3030::6815:5795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://championads.midtc.com/www/delivery/asyncjs.php
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: f3e0214aac1dbbb663368cddd84a7518e680b031fb1b54bc672c66e7992bc8b7

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ej5n5HZJHHZVoR%2BBnudW%2FszPokYN6wVkffmZTZmVgFfRDBaxaj25vKWilF0zyVDAs5XsWfnVsfp9oTg9F8TajJcnJw5UD8qhyAVV77%2BiofhQ3950bU6TJFFWfa5qoUAoljo%3D"}],"max_age":604800,"group":"cf-nel"}
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
cf-ray: 62426cd15c950605-FRA
expire: Fri, 19 Feb 2021 20:34:26 GMT
cf-request-id: 085d6256dc000006055f306000000001

GET
H2 200 wp-embed.min.js Show response
s24514.pcdn.co/wp-includes/js/ 1 KB
1 KB 70ms
56ms Script
application/javascript 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-includes/js/wp-embed.min.js?ver=5.3.5
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:42:46 GMT
content-encoding: gzip
age: 1331498
x-cache: Hit from cloudfront
content-length: 740
x-gateway-cache-status: MISS
x-gateway-request-id: 8b6f846f7c2434c6fdc9e0ba102c7f6b
last-modified: Mon, 02 Nov 2020 14:17:35 GMT
server: Pagely-ARES/1.8.2
etag: "577-5b320685ffdc0-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-includes/js/wp-embed.min.js?ver=5.3.5
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: dYLvIbVuh1FkjKOqd9XLF-_i-RqByfxuSWL87iUYOJJeTJEcA10Owg==
expires: Sat, 06 Mar 2021 09:42:46 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newberryobserver.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 22:00:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 164025
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 17 Feb 2022 22:00:39 GMT

GET
H2 200 fontawesome-webfont.woff2
s24514.pcdn.co/wp-content/themes/mh-magazine/fonts/ 75 KB
76 KB 192ms
79ms Font
application/octet-stream 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s24514.pcdn.co/wp-content/themes/mh-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: s24514.pcdn.co
URL: https://s24514.pcdn.co/wp-content/themes/mh-magazine/includes/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: Pagely-ARES/1.8.2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.newberryobserver.com
Referer: https://s24514.pcdn.co/wp-content/themes/mh-magazine/includes/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 03:32:41 GMT
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
age: 1094503
x-cache: Hit from cloudfront
content-length: 77160
x-gateway-cache-status: MISS
x-gateway-skip-cache: 0
x-gateway-request-id: ffb7ab6a22f55e94bb6a566b7df0e224
last-modified: Mon, 26 Feb 2018 23:22:41 GMT
server: Pagely-ARES/1.8.2
etag: "12d68-56625c9604eb9"
access-control-allow-methods: GET, HEAD, OPTIONS
x-gateway-cache-key: 1603809563.831||https|www.newberryobserver.com||/wp-content/themes/mh-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: zJkydNDbBlE0rUii9C1ndvrfI8o6E1yDQk2jRquqdcSgyrNSXK7p6g==
expires: Tue, 09 Mar 2021 03:32:41 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newberryobserver.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 85978
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 91 KB
35 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JSJKTT

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22cb44e80058b5fc7c366957e1445e8753c8e3cc2f4ed5536a5211ba99f1d695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36159
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 19:34:24 GMT

GET
H2 200 sprite_icons_6dc7d94.png
www.justapinch.com/images/ 22 KB
22 KB 305ms
49ms Image
image/png 130.211.10.17
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.10.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:34:29 GMT
via: 1.1 google
last-modified: Mon, 16 Nov 2020 22:18:11 GMT
server: nginx
age: 86395
x-who: gcloud-web-4
cache-control: max-age=31536000,public
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 22292
expires: Fri, 18 Feb 2022 19:34:29 GMT

GET
H2 200 3lirXx4uZ54oSKrZ_Li1Lf4gCHgAdnqqEztYj3Xrin1QLqBhVbFu4tBeO-hxrRDC99FEYM9l3AhtHR0ZSl4cv3EwRF5FkGF5RWGvf_s=w350-l75
lh3.googleusercontent.com/ 25 KB
25 KB 33ms
7ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/3lirXx4uZ54oSKrZ_Li1Lf4gCHgAdnqqEztYj3Xrin1QLqBhVbFu4tBeO-hxrRDC99FEYM9l3AhtHR0ZSl4cv3EwRF5FkGF5RWGvf_s=w350-l75

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a1ece2165264e723d5a07841f03c821fb29f4d729205be587eb349e835070578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:18:48 GMT
x-content-type-options: nosniff
age: 936
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25617
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 Feb 2021 15:16:13 GMT

GET
H2 200 yWkdtSRDDE2ojGSabq1ZHICGyw9tIocmLRxLjMdCTfmZ3kaOvl3-P0p9DPUDoye3P9Mp2frpN9Lq-_noR8Cp8e6t-OxXpXfDm2azBA=w350-l75
lh3.googleusercontent.com/ 11 KB
12 KB 44ms
19ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/yWkdtSRDDE2ojGSabq1ZHICGyw9tIocmLRxLjMdCTfmZ3kaOvl3-P0p9DPUDoye3P9Mp2frpN9Lq-_noR8Cp8e6t-OxXpXfDm2azBA=w350-l75

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8081a29f9e4f45ef5df5f7cda4825bbcdf8862c9a357b7d8aa0c572285d9af7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:24 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11758
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 Feb 2021 15:30:11 GMT

GET
H2 200 vQMaEgJoYuMXZzruoHYpNnfSZa5cKs7eG3qYd87jtDdWxblSzRLjQ9xkfz8JiygpQ0mjMoxTgtc-3iUFMRcPvhyiNr3UfoFg37KnAibHOvpOlvlIVNVNDg=w350-l75
lh3.googleusercontent.com/ 13 KB
13 KB 38ms
13ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/vQMaEgJoYuMXZzruoHYpNnfSZa5cKs7eG3qYd87jtDdWxblSzRLjQ9xkfz8JiygpQ0mjMoxTgtc-3iUFMRcPvhyiNr3UfoFg37KnAibHOvpOlvlIVNVNDg=w350-l75

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9bcca56ebb5351a2594acd38219d75de7a74cf7a8bb284e4aea1d4e16219a646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 17:11:33 GMT
x-content-type-options: nosniff
age: 8571
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13330
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Feb 2021 01:10:35 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
vortex.accuweather.com/adc2010/oap/javascript/ 90 KB
33 KB 48ms
46ms Script
application/javascript 184.25.114.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Requested by: Host: oap.accuweather.com
URL: https://oap.accuweather.com/launch.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.114.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-114-71.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:24 GMT
content-encoding: gzip
etag: "aad455d39b55ce1:0"
last-modified: Mon, 20 May 2013 20:51:39 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 33817

GET
H2 200 zd_w_s_loading.css
60a6ae725fca.bitsngo.net/content/ 907 B
664 B 26ms
6ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/zd_w_s_loading.css?ver=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E8A) / ASP.NET
Resource Hash: df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "01f41c84ba0d51:0"
last-modified: Thu, 21 Nov 2019 09:12:22 GMT
server: ECAcc (frc/8E8A)
age: 70001
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 470

GET
H2 200 jquery.tap.min.js Show response
60a6ae725fca.bitsngo.net/common-scripts/ 2 KB
1 KB 36ms
17ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/common-scripts/jquery.tap.min.js
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FFE) / ASP.NET
Resource Hash: 3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "01f41c84ba0d51:0"
last-modified: Thu, 21 Nov 2019 09:12:22 GMT
server: ECAcc (frc/8FFE)
age: 799648
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1130

GET
H2 200 zoomd.widget.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 37 KB
13 KB 30ms
12ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F63) / ASP.NET
Resource Hash: c6f46763929a528524f8959d2610cc96250cc9f19c2de2341392ffa69d2e87e3

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "07b1fe224fed61:0"
last-modified: Mon, 08 Feb 2021 14:15:42 GMT
server: ECAcc (frc/8F63)
age: 70001
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 12700

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 29ms
9ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: widget.eviesays.com
URL: https://widget.eviesays.com/newberryobserver/default
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF7) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 123649
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (frc/8FF7)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dde9bba8-601e-00db-0fd6-053e30000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 uuid.min.js Show response
cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/ 2 KB
1 KB 13ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/uuid.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 159063
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1095
cf-request-id: 085d625a6600003248e0b81000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gaF7dw0JUE%2FghxfJ7HsUtLSokM1GaywXG%2BaJMUVQACCTF4cm43AqbOFAqxUl2tgE0Y9bxk6Q7eQl3ArXAZS5f%2FW7w%2Bg5wsCD09F0lQ%2BDG7nrgwM8pFWnC00%2BPF9kf1qfdA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62426cd70b1c3248-FRA
expires: Wed, 09 Feb 2022 19:34:25 GMT

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 54 KB
18 KB 901ms
214ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9868&callback=jsonp1613764024614
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6334b681906b84fde6d68dda415a22d65d9dbeb2eb240ba7e2796a3556b4d77c

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

GET
H2 200 zoomd.widget.logger.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 9 KB
4 KB 8ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.logger.min.js?ver=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5D) / ASP.NET
Resource Hash: c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "07b1fe224fed61:0"
last-modified: Mon, 08 Feb 2021 14:15:42 GMT
server: ECAcc (frc/8F5D)
age: 70000
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 4105

GET
H2 200 zoomd_pixels_midtc_newberryobserver.js Show response
prod-ps-cdn-us1.azureedge.net/content/pixels/ 7 KB
7 KB 418ms
378ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-ps-cdn-us1.azureedge.net/content/pixels/zoomd_pixels_midtc_newberryobserver.js?userId=87561c05-e071-4c6a-b67a-bb4c2ddd77f3
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8c128d9df3fd9fb9985fe0cb7e6cf1766237fdef557669ae81efb4a06eb21a33

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 19 Feb 2021 19:34:25 GMT
last-modified: Sun, 09 Feb 2020 11:35:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: azpp63ylOH0NXdH095i+1Q==
etag: "0x8D7AD543B9E5E0E"
content-type: application/javascript
x-ms-request-id: c525c2e1-c01e-0073-75f6-063e3b000000
x-ms-version: 2014-02-14
accept-ranges: bytes
content-length: 7290
x-ms-lease-state: available

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 226 B
955 B 238ms
85ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: s24514.pcdn.co
URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eae009aef71917f1857c64256a5384b801b63281ea1fbde0021cde35ae1f4972

Request headers

Accept: */*
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Feb 2021 19:34:25 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 326

GET
H2 200 ads.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 287 B
425 B 9ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ads.js?ver=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF4) / ASP.NET
Resource Hash: e041f6c64bb2fc0751d41969321230ed7bab0f30313c665b6728bc97ca22981f

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "0559940f922d61:0"
last-modified: Tue, 05 May 2020 16:21:38 GMT
server: ECAcc (frc/8FF4)
age: 70000
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 328

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
988 B 42ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 19:09:06 GMT
server: ESF
date: Fri, 19 Feb 2021 19:34:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 19:34:25 GMT

GET
H3-Q050 200 icon
fonts.googleapis.com/ 574 B
392 B 43ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56a1f3f1d9126dc75234aa77231107d7bea8e11bd4ad988ab48b3b9e8f3da49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 19:34:25 GMT
server: ESF
date: Fri, 19 Feb 2021 19:34:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 19:34:25 GMT

GET
H2 200 masonry.pkgd.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 25 KB
10 KB 9ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/masonry.pkgd.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDC) / ASP.NET
Resource Hash: b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "01f41c84ba0d51:0"
last-modified: Thu, 21 Nov 2019 09:12:22 GMT
server: ECAcc (frc/8FDC)
age: 799649
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 10202

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 9ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: s24514.pcdn.co
URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 5442

GET
H2 200 core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/ 86 KB
25 KB 14ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/core.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1978600
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25572
cf-request-id: 085d625a9600003248b4210000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-156f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fdip8mXSyZl4bTGGcWYrr7bHC7eBX8gbfnb%2BuYeoAreMmeY62YFuiZ7I4x9zTsS3mTlEV0itoXFdfp%2FSa1UWeZceNB865fpSBtft0ngKXpG%2BFi2omiSDSNx6074%2FdJqNwA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62426cd75b623248-FRA
expires: Wed, 09 Feb 2022 19:34:25 GMT

GET
H2 200 zoomd.widget.externalcontent.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 15 KB
6 KB 7ms
6ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zoomd.widget.externalcontent.loader.min.js?ver=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FEE) / ASP.NET
Resource Hash: 34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "02fe4e624fed61:0"
last-modified: Mon, 08 Feb 2021 14:15:50 GMT
server: ECAcc (frc/8FEE)
age: 70000
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6259

GET
H2 200 jquery.dfp.min.js Show response
60a6ae725fca.bitsngo.net//common-scripts/ 7 KB
3 KB 7ms
7ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net//common-scripts/jquery.dfp.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E93) / ASP.NET
Resource Hash: 9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "02fe4e624fed61:0"
last-modified: Mon, 08 Feb 2021 14:15:50 GMT
server: ECAcc (frc/8E93)
age: 799649
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 3225

GET
H2 200 zd_top.searches.css
60a6ae725fca.bitsngo.net/Content/3.0/widget-css/ 16 KB
3 KB 11ms
10ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/Content/3.0/widget-css/zd_top.searches.css?ver=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F55) / ASP.NET
Resource Hash: 176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "01f41c84ba0d51:0"
last-modified: Thu, 21 Nov 2019 09:12:22 GMT
server: ECAcc (frc/8F55)
age: 70000
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 2799

GET
H2 200 zd_top.searches.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 17 KB
7 KB 10ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zd_top.searches.min.js?ver=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E97) / ASP.NET
Resource Hash: 1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "0d581e424fed61:0"
last-modified: Mon, 08 Feb 2021 14:15:46 GMT
server: ECAcc (frc/8E97)
age: 70000
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6909

GET
H2 200 zoomd.widget.externalcontent.widget.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 3 KB
1 KB 11ms
10ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zoomd.widget.externalcontent.widget.min.js?ver=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F2B) / ASP.NET
Resource Hash: 4a0c1c66ba2c7ac51b7949bfe8f1c44311a7335bed29af026822eee58fff3d6a

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "0d581e424fed61:0"
last-modified: Mon, 08 Feb 2021 14:15:46 GMT
server: ECAcc (frc/8F2B)
age: 69844
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1245

GET
H2 200 zoomd.widget.autoComplete.css
60a6ae725fca.bitsngo.net/Content/4.0/css/ 1 KB
663 B 7ms
6ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/Content/4.0/css/zoomd.widget.autoComplete.css?v=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F48) / ASP.NET
Resource Hash: a896ec0ca2781fb235e8c898d4d8032d75cecee0622bf36ca4f33d16fe759c71

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "01f41c84ba0d51:0"
last-modified: Thu, 21 Nov 2019 09:12:22 GMT
server: ECAcc (frc/8F48)
age: 69999
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 587

GET
H2 200 zoomd.widget.autoComplete.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.autoComplete.min.js?v=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F99) / ASP.NET
Resource Hash: 85ab38b614037e10ad547593cc3442b86e8c2cc8e76c6a0a60e20a8c0c1a8df1

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "02b3e524fed61:0"
last-modified: Mon, 08 Feb 2021 14:15:48 GMT
server: ECAcc (frc/8F99)
age: 69998
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1727

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 226 B
955 B 218ms
61ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: s24514.pcdn.co
URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eae009aef71917f1857c64256a5384b801b63281ea1fbde0021cde35ae1f4972

Request headers

Accept: */*
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Feb 2021 19:34:24 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 326

GET
H/1.1 200
OK MultipleTopSearch Show response
zdwidget3-bs.sphereup.com/ 265 B
638 B 57ms
56ms Script
text/javascript 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/MultipleTopSearch?callback=jQuery112406234465931727744_1613763264179&clientId=81286763&url=https%3A%2F%2Fwww.newberryobserver.com%2F&query=&title=&loader=false&containerType=SR1&overrideActions=true&targetUrl=https%3A%2F%2Fwww.newberryobserver.com%2F&_=1613763264180
Requested by: Host: s24514.pcdn.co
URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 849b08e1b699c27d4fd2d75ff1777427a6bb4f87e4cae3c2bcda8ae882cdebca

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Content-Type: text/javascript; charset=utf-8
Content-Length: 256
Expires: -1

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 226 B
952 B 194ms
50ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: s24514.pcdn.co
URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 02ab19a52b62ddee291f3d0e87e0427a9edbfa3dbbc58d665dd11e34eb643ce3

Request headers

Accept: */*
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Feb 2021 19:34:25 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 323

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 226 B
952 B 198ms
54ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: s24514.pcdn.co
URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 02ab19a52b62ddee291f3d0e87e0427a9edbfa3dbbc58d665dd11e34eb643ce3

Request headers

Accept: */*
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Feb 2021 19:34:25 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 323

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 226 B
955 B 195ms
52ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: s24514.pcdn.co
URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eae009aef71917f1857c64256a5384b801b63281ea1fbde0021cde35ae1f4972

Request headers

Accept: */*
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Feb 2021 19:34:25 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 326

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 226 B
955 B 209ms
60ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: s24514.pcdn.co
URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eae009aef71917f1857c64256a5384b801b63281ea1fbde0021cde35ae1f4972

Request headers

Accept: */*
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Feb 2021 19:34:24 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 326

GET
H2 200 runtime.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/runtime.js?v=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FD3) / ASP.NET
Resource Hash: 14b72277d720e24f0a940a07cb3d2ffdc9660f24da0a6de7d68a955edba1bd30

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "0cbf5be26fed61:0"
last-modified: Mon, 08 Feb 2021 14:29:02 GMT
server: ECAcc (frc/8FD3)
age: 69997
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1983

GET
H2 200 vendor.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 519 KB
180 KB 6ms
6ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/vendor.js?v=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDA) / ASP.NET
Resource Hash: 7c8bd046dc907d355b80c3ac3369fbb5291c85c6406531a653a12cc7b57a8d45

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "0cbf5be26fed61:0"
last-modified: Mon, 08 Feb 2021 14:29:02 GMT
server: ECAcc (frc/8FDA)
age: 69997
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 183667

GET
H2 200 main.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 78 KB
25 KB 9ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/main.js?v=4.0.v20210208021526.041037
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F18) / ASP.NET
Resource Hash: 08a24e4201f556bf1d56c0cbba8fd27028c85171b13b401362bf38a7be153e03

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: gzip
etag: "0cbf5be26fed61:0"
last-modified: Mon, 08 Feb 2021 14:29:02 GMT
server: ECAcc (frc/8F18)
age: 69997
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 25486

GET
H2 200 zone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/ 43 KB
13 KB 12ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=81286763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 300367
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12870
cf-request-id: 085d625b2c00003248d137f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04044-ac73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r2kmoFOtZvPggSm4i2OKEmoznxfNpmm%2B7EV0%2FWXHNuwRU4htwTp9oK02e%2B44YzGBFWA39wHAeOyy1lWIVFJusDCMCIJAbuFuNR%2BJfQQpGkWGVWHratTzU5tvd0lr5DWtUQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62426cd84c233248-FRA
expires: Wed, 09 Feb 2022 19:34:25 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 560ms
136ms Other 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.newberryobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 19 Feb 2021 19:34:25 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 565ms
140ms Other 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.newberryobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 19 Feb 2021 19:34:25 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 570ms
140ms Other 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.newberryobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 19 Feb 2021 19:34:25 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 572ms
140ms Other 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.newberryobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 19 Feb 2021 19:34:25 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 572ms
140ms Other 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.newberryobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 19 Feb 2021 19:34:25 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 577ms
140ms Other 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.newberryobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 19 Feb 2021 19:34:24 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
319 B 154ms
153ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=JY%2BsnfqtqCR0uPxO9hCIbygTeVKmlAPT2YXpZ1TtEr4%3D&se=1613766181&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: pageView
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
clientId: "81286763"

Response headers

Access-Control-Allow-Origin: https://www.newberryobserver.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 19 Feb 2021 19:34:25 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
319 B 143ms
143ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=JY%2BsnfqtqCR0uPxO9hCIbygTeVKmlAPT2YXpZ1TtEr4%3D&se=1613766181&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: DFPLoaded
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
clientId: "81286763"

Response headers

Access-Control-Allow-Origin: https://www.newberryobserver.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 19 Feb 2021 19:34:25 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
319 B 166ms
166ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=JY%2BsnfqtqCR0uPxO9hCIbygTeVKmlAPT2YXpZ1TtEr4%3D&se=1613766181&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TSrequested
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
clientId: "81286763"

Response headers

Access-Control-Allow-Origin: https://www.newberryobserver.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 19 Feb 2021 19:34:25 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
319 B 153ms
153ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=JY%2BsnfqtqCR0uPxO9hCIbygTeVKmlAPT2YXpZ1TtEr4%3D&se=1613766181&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: AdRequest
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
clientId: "81286763"

Response headers

Access-Control-Allow-Origin: https://www.newberryobserver.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 19 Feb 2021 19:34:25 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
319 B 149ms
149ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=JY%2BsnfqtqCR0uPxO9hCIbygTeVKmlAPT2YXpZ1TtEr4%3D&se=1613766181&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: AdRequest
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
clientId: "81286763"

Response headers

Access-Control-Allow-Origin: https://www.newberryobserver.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 19 Feb 2021 19:34:25 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
319 B 148ms
147ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=JY%2BsnfqtqCR0uPxO9hCIbygTeVKmlAPT2YXpZ1TtEr4%3D&se=1613766181&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: AdRequest
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
clientId: "81286763"

Response headers

Access-Control-Allow-Origin: https://www.newberryobserver.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 19 Feb 2021 19:34:25 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H3-Q050

200

activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108 Show response
8993311.fls.doubleclick.net/ Frame 2A09
Redirect Chain

https://8993311.fls.doubleclick.net/activityi;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108?
https://8993311.fls.doubleclick.net/activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125....

510 B
986 B

128ms
75ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8993311.fls.doubleclick.net/activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108?

Requested by

Host: prod-ps-cdn-us1.azureedge.net
URL: https://prod-ps-cdn-us1.azureedge.net/content/pixels/zoomd_pixels_midtc_newberryobserver.js?userId=87561c05-e071-4c6a-b67a-bb4c2ddd77f3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

c68c882fd2be64369d4dd908b560f59e55d8c0fe28232e88979ea5aeee587c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8993311.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newberryobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newberryobserver.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Feb 2021 19:34:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 392
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 19:49:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Feb 2021 19:34:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8993311.fls.doubleclick.net/activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK loggly.tracker-latest.min.js Show response
cloudfront.loggly.com/js/ 2 KB
2 KB 192ms
61ms Script
application/javascript 65.9.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudfront.loggly.com/js/loggly.tracker-latest.min.js
Requested by: Host: prod-ps-cdn-us1.azureedge.net
URL: https://prod-ps-cdn-us1.azureedge.net/content/pixels/zoomd_pixels_midtc_newberryobserver.js?userId=87561c05-e071-4c6a-b67a-bb4c2ddd77f3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1002227cd334b24988575ff8435e9ddade75e2ca588d8db606734c32078faae9

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:45:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Aug 2018 19:01:30 GMT
Server: AmazonS3
Age: 78526
ETag: W/"2d9ac826364ca72009c24c76c4a288d3"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: H9hAWhpYTcv20MI-hkBJ7Ol1c8xa28zBTr5AXgPYGI5-uUPGIgYSpg==

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 149ms
46ms Script
application/javascript 65.9.96.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: prod-ps-cdn-us1.azureedge.net
URL: https://prod-ps-cdn-us1.azureedge.net/content/pixels/zoomd_pixels_midtc_newberryobserver.js?userId=87561c05-e071-4c6a-b67a-bb4c2ddd77f3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:22:12 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2015 00:00:00 GMT
server: nginx/1.18.0
age: 734
etag: "55a5a280-672"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: PRG50-C1
content-length: 1650
x-amz-cf-id: P11vpSy1L3wFGMHtUT1qqNs3sezDleUalq_RH7w7fDueVOTUmJMMxw==
expires: Fri, 19 Feb 2021 20:22:11 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
271 B 47ms
45ms Image
image/x-icon 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 03:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56724
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 20 Feb 2021 03:49:01 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 140ms
46ms Image
image/svg+xml 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:25 GMT
last-modified: Sun, 24 Jan 2021 10:53:38 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1611486005.542646"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sun, 21 Mar 2021 19:34:25 GMT

POST
H/1.1 200
OK jslogger Show response
logs-01.loggly.com/inputs/b30ca557-8461-40a5-a26c-a41635db1700/tag/ 19 B
293 B 516ms
128ms XHR
text/html 54.236.68.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logs-01.loggly.com/inputs/b30ca557-8461-40a5-a26c-a41635db1700/tag/jslogger
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.68.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-68-122.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Feb 2021 19:34:26 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
Content-Length: 19
Content-Type: text/html

POST
H/1.1 200
OK jslogger Show response
logs-01.loggly.com/inputs/b30ca557-8461-40a5-a26c-a41635db1700/tag/ 19 B
293 B 532ms
133ms XHR
text/html 54.236.68.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logs-01.loggly.com/inputs/b30ca557-8461-40a5-a26c-a41635db1700/tag/jslogger
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.68.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-68-122.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Feb 2021 19:34:26 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
Content-Length: 19
Content-Type: text/html

POST
H/1.1 200
OK jslogger Show response
logs-01.loggly.com/inputs/b30ca557-8461-40a5-a26c-a41635db1700/tag/ 19 B
293 B 555ms
145ms XHR
text/html 54.236.68.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logs-01.loggly.com/inputs/b30ca557-8461-40a5-a26c-a41635db1700/tag/jslogger
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.68.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-68-122.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Feb 2021 19:34:26 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
Content-Length: 19
Content-Type: text/html

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=http... Frame 1CED 509 B
624 B 41ms
41ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https://www.newberryobserver.com/

Requested by

Host: 8993311.fls.doubleclick.net
URL: https://8993311.fls.doubleclick.net/activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b46dcfb1658be8c9c2a409fc01b1dd3f3e118fd1b065ef8c26e7abadc633f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https://www.newberryobserver.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8993311.fls.doubleclick.net/activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108?
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://8993311.fls.doubleclick.net/activityi;dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108?

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Feb 2021 19:34:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 391
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https... Frame C6DD 194 B
391 B 43ms
43ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https://www.newberryobserver.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https://www.newberryobserver.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https://www.newberryobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://adservice.google.com/ddm/fls/i/dc_pre=CInM0NHY9u4CFaBYFQgds5MFCg;src=8993311;type=invmedia;cat=zoomd00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=371806635125.9108;~oref=https://www.newberryobserver.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Feb 2021 19:34:25 GMT
expires: Fri, 19 Feb 2021 19:34:25 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 2 KB
988 B 12ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 164341
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
cf-request-id: 085d625e0b000032489fba7000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NqC3ERlYoT8%2F6iU8l2Eu159KtNzyNDUgwDkoSK1TL3glIJMQ99rpxBJFPPjph%2FqE04fzuy%2BMUhFpf%2BFKLAIsMzlP1bzfcxIvxwNMb%2B0Wjln3g992m2%2BlHxuHY4tashqcxA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62426cdcd8333248-FRA
expires: Wed, 09 Feb 2022 19:34:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6194
date: Fri, 19 Feb 2021 17:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Feb 2021 19:51:12 GMT

GET
H2 200 one.js Show response
csp.azureedge.net/cdn/OneCol/ 138 KB
61 KB 37ms
7ms Script
application/javascript 2a02:26f0:64::210:6b83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6b83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 19:34:05 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d6a717f8899c62"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 61870

GET
H2 200 css
fonts.googleapis.com/ 4 KB
739 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 19:19:33 GMT
server: ESF
date: Fri, 19 Feb 2021 19:34:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 19:34:26 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-36655742-6&cid=1323161849.1613763266&jid=717999524&gjid=696454739&_gid=1558628026.1613763266&_u=aGDAgAABCAAAAE~&z=814260071

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 19:34:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.newberryobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK aee7d56b-1bff-4170-82e6-df2819cf5434.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 102 KB
102 KB 856ms
235ms Image
image/png 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/aee7d56b-1bff-4170-82e6-df2819cf5434.medium.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 14c94d87ad9419933f4228364be4f0cf04df672c4d439bbbea0c6f6159aac0b1

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Wed, 08 Aug 2018 10:22:41 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: tW+Eh3mTNsoP2kU9MMGqHw==
ETag: 0x8D5FD18DF6EACC4
Content-Type: image/png
x-ms-request-id: d36d3393-e01e-00ad-47f6-069a8e000000
x-ms-version: 2009-09-19
Content-Length: 104530

GET
H/1.1 200
OK ab1eff2b-ada3-47a3-954a-7517dfbf58d5.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 19 KB
19 KB 854ms
232ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ab1eff2b-ada3-47a3-954a-7517dfbf58d5.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d9159e57830834aa8980301715f20ba811c7db59858f0d723121fa55cbaee661

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Thu, 06 Dec 2018 15:25:35 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: hM77IXGmbMPn/FqsMUO/XA==
ETag: 0x8D65B8F11F9BA6A
Content-Type: image/jpeg
x-ms-request-id: 3c357435-001e-00c1-76f6-06315d000000
x-ms-version: 2009-09-19
Content-Length: 19093

GET
H/1.1 200
OK f97cfb2e-a6c7-4848-9a5a-894c6045e708.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 9 KB
9 KB 849ms
228ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/f97cfb2e-a6c7-4848-9a5a-894c6045e708.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c149b2bc25d35879177fa17e1e803be6c72de4225abb6fb896dfc7165cc7edf9

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Wed, 23 Oct 2019 15:31:47 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 721bE06MJzmAxd6JqsMmtA==
ETag: 0x8D757CE1DE6D451
Content-Type: image/jpeg
x-ms-request-id: 9c7b4150-701e-012f-1bf6-067d8b000000
x-ms-version: 2009-09-19
Content-Length: 9291

GET
H/1.1 200
OK fd0d1f7f-e243-44fc-b4ca-f4cc3f00bfdd.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 6 KB
7 KB 859ms
229ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/fd0d1f7f-e243-44fc-b4ca-f4cc3f00bfdd.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9b37d896f5f9cca9a11587291dcd67f690d58ad2bbe626442c4fe48bf695269f

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Sat, 26 Dec 2020 05:06:44 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: gSa5WbggmIiZvqmxsqjVfg==
ETag: 0x8D8A95C09FA45A3
Content-Type: image/jpeg
x-ms-request-id: c15e44bd-601e-007b-70f6-06d154000000
x-ms-version: 2009-09-19
Content-Length: 6381

GET
H/1.1 200
OK de71a611-e452-4dea-8d9f-fef095c9d394.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 6 KB
7 KB 853ms
223ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/de71a611-e452-4dea-8d9f-fef095c9d394.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 302027b67c5cc7c409bb733a911078a229fa65863532c2cb583416a36acdc70c

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Tue, 17 Nov 2020 15:52:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: PUWH1c4vbgnrirAdawuTGg==
ETag: 0x8D88B10C89043AC
Content-Type: image/jpeg
x-ms-request-id: 79ff4273-701e-00a3-3ef6-067685000000
x-ms-version: 2009-09-19
Content-Length: 6610

GET
H/1.1 200
OK 1fa40c11-a3a4-4b74-8cc3-1639c35e5beb.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 7 KB
7 KB 850ms
220ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1fa40c11-a3a4-4b74-8cc3-1639c35e5beb.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 347bf7a3c2f3a3b61466990baaac628f2157cd052cfb523e8cfb0326b0c7cdd2

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Sat, 26 Dec 2020 05:06:44 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: VbPQZnG8T3YuZnt9IjIx2A==
ETag: 0x8D8A95C0A54FFFD
Content-Type: image/jpeg
x-ms-request-id: f387352c-b01e-0110-1df6-06ca57000000
x-ms-version: 2009-09-19
Content-Length: 6929

GET
H/1.1 200
OK 63743c58-a54e-468c-b1cd-3ecc9d89514b.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 16 KB
16 KB 231ms
230ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/63743c58-a54e-468c-b1cd-3ecc9d89514b.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1250a278feee9084d3c814ce3808644a342e6d12e3d3ecb7402b6e5b9fffdaf2

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:27 GMT
Last-Modified: Mon, 21 Dec 2020 11:41:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: hAj7s2GuSWgzsQEs4ihWvg==
ETag: 0x8D8A5A5577812BC
Content-Type: image/jpeg
x-ms-request-id: 9c7b41a3-701e-012f-5ef6-067d8b000000
x-ms-version: 2009-09-19
Content-Length: 15925

GET
H/1.1 200
OK 4b5896ea-48d8-42db-8861-b49b18587f9b.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 24 KB
24 KB 240ms
238ms Image
image/png 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/4b5896ea-48d8-42db-8861-b49b18587f9b.medium.PNG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1e18e33a4e0b8f9c6e990abebfa907ba6f61462089879da45721c6754755f41a

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:27 GMT
Last-Modified: Sat, 17 Oct 2020 01:12:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: W7gw8dI6gEJIVLO/OPDFow==
ETag: 0x8D87239BE25E2C2
Content-Type: image/png
x-ms-request-id: 79ff42ae-701e-00a3-76f6-067685000000
x-ms-version: 2009-09-19
Content-Length: 24621

GET
H/1.1 200
OK 48521064-a26a-4839-a6f4-bd6687cc9dfb.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 13 KB
13 KB 232ms
231ms Image
image/png 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/48521064-a26a-4839-a6f4-bd6687cc9dfb.medium.PNG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6ae5bcaa265c0f6c53c141699fe00aa71938366b643dca027d9487372ab71b4a

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Fri, 08 Jan 2021 18:27:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ieYDB+wAAY53fQ0fEPxhBw==
ETag: 0x8D8B4030727D743
Content-Type: image/png
x-ms-request-id: 3c357455-001e-00c1-13f6-06315d000000
x-ms-version: 2009-09-19
Content-Length: 13165

GET
H/1.1 200
OK 64dc2b3b-79ad-4c8d-a137-5d8f9a51954e.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 55 KB
55 KB 223ms
222ms Image
image/png 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/64dc2b3b-79ad-4c8d-a137-5d8f9a51954e.medium.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ed09d2d86d29a8b868651c98a99f17b51a9396cda048c1bab65c5755e9d40a6f

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Sun, 21 Sep 2014 06:15:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: qYMwA+YR1hChB3IR/Hz23w==
ETag: 0x8D1A37A924B4D30
Content-Type: image/png
x-ms-request-id: f3873560-b01e-0110-49f6-06ca57000000
x-ms-version: 2009-09-19
Content-Length: 55910

GET
H/1.1 200
OK 270c9fa8-a488-4fb6-8b34-96ce88730e71.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 7 KB
8 KB 226ms
226ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/270c9fa8-a488-4fb6-8b34-96ce88730e71.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ca93ea0da1bfb74e6f4f2b042f8c2add5ac5c52a883e0d30136a59f1b0713cc9

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Thu, 02 Jul 2020 04:03:56 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: oZTvLcHszGTligva1QhOPA==
ETag: 0x8D81E3CF146664C
Content-Type: image/jpeg
x-ms-request-id: c15e44e2-601e-007b-11f6-06d154000000
x-ms-version: 2009-09-19
Content-Length: 7360

GET
H/1.1 200
OK 519da914-883f-42b8-adf3-e4ea01bd4cac.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 6 KB
6 KB 223ms
222ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/519da914-883f-42b8-adf3-e4ea01bd4cac.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c5ed576c9cd7778e4feb15809637cd9d484479b96543169feb94b1b33332a837

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:27 GMT
Last-Modified: Thu, 21 Jan 2021 09:32:46 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: /hEvS0WbIFdwxKv1zCtvmQ==
ETag: 0x8D8BDEF83229BC7
Content-Type: image/jpeg
x-ms-request-id: 9c7b41e9-701e-012f-20f6-067d8b000000
x-ms-version: 2009-09-19
Content-Length: 5948

GET
H/1.1 200
OK b98d8632-bd50-429f-a4c7-6929024015b5.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 7 KB
8 KB 240ms
239ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/b98d8632-bd50-429f-a4c7-6929024015b5.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 62c1be65d5ea3c79c344010bf6f275ed8826dfa8f5080e5d705b91ac7b6e6581

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:27 GMT
Last-Modified: Sat, 26 Dec 2020 15:10:51 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Bq2F7vj27cG8Q0iuLQmTNg==
ETag: 0x8D8A9B06F3D72F5
Content-Type: image/jpeg
x-ms-request-id: 3c357476-001e-00c1-30f6-06315d000000
x-ms-version: 2009-09-19
Content-Length: 7556

GET
H/1.1 200
OK 8eac5b28-6a65-4c04-87d5-a0102e38bd19.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 15 KB
15 KB 259ms
258ms Image
image/png 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/8eac5b28-6a65-4c04-87d5-a0102e38bd19.medium.PNG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dafbda62ac729d761f52186429fe2b2e930a1fa0503518b2f875fb273f3795e4

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Fri, 08 Jan 2021 18:27:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: NCK4BrBne+ERrdiLrhMChQ==
ETag: 0x8D8B40309387106
Content-Type: image/png
x-ms-request-id: c15e44f5-601e-007b-21f6-06d154000000
x-ms-version: 2009-09-19
Content-Length: 15109

GET
H/1.1 200
OK 70604e41-b2e1-4acc-bab6-8adb4ae011a5.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 6 KB
7 KB 238ms
237ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/70604e41-b2e1-4acc-bab6-8adb4ae011a5.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ffd24b5f60e021d290ff8baee2241efbcb800390226583b4db2c33d7b296f868

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:27 GMT
Last-Modified: Sat, 26 Dec 2020 05:06:45 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ZpocrMTEzSQXBN+56OhVJg==
ETag: 0x8D8A95C0AA3F66B
Content-Type: image/jpeg
x-ms-request-id: 79ff42e0-701e-00a3-21f6-067685000000
x-ms-version: 2009-09-19
Content-Length: 6591

GET
H/1.1 200
OK 53e73eeb-9cca-47b3-bae3-f85e69455277.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 7 KB
8 KB 224ms
223ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/53e73eeb-9cca-47b3-bae3-f85e69455277.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e85de17444159ce149f4e83c94641075f6306d5669d24922a807db130d00532a

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Sat, 26 Dec 2020 05:06:45 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: W5+YO2Olvl+cI4yLOmuMpg==
ETag: 0x8D8A95C0AF3622D
Content-Type: image/jpeg
x-ms-request-id: d36d33cb-e01e-00ad-78f6-069a8e000000
x-ms-version: 2009-09-19
Content-Length: 7412

GET
H/1.1 200
OK 563c04cc-3f82-4dc0-ac47-0af9bce3a72e.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 7 KB
8 KB 240ms
239ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/563c04cc-3f82-4dc0-ac47-0af9bce3a72e.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6d4d2960dfdec2b2465650fd9e955cc23f6e6a2323775494b5f37bfbd97d416d

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Sat, 26 Dec 2020 05:06:46 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: D15LRIwkV2VRnJIKa/0fpQ==
ETag: 0x8D8A95C0B42CDE6
Content-Type: image/jpeg
x-ms-request-id: f3873599-b01e-0110-78f6-06ca57000000
x-ms-version: 2009-09-19
Content-Length: 7580

GET
H/1.1 200
OK f28a3e16-559d-426a-895a-f61951224af8.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 15 KB
16 KB 229ms
228ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/f28a3e16-559d-426a-895a-f61951224af8.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7de1a9315366ed1263f37503eebabebec6d276406f8acd782570f784ec3dc205

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:27 GMT
Last-Modified: Sun, 03 Jan 2021 15:17:57 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: pTn+0NULbVt6Bj5SqAeFbQ==
ETag: 0x8D8AFFAC04BFC93
Content-Type: image/jpeg
x-ms-request-id: 9c7b422e-701e-012f-60f6-067d8b000000
x-ms-version: 2009-09-19
Content-Length: 15696

GET
H/1.1 200
OK 35206a96-eb57-4d82-851b-7579d84c62b5.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 6 KB
7 KB 226ms
226ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/35206a96-eb57-4d82-851b-7579d84c62b5.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2db73dd598b2313176c1dd6d0b247cf0371bde66d364d38f58c61a4727c11fe0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:27 GMT
Last-Modified: Mon, 11 Jan 2021 09:38:58 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: X1fyio1phDhVw4D6wNIyCA==
ETag: 0x8D8B614B85BD9E0
Content-Type: image/jpeg
x-ms-request-id: 3c357497-001e-00c1-4bf6-06315d000000
x-ms-version: 2009-09-19
Content-Length: 6299

GET
H/1.1 200
OK 3f36bd3c-6917-49fe-a591-84e2cbbef1eb.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 14 KB
15 KB 234ms
233ms Image
image/png 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/3f36bd3c-6917-49fe-a591-84e2cbbef1eb.medium.PNG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 84e1f066a3838323edc680a59434ae87fa80e0e2b69a4a1c78e9560b2b23e640

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:27 GMT
Last-Modified: Fri, 15 Jan 2021 03:10:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: lScH65RhPJZKLuyuvx9aOw==
ETag: 0x8D8B90319B5EA5F
Content-Type: image/png
x-ms-request-id: 79ff430b-701e-00a3-43f6-067685000000
x-ms-version: 2009-09-19
Content-Length: 14843

GET
H/1.1 200
OK 940eb276-5f9d-44ab-be74-eb2adba1f1dd.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 6 KB
6 KB 226ms
226ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/940eb276-5f9d-44ab-be74-eb2adba1f1dd.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7a94ee06744b31bbcf82836f06b46be8800bd7ca92e1f8d3c6b0327472c128c4

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:27 GMT
Last-Modified: Mon, 11 Jan 2021 09:38:58 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 4ck8/Yh+nd8ASijJLczxSA==
ETag: 0x8D8B614B8A9545E
Content-Type: image/jpeg
x-ms-request-id: c15e4527-601e-007b-51f6-06d154000000
x-ms-version: 2009-09-19
Content-Length: 6227

GET
H/1.1 200
OK 85826b53-24b5-4100-bee1-0e6a6a86cd76.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 6 KB
6 KB 218ms
218ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/85826b53-24b5-4100-bee1-0e6a6a86cd76.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d87228bf6aa3f598dc0cec253140b3420bd30d907afc29ec965a3337279f9949

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Wed, 10 Feb 2021 17:33:16 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: DC2sK7QpxDU5OcYfoyH2TQ==
ETag: 0x8D8CDE9F36A1628
Content-Type: image/jpeg
x-ms-request-id: d36d33dc-e01e-00ad-07f6-069a8e000000
x-ms-version: 2009-09-19
Content-Length: 6027

GET
H/1.1 200
OK b91246e1-3e88-48b8-ad76-981f407ae4cb.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 6 KB
6 KB 213ms
213ms Image
image/jpeg 13.88.145.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/b91246e1-3e88-48b8-ad76-981f407ae4cb.medium.JPG
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 34bb508f2907886afc76204909656970e4b0174e6c0b95dd95374409aa9fd55b

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 19 Feb 2021 19:34:26 GMT
Last-Modified: Sun, 29 Dec 2019 06:27:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: +LRz/6J8vqJkjaRBYcx/0Q==
ETag: 0x8D78C28289164FE
Content-Type: image/jpeg
x-ms-request-id: f38735b7-b01e-0110-0ff6-06ca57000000
x-ms-version: 2009-09-19
Content-Length: 5812

GET
H2 200 collect
www.google-analytics.com/ 35 B
131 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=715964273&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newberryobserver.com%2F&dp=%2Fwidget%2Fnewberryobserver%2F9868%2FUpcoming%20Events%2F2a3128a5929a5982a%2F&ul=en-us&de=UTF-8&dt=Newberry%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAABC~&jid=717999524&gjid=696454739&cid=1323161849.1613763266&tid=UA-36655742-6&sf=5&_gid=1558628026.1613763266&z=358186535

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 17:20:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 60a6ae725fca.bitsngo.net
URL: https://60a6ae725fca.bitsngo.net//common-scripts/jquery.dfp.min.js?v=4.0.v201807040945

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26203f7d0fd2d8e79c7f5f217378fe7eb4bf7dbf736d226b588ce06c20d816d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "789 / 198 of 1000 / last-modified: 1613736841"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19451
x-xss-protection: 0
expires: Fri, 19 Feb 2021 19:34:26 GMT

GET
H2 200 pubads_impl_2021021601.js Show response
securepubads.g.doubleclick.net/gpt/ 291 KB
102 KB 53ms
51ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

94107238a1097b66d59ded9c22a26e793aaa854e8bd4f555e704aa23acb6b959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 09:41:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104204
x-xss-protection: 0
expires: Fri, 19 Feb 2021 19:34:26 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1548
date: Fri, 19 Feb 2021 19:08:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 19 Feb 2021 21:08:38 GMT

POST
H/1.1 200
OK jslogger Show response
logs-01.loggly.com/inputs/b30ca557-8461-40a5-a26c-a41635db1700/tag/ 19 B
293 B 155ms
154ms XHR
text/html 54.236.68.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logs-01.loggly.com/inputs/b30ca557-8461-40a5-a26c-a41635db1700/tag/jslogger
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.68.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-68-122.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Feb 2021 19:34:26 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
Content-Length: 19
Content-Type: text/html

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 226 B
955 B 54ms
54ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eae009aef71917f1857c64256a5384b801b63281ea1fbde0021cde35ae1f4972

Request headers

Accept: */*
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Feb 2021 19:34:25 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 326

GET
H2 200 widgets-20170109.css
vortex.accuweather.com/adc2010/oap/stylesheets/ 112 KB
14 KB 47ms
47ms Stylesheet
text/css 184.25.114.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/stylesheets/widgets-20170109.css
Requested by: Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.114.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-114-71.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: gzip
etag: "43ca979bc36ad21:0"
last-modified: Mon, 09 Jan 2017 21:59:10 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
servername: origin-v02
accept-ranges: bytes
content-length: 13968

GET
H2 200 current Show response
www.accuweather.com/ajax-service/oap/ 3 KB
4 KB 206ms
204ms Script
text/javascript 184.25.114.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.accuweather.com/ajax-service/oap/current?callback=jQuery191049659602437080874_1613763264731&uid=awcc1460129762895&locationkey=335474&unit=f&language=en-us&useip=false&partner=civitas&targeturl=https%3A%2F%2Fnewberryobserver.com%2Fweather&css=&_=1613763264732

Requested by

Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.25.114.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-114-71.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a4b5e4f3682eb43f5707cba4329a9a4e32bc25f4be667da890925699d6f2c69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
server-timing: cdn-cache; desc=MISS, edge; dur=14, origin; dur=140
servername: gweb-v02
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 1019

GET
H2 200 asyncspc.php Show response
championads.midtc.com/www/delivery/ 1 KB
1 KB 1189ms
1188ms XHR
application/json 2606:4700:3030::6815:5795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://championads.midtc.com/www/delivery/asyncspc.php?zones=183%7C307&prefix=revive-0-&loc=https%3A%2F%2Fwww.newberryobserver.com%2F
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 61a3687a4955043a26fec76b5801136a6e02ac763dede3139ce2608d47bd5521

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
p3p: CP="CUR ADM OUR NOR STA NID"
cf-request-id: 085d625f33000006058702b000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zLI5OhWExjHnw%2BxE0Hp8W1aMt8aBqOs%2BItTLtW4iX8%2FypNPi%2FdUfruR2tlEsFrBhpbRCm0plIhsNxtQgGrYNtFhCKho6Uu%2FxOmqg58KGdH6aNzfOFWe0xQS%2FiguBNrC2ci8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json
access-control-allow-origin: https://www.newberryobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 62426cdebc560605-FRA
expires: 0

GET
H2 200 ahmpb-1.0-min.js Show response
www.justapinch.com/static/js/ 226 KB
72 KB 46ms
46ms Script
application/javascript 130.211.10.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.10.211.130.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cbed18e97d7c679ffb50034dcf0a26b0b527651ff5ce3c242c0df5de5b285fca

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 23:51:17 GMT
content-encoding: gzip
age: 70989
x-guploader-uploadid: ABg5-Uy1yH5f8ol0pbvzK4RzpkYgXWOOkVY2AM5TKt-_5Sa3UqAgnbOwXs785daszbksNHuWrV1ohrqawLsIpU5BDRQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 72958
last-modified: Thu, 23 May 2019 04:12:04 GMT
server: UploadServer
etag: "d5faab7c659dc1391fe6796b384f5e83"
vary: Accept-Encoding
x-goog-hash: crc32c=2fp8IA==, md5=1fqrfGWdwTkf5nlrOE9egw==
content-language: en
x-goog-generation: 1558584724412802
cache-control: public, max-age=86400
x-goog-stored-content-length: 72958
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 19 Feb 2021 23:51:17 GMT

GET
H2

200

csw-polyfills.js Show response
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain

https://www.civicscience.com/jspoll/5/csw-polyfills.js
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

111 KB
35 KB

32ms
6ms

Script
application/javascript

2600:9000:206f:5c00:f:c7b3:ce40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5c00:f:c7b3:ce40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cd1c9251fb27cc4b163855c9ce76478a5fa8c2b96e9324ef24fa30e4ec82523

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:10:20 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 21:10:04 GMT
server: AmazonS3
age: 80647
etag: W/"3b35c0d750d52436157fe33017fc0f32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: VvJG_VsLLAOtLkUGJDV-rJb7ILKuGL7h8n5qj9AJqG8td-uIBXbcRQ==

Redirect headers

location: https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date: Fri, 19 Feb 2021 19:34:26 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

GET
H3-Q050

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=382581849&utmhn=www.newberryobserver.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6686294-4&cid=941903050.1613763266&jid=240779539&_v=5.7.2&z=382581849

35 B
412 B

33ms
17ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6686294-4&cid=941903050.1613763266&jid=240779539&_v=5.7.2&z=382581849

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 19:34:26 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:26 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6686294-4&cid=941903050.1613763266&jid=240779539&_v=5.7.2&z=382581849
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 367
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 139ms
139ms Other 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.newberryobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 19 Feb 2021 19:34:26 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
319 B 148ms
147ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=JY%2BsnfqtqCR0uPxO9hCIbygTeVKmlAPT2YXpZ1TtEr4%3D&se=1613766181&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TopSearchesPath-not-found-on-page
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
clientId: "81286763"

Response headers

Access-Control-Allow-Origin: https://www.newberryobserver.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 19 Feb 2021 19:34:26 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H2 200 / Show response
liqwid.net/ 104 KB
46 KB 879ms
521ms Script
text/javascript 148.66.196.157
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://liqwid.net/?key=2B69-A3AA-AFFC-D516&u=https%3A%2F%2Fwww.newberryobserver.com%2F&d=1613763266389&v=
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.66.196.157 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e1dbc962ce3e82944ed7959bb8da88e84564f697154af6d055d142880fafd94b

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: gzip
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 46705
pragma: no-cache
server: Microsoft-IIS/10.0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: -1

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 44ms
44ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newberryobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 45ms
44ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newberryobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 498 B
973 B 141ms
91ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2281379030521863&correlator=2871325556943148&output=ldjh&impl=fifs&eid=21068530%2C21068773%2C21068891%2C21069823%2C31060193&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210219&iu_parts=42020482%2Ctimesleader.com_InArticle_970x250_970x90_728x90_Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=clientId%3D81286763&cust_params=UrlHost%3Dwww.newberryobserver.com%26UrlPath%3D%252F%26UrlQuery%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1613763266&dt=1613763266439&dlt=1613763263914&idt=2503&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=4120&adks=417125578&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newberryobserver.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1080x4132&msz=970x250&ga_vid=941903050.1613763266&ga_sid=1613763266&ga_hid=715964273&ga_fc=true&fws=0&ohw=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

98b3d6237e5cc54c65ceb64f2896a46a48ebfe7826ebce57c9c92b0703c523d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newberryobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5c43e71528bcec9eea4c6e482ddcd085.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 50ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5c43e71528bcec9eea4c6e482ddcd085.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 168ms
69ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1b5d7d576e4772e55efadc4fd31fb4cec3c80a1c51454536b2ae6f515c635eef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:26 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: 75139432-9ceb-4a81-a093-b38542f3891c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newberryobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 96 B
769 B 226ms
106ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.16.0-pre
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 9281c965686a7df046b4721d48bd24f0a50a990b43ab58b72685a6244a529a97

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 19 Feb 2021 19:34:25 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
465 B 423ms
321ms XHR
application/json 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=573092&v=7.2&r=%7B%22id%22%3A%2258b4e8591513d9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226ba1ee1203d1f%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22573092%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newberryobserver.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2b4cacf5f78150174f14b68b40a41d4c3e6251d708b236a3b1919aeb614209c7

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newberryobserver.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44
Expires: Fri, 19 Feb 2021 19:34:26 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 30 B
628 B 214ms
53ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F281191609%2Ftrx_champion%7C8051789b65b767%22%3A%22300x250%22%7D&ref=https%3A%2F%2Fwww.newberryobserver.com%2F&s=b2b68177-b141-4bcd-ae16-6ddd69b3041a&pv=75ba1ee7-0671-4ea2-bcf3-4462cccefa9f&vp=desktop&lib_name=prebid&lib_v=2.16.0-pre&us=5&ius=1&

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:26 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.newberryobserver.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 30
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=12a08719761612f;misc=1613763266504; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5208675/0/0/ 47 B
273 B 411ms
391ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5208675/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=12a08719761612f;misc=1613763266504;
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: cd550dc178abe2cad62b71d6224b65b017402a1a685eec1f63ed65529103eb2b

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:26 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.newberryobserver.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 jot
www.civicscience.com/ 0
0 398ms
133ms Fetch
text/plain 54.81.50.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1985492564.3443302967&n=0&s=poll&t=created&d=%7B%22target%22%3A%221696%22%2C%22instance%22%3A%228531a1a3-eecf-ac14-2546-bee4ffca09a5%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.newberryobserver.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A729%2C%22cy%22%3A1306%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.50.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-50-0.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 bootstrap Show response
www.civicscience.com/widget/api/2/ 297 B
397 B 147ms
146ms Script
text/javascript 54.81.50.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/bootstrap?target=1696&instance=8531a1a3-eecf-ac14-2546-bee4ffca09a5&context=%2F%2Fwww.newberryobserver.com&mv=5&_=1613763266555&callback=jsonp_1613763266555_92077
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.50.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-50-0.compute-1.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: 995c226ed14fcaee45eabf21834bec4d68e9f620a6dc6bf24eb28fa0f80d1833

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
content-encoding: gzip
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 07-xl.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 35 KB
36 KB 48ms
47ms Image
image/png 184.25.114.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/07-xl.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.114.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-114-71.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6f1c3f7105f5f92d49b7e0102a29617d715788ac9e882bb0fe1ceefffa64a67b

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
last-modified: Fri, 22 Jan 2010 17:09:50 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "083d0b4859bca1:0"
content-type: image/png
cache-control: max-age=31536000
servername: origin-v01
accept-ranges: bytes
content-length: 36111

GET
H2 200 icon-get-widget-blue.png
vortex.accuweather.com/adc2010/oap/images/ 1 KB
1 KB 56ms
55ms Image
image/png 184.25.114.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/oap/images/icon-get-widget-blue.png
Requested by: Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/stylesheets/widgets-20170109.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.114.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-114-71.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8ae54aefc607778dc3907fb07fb0dd871d70dd258abd89ca0d6259669073d647

Request headers

Referer: https://vortex.accuweather.com/adc2010/oap/stylesheets/widgets-20170109.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
last-modified: Mon, 15 Jul 2013 17:50:46 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "6c7b86d58381ce1:0"
content-type: image/png
cache-control: max-age=86400
servername: origin-v02
accept-ranges: bytes
content-length: 1111

GET
H2 200 07-l.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 21 KB
21 KB 48ms
47ms Image
image/png 184.25.114.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/07-l.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.114.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-114-71.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b45520392561c2702165d686be5a2cbdb5fafa7328a60a941b8fc29089c56632

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
last-modified: Fri, 22 Jan 2010 17:09:52 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "0b01b6859bca1:0"
content-type: image/png
cache-control: max-age=31536000
servername: origin-v01
accept-ranges: bytes
content-length: 21512

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
397 B 42ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=715964273&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newberryobserver.com%2F&dp=%2Foap-weather-widgets%2Fcurrent&ul=en-us&de=UTF-8&dt=Newberry%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=257048724.941903050.1613763266.1613763266.1613763266.1&_utmz=257048724.1613763266.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1613763266592&_u=YQBCAEABCAAAAC~&jid=1685666492&gjid=305131635&cid=941903050.1613763266&tid=UA-31945348-1&_gid=1104888966.1613763267&_r=1&_slc=1&cd1=OAP_Weather_Widgets&cd2=www-newberryobserver-com&cd3=civitas&cd4=OAP_Widget_current&cd5=1&z=1952578349

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newberryobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 213ms
212ms Other 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.newberryobserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 19 Feb 2021 19:34:25 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
319 B 145ms
145ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=JY%2BsnfqtqCR0uPxO9hCIbygTeVKmlAPT2YXpZ1TtEr4%3D&se=1613766181&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: AdNoFill
Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
clientId: "81286763"

Response headers

Access-Control-Allow-Origin: https://www.newberryobserver.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 19 Feb 2021 19:34:25 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-31945348-1&cid=941903050.1613763266&jid=1685666492&gjid=305131635&_gid=1104888966.1613763267&_u=YQBCAEAACAAAAC~&z=2120577039

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 19:34:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.newberryobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-31945348-1&cid=941903050.1613763266&jid=1685666492&_u=YQBCAEAACAAAAC~&z=1360711034

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-31945348-1&cid=941903050.1613763266&jid=1685666492&_u=YQBCAEAACAAAAC~&z=1360711034

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 target Show response
www.civicscience.com/widget/api/2/ 0
98 B 135ms
135ms Script
text/plain 54.81.50.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/target?target=1696&instance=8531a1a3-eecf-ac14-2546-bee4ffca09a5&context=%2F%2Fwww.newberryobserver.com&mv=5&_=1613763266706&callback=jsonp_1613763266706_24935
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.50.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-50-0.compute-1.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:26 GMT
x-powered-by: PHP/7.2.34
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 89 KB
35 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PBK8KQH

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0d6084a8e594226fa0f4d8833f058bc844ed900dda131abdc1ecde567f58cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35976
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 19:34:27 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 30 B
540 B 56ms
55ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F281191609%2Fcityspark_champion%7C2d9168d42025b2%22%3A%22300x250%22%7D&ref=https%3A%2F%2Fwww.newberryobserver.com%2F&s=80b7976c-04ea-4d3a-a869-66aaadb9dd60&pv=73bd2f86-d3fb-4376-9025-5413ac85c132&vp=desktop&lib_name=prebid&lib_v=2.16.0-pre&us=5&ius=1&

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:27 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.newberryobserver.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 30
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 81ms
81ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0eeb7cb28ce41e88b552a9050b6083baca48cd2ac7c29b3f0a4fbe6d6e9d9c2d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:27 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid: eedf9950-568d-416b-9478-781ce6ffac96
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newberryobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
465 B 155ms
154ms XHR
application/json 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=359592&v=7.2&r=%7B%22id%22%3A%225c75793d95e3fa%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226dd40cc86a0db%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22359592%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newberryobserver.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9a6c83733b92d0fbf3a864527c5db3327ccf90f459ccb05040e4cf2fbcc1050a

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newberryobserver.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44
Expires: Fri, 19 Feb 2021 19:34:27 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=114f927a02ce243;misc=1613763267252; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ 47 B
103 B 428ms
427ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=114f927a02ce243;misc=1613763267252;
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 49f6d69f23a00b2cf82d9d3000cc1661795e57b061f8c566579d40d0bd945718

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:27 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.newberryobserver.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 96 B
766 B 107ms
107ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.16.0-pre
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: a10759b64045261d0e290e3735b608903e4f67a2b98b0a5cbacc056a3b4a3c90

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 19 Feb 2021 19:34:27 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H2 200 440f2a0fec664f11ad555313ffc6761f.png
championads.midtc.com/www/images/ 13 KB
13 KB 12ms
11ms Image
image/png 2606:4700:3030::6815:5795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://championads.midtc.com/www/images/440f2a0fec664f11ad555313ffc6761f.png
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0619085a147e08ed6f4ca7b734f145d742ab39a7ae702f6730607feb25a97573

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4572
content-length: 13310
cf-request-id: 085d6263db000006058f010000000001
last-modified: Wed, 11 Jul 2018 13:59:47 GMT
server: cloudflare
etag: "421767-33fe-570b9a8cfbac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fylY6zfyk22J0N9sXCnLFAs7%2F6R%2FaIV3NPgrjxTyK0EHaSHJLKVB8iRgPKcOE6JvQo5XglEk1h%2Bxw%2Ft7mDB0W1Q2KOo39UJR4j6Jxl%2FY0qjM9UAPuUSMdCd1fE1IRoyMGFk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62426ce62fd90605-FRA

GET
H2 200 lg.php
championads.midtc.com/www/delivery/ 43 B
457 B 999ms
998ms Image
image/gif 2606:4700:3030::6815:5795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://championads.midtc.com/www/delivery/lg.php?bannerid=4201&campaignid=2938&zoneid=183&loc=https%3A%2F%2Fwww.newberryobserver.com%2F&cb=03dc7e729c
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
p3p: CP="CUR ADM OUR NOR STA NID"
cf-request-id: 085d6263db0000060568162000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wOywzdV9VNdNPOU1Igpwct9lrX7azB2peNfGuLrE6H3h4M21VWzTnHeACZePut%2B9fv42BNRtDi5LUxDzjLAYvmlJ%2FG5OtFnmWOQJ1S3Zuen1DRGUYPiIqm2B9a333EZnN6M%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 62426ce62fdb0605-FRA
expires: 0

GET
H2 200 lg.php
championads.midtc.com/www/delivery/ 43 B
358 B 1020ms
1020ms Image
image/gif 2606:4700:3030::6815:5795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://championads.midtc.com/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=307&loc=https%3A%2F%2Fwww.newberryobserver.com%2F&cb=663c9051f7
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
p3p: CP="CUR ADM OUR NOR STA NID"
cf-request-id: 085d6263db0000060562b15000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j%2B%2FhmyaXBQ%2F7MSHv%2FyI9GAixhrEwlU7aF5Pea9n0eB4OyNn9zEyK0Z9Uvb7FjNUp71%2Bo0yp6N%2FeasW33M79luXJAJ498Bjwi2g6ddlVWclezxrL3zk6VsnHNJIiHGKH6p9k%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 62426ce62fde0605-FRA
expires: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
13 KB 167ms
167ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2281379030521863&correlator=2871325556943148&output=ldjh&impl=fifs&adsid=NT&eid=21068530%2C21068773%2C21068891%2C21069823%2C31060193&vrg=2021021601&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210219&iu_parts=281191609%2Ctrx_champion%2Ccityspark_champion&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&prev_scp=slotName%3Dldgr1%26pubDom%3Dnewberryobserver.com%26frstlk%3Dtrue%7Cfrstlk%3Dtrue&cust_params=UrlHost%3Dwww.newberryobserver.com%26UrlPath%3D%252F%26UrlQuery%3D&cookie=ID%3D51fa7d8f022aaeb4-22df84de87ba00e5%3AT%3D1613763266%3AS%3DALNI_MZCcO6bgtihUPghNFI-YGgrVh4m9g&bc=31&abxe=1&lmt=1613763268&dt=1613763268284&dlt=1613763263914&idt=2503&frm=20&biw=1600&bih=1200&oid=3&adxs=285%2C474&adys=3845%2C2896&adks=2422702209%2C4160680359&ucis=2%7C3&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newberryobserver.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=678x250%7C300x-1&msz=300x-1%7C300x-1&ga_vid=941903050.1613763266&ga_sid=1613763266&ga_hid=715964273&ga_fc=true&fws=4%2C4&ohw=678%2C300

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

f3015911cbcfb4adbf5f0cdf849cb27287b482b41b54a824c9e5df6e87f2eb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13393
x-xss-protection: 0
google-lineitem-id: 5358640239,5441091079
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138312173978,138318927591
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newberryobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B028 0
0 77ms
76ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhO6L2g82hb-BlzdAr1PUBtfMdodQvkLcw9Q4qdzJYY6952E9T8RyKjVQzWCM0Fbq8btFMGGHo-MStmSL1TuegQHPpFbzrUG2XW26LLjdcDjeS24pf5yOrhYptJiGnj64eSYe5dHKW4C9cHWVObMEBt2Ed9u-MaTxqwNNm068G669bnNU0i56a-utJ0Ep0nEqh5dB-894u6Y5dtCKVA5VfcfG6s_fChLR0nw1u93e2xyqYN59U67srKXCMB1Xq7mDZNYt9-siWbQS9SbCjC0-o7y2_tS2lPfIje5XS2EYG1snf9-yAKgyKdA95&sig=Cg0ArKJSzGX9ybAKdOkWEAE&adurl=

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 19:34:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame B028 18 KB
7 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 19:04:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame B028 3 KB
2 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 19:04:15 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B028 107 KB
33 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565156040306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Fri, 19 Feb 2021 19:34:28 GMT

GET
H3-Q050 200 8823315140148465268
tpc.googlesyndication.com/simgad/ Frame B028 158 KB
158 KB 35ms
22ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8823315140148465268

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d23a583a99dbd2bf52b3350f5c70fd39679162ded5e5eb9213caa7c2f5ada745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 20:22:03 GMT
x-content-type-options: nosniff
age: 515545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161683
x-xss-protection: 0
last-modified: Thu, 21 May 2020 14:44:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Feb 2022 20:22:03 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8847 0
0 77ms
76ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXYkCmIkj6OWnQJrCOVcome32muaMcxuU4Xm70WzO7Br0Oddon-l53EDxdpzzZacgj1yv117_71S8g9uJctGTW0bSN3AU1i5rgzl-BObrWAKXLBzrMKg4ishPYFyWjDgXGn7otzvV53F67Ql1Xiwo4mrQdwTVF7__AsGCWgMGJpwIdZ9gxfZGAu-S5U889kEG6G2GHK2ba7JNjsFVzHNkBeq2_qH35cWaj-fADqQIWWWvXnOVr6swmEZqnujZ-SxQYsSMqodj1xqILl9m_THT2a6J4Ztr_tvLFIOJjmvMND2VfUrqNokFRbCM9wIjcbo67&sig=Cg0ArKJSzMcV3me7sQh_EAE&adurl=

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 19:34:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 8847 18 KB
8 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 19:04:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 8847 3 KB
2 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 19:04:15 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8847 107 KB
33 KB 35ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565156040306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Fri, 19 Feb 2021 19:34:28 GMT

GET
H3-Q050 200 14600285525930961583
tpc.googlesyndication.com/simgad/ Frame 8847 927 B
1 KB 28ms
22ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14600285525930961583

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

553e52f9338aefdc47bbb0cd43415aa04843c6b76b7f99557d6353926ba1add8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 13:59:53 GMT
x-content-type-options: nosniff
age: 365675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 927
x-xss-protection: 0
last-modified: Thu, 09 Apr 2020 17:00:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:59:53 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021601.js?31060193

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565174175677"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Fri, 19 Feb 2021 19:34:28 GMT

GET
DATA 200
OK truncated
/ Frame 8847 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c3b56d05a8a8860f8569cdf2e01f461357e4fa9ebc6a56e80d673bc07de3b03

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B028 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6700d6201e8b577caf7652259a00a13d90d0c97b21a0dcd74b61453b69c30774

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8847 0
0 142ms
92ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukCP_rNOEciiLd3piuxvqUk32J9suCtayL1BDWni_1ALi0EGXXFDIALGmo2AMSDjRS4djA3eD09HRoAXcqP34jq3uoCKBYbqD-QFeLE3tRYIsTzr0-QpTR3PzbzSuND9yqVJfqz6nnBrPyMD9F7e1HNch73I8zwy_AbNyaW3s7O6TT3Ep_CXrnaixhD4-stmmRjRgV-wx7yP9FWI50yjfoRcfA0mL7lbrFtEfpuz8CNyJnZOStYrBaMvFnPbzVrlI4DMKw87W_r5oynRM9LW2LSCDK4dATcY_toX0xhGeWMfEj3a4dacpB_gduWtB4Uh6dErM&sig=Cg0ArKJSzBqkeeGHRc_yEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 19:34:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Feb 2021 19:34:28 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B028 0
0 137ms
91ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdSvhzStkXPo1QgvU9XUe82NMUl3cwUo4YntYGvG0itYHormOoR6DSkMpoB5H6r0a9MvkF0lqJV-390Cl3qaJTZ-4ljdpKBe4cyczllH4TTF7lpqDT1tNF1sLrC0kwS4IzoouVhzya1NI0U1mLdKOQVzekk2xbdxXVPfBa-rRedsVmKguT1XKVW6BL4gNGiT9LJpD-yNClqTQg0tdMba9C-xLgF4T3R6XnK8x4OhOM2fVaEOKIl1Szj6_grpn9k-wCUSh5HyqJNmvVLOpd3YEJWh0umP-y15C_RWGz0q2pwRCUx3YiFi0xRfCC13Y&sig=Cg0ArKJSzMkjeX_6AWgVEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 19:34:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Feb 2021 19:34:28 GMT

GET
H2 200 nr-1198.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 132ms
44ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1198.min.js
Requested by: Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:28 GMT
content-encoding: gzip
x-amz-request-id: 6G7N8SBZFWDP9P9M
x-cache: HIT
content-length: 10682
x-amz-id-2: 0UGCO4Mhlfex45xXj/8DAFadaQ6I71xHRyRaRgwDh98IVodQV5SoRghdxpscDq1FfJKXoBas7qw=
x-served-by: cache-hhn4073-HHN
last-modified: Fri, 29 Jan 2021 19:19:08 GMT
server: AmazonS3
x-timer: S1613763269.753415,VS0,VE0
etag: "59c98195ba35e0b45cbe2e5beebd1ac8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 13600

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
21ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021601&st=env

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14946d7cd065a371fa776c33c682cc2c8527f007f7ec18b00f95339291bfe438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 19:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6426
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Feb 2021 19:34:28 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 0369 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: www.newberryobserver.com
URL: https://www.newberryobserver.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newberryobserver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newberryobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Feb 2021 17:33:18 GMT
expires: Sat, 19 Feb 2022 17:33:18 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7270
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
pagead2.googlesyndication.com/bg/ Frame 0369 14 KB
7 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 128428
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:54:00 GMT

GET
H/1.1 200
OK 62f380209b Show response
bam-cell.nr-data.net/1/ 57 B
646 B 315ms
198ms Script
text/javascript 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/62f380209b?a=309219100&v=1198.fe6ec20&to=ZlNUNxdQWhZTWk0KWl8ZdwARWFsLHU1cDkVdV0IGSFlbCFdJWARQ&rst=5799&ck=1&ref=https://www.newberryobserver.com/&ap=220&be=930&fe=5651&dc=3318&perf=%7B%22timing%22:%7B%22of%22:1613763262993,%22n%22:0,%22f%22:680,%22dn%22:680,%22dne%22:680,%22c%22:680,%22ce%22:680,%22rq%22:689,%22rp%22:919,%22rpe%22:920,%22dl%22:921,%22di%22:3317,%22ds%22:3317,%22de%22:3361,%22dc%22:5651,%22l%22:5651,%22le%22:5661%7D,%22navigation%22:%7B%7D%7D&fp=1262&fcp=1262&at=ShRXQV9KSRg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:29 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 62426ceedd844c5c-AMS
cf-request-id: 085d62694800004c5cbe396000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 42ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021601&jk=2281379030521863&bg=!OTqlOnnNAAXRs2QT0TsAKQB2-Dxah6kG4yq3GfULtHpOd-P9JIC2LTHlvuIzQfvb5otPjhe9yggtAgAAAGVSAAAAEWgBBwoAmJEuz6R0QvjQ5NWgPdNw8ndaHWPwLrBcYXql4KFfnF7RwnZLL38QK8O991MThljLhFauyMiUSgmp5ak1SCPvPa36rogoII5QhYCq1x6LkuLCvPIWrXZxBw9aSlGxjdXWtyryv2IIlgmTJ1CEnit9oJTRyH0jO1O8nrGBAjsdyvvd8hOTuttsuNoxqfwb9qn04hw61Jp5av2xmQHhl7eX8G4syQuC74Dih9Z7TkaE2ATczKnqxrYZ7ZgWsNx-_RzYgIOrA5Gfwjn74AXHrBNBfr9CplFiXI2lJyc9zomadqpwoTm_AWTASgYW3cQPB2zO8RzgEboPNp2zHPnM_cyNYUBh9kTeoJcu8ZSGSzcVhXDIJa2dMWxJwC2pGvMfkJQHKA3clYpHGVoHJJJ0skMpo2m-ye9G5usJx4Dh67RY-Pki_pABQ9Lt8lJUtVaUCpWladV2Mr6E2SUOFCLuVrs5EOqKVxfVcXfP7gVxIYbiEDtBWisa-KCfmrfqfQFU3rJlC1RZIUW-S1IE_GmSMgf2UB_kz3lHDd_EZ55jyM-SCKbnH7c3kEufE4l3_nNQhyam7YqAgng6ZpMYY62kS99BQAwAHtJSRrw0Q_0_iBXmDb8qKC8s3Uhq2kfbYOajsnqFnatfqKcaTJX0jMM4IyOCvgOaskgKiPKOx6SkD6-mmD0texAuf9vhM5VWEHhQtCZXZ5CRQTMR1rrSW7ePFp916QCj2gyv7QlYeB-ycNfayuoFzc3RH-iklLc-MSvs__gE4ghZF386I1WvTTRKpdNFjubl21Ulib2ZW2C6tlIB2iTANcfqoCctXv6CdsQ-oofzB7Q8kwazwZnubK3L1w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set beacon Show response
ap.lijit.com/ Frame 3A5A 2 KB
2 KB 60ms
59ms Document
text/html 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Requested by: Host: www.justapinch.com
URL: https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 6d7d78ff8cde4d77c368a232797ebc170c115bc10ca57690bae56ea2aec0909e

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newberryobserver.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=f7189ce1e32a171f7ce18168
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newberryobserver.com/

Response headers

Server: nginx
Date: Fri, 19 Feb 2021 19:34:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxdzLERACAIQ9FdqC0EFIiree5uTcp395MrGnI0dCGtAkMWusu7nfoi7%2BrWSf%2F0ByB5Ya15H7qCITY%3D;Path=/;Domain=.lijit.com;Expires=Sat, 19-Feb-2022 19:34:29 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=f7189ce1e32a171f7ce18168;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 19-Feb-2022 19:34:29 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap3ams1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0A5B 995 B
875 B 153ms
52ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.justapinch.com
URL: https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newberryobserver.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5525161056102060062; icu=ChgItIZlEAoYASABKAEww6XAgQY4AUABSAEKGAjhu2sQChgBIAEoATDCpcCBBjgBQAFIARDDpcCBBhgB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newberryobserver.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 19 Feb 2022 19:34:30 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 3A5A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

63ms
62ms

Image
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 3A5A 45 B
371 B 162ms
62ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=f7189ce1e32a171f7ce18168&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 19 Feb 2021 19:34:30 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 19 Feb 2021 19:34:30 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 3A5A
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
1004 B

389ms
136ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:29 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:29 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 3A5A
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1870471592671566049

43 B
1013 B

396ms
132ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1870471592671566049
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:29 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1870471592671566049
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 3A5A
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://ams.creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=gvBje1ySIHC3zlaceD3F&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

43 B
1014 B

378ms
142ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=gvBje1ySIHC3zlaceD3F&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=gvBje1ySIHC3zlaceD3F&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT, Fri, 19 Feb 2021 19:34:30 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 3A5A
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=NP9QwzP9AMUv_1XAZvZOkmT8V5Av_1GXYfwf5PTa

43 B
1 KB

409ms
136ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=NP9QwzP9AMUv_1XAZvZOkmT8V5Av_1GXYfwf5PTa
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=NP9QwzP9AMUv_1XAZvZOkmT8V5Av_1GXYfwf5PTa
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 3A5A
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=GxHT5Jw7SW6l&ev=1&pid=558511&gdpr_consent=&gdpr=1

43 B
1006 B

326ms
136ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=GxHT5Jw7SW6l&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=GxHT5Jw7SW6l&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75d6d6d469-ftjg8
expires: -1

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3A5A 0
239 B 204ms
48ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EF3C 8 KB
3 KB 152ms
48ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=52989
Expires: Sat, 20 Feb 2021 10:17:39 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame 6D48 3 KB
1 KB 189ms
62ms Document
text/html 18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1d0e2368542302c18cb34203536c4d26e60ca266dc2cacec7e29c8bc81395f30

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb; Domain=.gumgum.com; Expires=Sat, 19-Feb-2022 19:34:30 GMT; Path=/; Secure; SameSite=None
etag: W/"02abd75d8702fdd32bb06270754c81b08"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 0A5B 0
746 B 187ms
89ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid: dca24d07-cd24-4a41-b6f8-8d951b04e201
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3AB3 37 KB
14 KB 53ms
52ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87015
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6D48
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=5525161056102060062

35 B
237 B

67ms
67ms

Image
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=5525161056102060062
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid: 61bbdcfa-77a8-4dd2-9e8d-244c97cda469
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=5525161056102060062
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 6D48 43 B
146 B 182ms
60ms Image
image/gif 52.57.230.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.230.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

syncPartner
sync.outbrain.com/ Frame 6D48
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28HrHEr1kEy7ejegR9zFGBsXLcX6Qw6lIoPAlVfTzXivuUichQ6AcFnpVZ5y-T3TE6%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb&obuid=ENC(HrHEr1kEy7ejegR9zFGBsXLcX6Qw6lIoPAlVfTzXivuUichQ6AcFnpVZ5y-T3TE6)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

123ms
123ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:31 GMT
Cache-Control: no-cache
X-TraceId: 661e4eb9c5c51f21919bf42bd54ed206
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Fri, 19 Feb 2021 19:34:31 GMT
X-TraceId: e11005e1c0bf65fde05df71966f90f89
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6D48
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=dc888080-c466-45ce-9cb5-7da511795c7c

35 B
237 B

70ms
69ms

Image
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=dc888080-c466-45ce-9cb5-7da511795c7c
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=dc888080-c466-45ce-9cb5-7da511795c7c
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 6D48 43 B
168 B 521ms
129ms Image
image/gif 52.6.106.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.106.191 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-106-191.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6D48
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-OJ0tXrV1lxABvL1EOd2GIVH.69_0dlXbl2_e

35 B
237 B

67ms
67ms

Image
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-OJ0tXrV1lxABvL1EOd2GIVH.69_0dlXbl2_e
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 19 Feb 2021 19:34:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-OJ0tXrV1lxABvL1EOd2GIVH.69_0dlXbl2_e
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6D48
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
https://rtb.gumgum.com/usersync?b=vnt&i=7c7f3613-72e9-11eb-9f80-fbe73b761c37

35 B
237 B

78ms
77ms

Image
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=7c7f3613-72e9-11eb-9f80-fbe73b761c37
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=7c7f3613-72e9-11eb-9f80-fbe73b761c37
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 7c7f3614-72e9-11eb-9f80-fbe73b761c37

GET
H2 204 services
sync.technoratimedia.com/ Frame 6D48 0
362 B 415ms
136ms Image
text/plain 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 402328710
access-control-allow-origin: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6D48
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb&gdpr=1&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

35 B
237 B

66ms
66ms

Image
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6D48
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3460989308
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3460989308
https://sync.1rx.io/usersync/tradedesk/16c99b79-61fa-4794-bcd9-4f998b0ca175
https://sync.targeting.unrulymedia.com/csync/RX-8562036c-a736-448d-b942-ac4942265c1c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8562036c-a736-448d-b942-ac4942265c1c-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8562036c-a736-448d-b942-ac4942265c1c-003

35 B
237 B

76ms
75ms

Image
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-8562036c-a736-448d-b942-ac4942265c1c-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: Tengine
ETag: RX8562036ca736448db942ac4942265c1c003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-8562036c-a736-448d-b942-ac4942265c1c-003
Connection: keep-alive
Content-Type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6D48
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=W2CoX0Gj5ght&ev=1&pid=558355

35 B
237 B

69ms
68ms

Image
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=W2CoX0Gj5ght&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=W2CoX0Gj5ght&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75d6d6d469-wqv4h
expires: -1

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 6D48 43 B
1 KB 264ms
135ms Image
image/gif 63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 9003
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=7e846030-12c6-4c00-b744-2faad1b80b42&gdpr=1&gdpr_consent=

35 B
237 B

68ms
68ms

Document
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=7e846030-12c6-4c00-b744-2faad1b80b42&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=7e846030-12c6-4c00-b744-2faad1b80b42&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 19 Feb 2021 19:34:26 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
set-cookie: uuid=7e846030-12c6-4c00-b744-2faad1b80b42; domain=.mathtag.com; path=/; expires=Sat, 19-Mar-2022 19:34:30 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=7e846030-12c6-4c00-b744-2faad1b80b42&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3518 2f03077 master zrh-pixel-x24
Expires: Fri, 19 Feb 2021 19:34:25 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame F02A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YDASxgAAAG9xSjoG
https://rtb.gumgum.com/usersync?b=atm&i=YDASxgAAAG9xSjoG&gdpr=1&gdpr_consent=&_test=YDASxgAAAG9xSjoG

35 B
237 B

68ms
68ms

Document
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YDASxgAAAG9xSjoG&gdpr=1&gdpr_consent=&_test=YDASxgAAAG9xSjoG
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YDASxgAAAG9xSjoG&gdpr=1&gdpr_consent=&_test=YDASxgAAAG9xSjoG
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YDASxgAAAG9xSjoG&gdpr=1&gdpr_consent=&_test=YDASxgAAAG9xSjoG
accept-ranges: bytes
date: Fri, 19 Feb 2021 19:34:30 GMT
via: 1.1 varnish
x-served-by: cache-fra19136-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1613763270.468550,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 060F 170 B
752 B 161ms
57ms Document
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xYTM3YzMwOS1hY2I4LTQ3ZjktYjk1Yi1lODg4MmMxY2Q5Y2I=&gdpr=1&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV8xYTM3YzMwOS1hY2I4LTQ3ZjktYjk1Yi1lODg4MmMxY2Q5Y2I=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmXVm7HQYcIjX5AGmf-9kBxgfm7UyQ0mqffqZdiuNbVAIrEC7jSfUNzHxif7NY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

content-type: image/png
date: Fri, 19 Feb 2021 19:34:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 56B1 8 KB
3 KB 64ms
47ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=52989
Expires: Sat, 20 Feb 2021 10:17:39 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame D7C0 70 B
265 B 200ms
66ms Document
image/gif 52.214.43.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-43-215.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C02C
Redirect Chain

https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
https://cs.emxdgt.com/umcheck?apnxid=5525161056102060062&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID
https://rtb.gumgum.com/usersync?b=emx&uid=5525161056102060062brt153501613763270462648f1

35 B
237 B

64ms
64ms

Document
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=emx&uid=5525161056102060062brt153501613763270462648f1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=emx&uid=5525161056102060062brt153501613763270462648f1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

content-type: text/html
date: Fri, 19 Feb 2021 19:34:29 GMT
location: https://rtb.gumgum.com/usersync?b=emx&uid=5525161056102060062brt153501613763270462648f1
set-cookie: eapn_id=5525161056102060062; Max-Age=7776000; Expires=Thu, 20 May 2021 19:34:29 GMT; Domain=.emxdgt.com; Path=/; HttpOnly; SameSite=None; Secure
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame A314
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YDASxsCo8YsAALV5JlAAAAAA

35 B
237 B

67ms
67ms

Document
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YDASxsCo8YsAALV5JlAAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YDASxsCo8YsAALV5JlAAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:31 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Fri, 19 Feb 2021 19:34:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YDASxsCo8YsAALV5JlAAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40280.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng39.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":61,"gdpr":true,"ipv4":"0.0.0.0","key":"YDASxsCo8YsAALV5JlAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40280"}
X-SO-Key: YDASxsCo8YsAALV5JlAAAAAA
X-SO-IP: 37.120.211.172
X-SO-Cluster-ID: 61
X-SO-Upstream-ID: a-ad40280

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 3E58
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871316017573437743

35 B
237 B

73ms
73ms

Document
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871316017573437743
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871316017573437743
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwNDc1NzYxNjc3MRbiM9Q1yfMPz0nLNPD3TsqX4jU0MzQ2NzM2MjcwMjYEALHPunM0AAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 16 Mar 2022 19:34:30 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwNDc1NzYxNjc3MRbiM9Q1yfMPz0nLNPD3TsoHAGK5qi0lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhsbmZsZG5gZGwIAPRwyHEQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 16 Mar 2022 19:34:30 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871316017573437743
Content-Length: 0
Server: Jetty(9.0.6.v20130930)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 5B46
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=gvBje1ySIHC3zlaceD3F&pi=gumgum

35 B
237 B

67ms
67ms

Document
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=gvBje1ySIHC3zlaceD3F&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=gvBje1ySIHC3zlaceD3F&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Fri, 19 Feb 2021 19:34:30 GMT Fri, 19 Feb 2021 19:34:30 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=gvBje1ySIHC3zlaceD3F&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3AB3 0
75 B 256ms
63ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31056407&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:28 GMT
Content-Length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1BE3 37 KB
14 KB 55ms
54ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=137711:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87015
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame F034 995 B
875 B 50ms
49ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.justapinch.com
URL: https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newberryobserver.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5525161056102060062; icu=ChgItIZlEAoYASABKAEww6XAgQY4AUABSAEKGAjhu2sQChgBIAEoATDCpcCBBjgBQAFIARDDpcCBBhgB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newberryobserver.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 19 Feb 2022 19:34:30 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set beacon Show response
ap.lijit.com/ Frame 0A2C 2 KB
2 KB 63ms
63ms Document
text/html 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Requested by: Host: www.justapinch.com
URL: https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: ea3cde7bc7aa4760448db9a1aa69ee1c2de7645cccfbdbca68c1ef882389df41

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newberryobserver.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=f7189ce1e32a171f7ce18168; ljtrtbexp=eJxdzLERACAIQ9FdqC0EFIiree5uTcp395MrGnI0dCGtAkMWusu7nfoi7%2BrWSf%2F0ByB5Ya15H7qCITY%3D; _ljtrtb_43=NP9QwzP9AMUv_1XAZvZOkmT8V5Av_1GXYfwf5PTa; _ljtrtb_16=no-consent; _ljtrtb_10=1870471592671566049; _ljtrtb_86=gvBje1ySIHC3zlaceD3F; _ljtrtb_36=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newberryobserver.com/

Response headers

Server: nginx
Date: Fri, 19 Feb 2021 19:34:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxljkEOgDAIBP%2FCuYdSKLB%2Bzfh3oxfDepwwS%2BYUlUNDrRyRc4jFy45c9XBqZ50fB4YA2N1w%2BxlJP6Ibjn4vI3Zi2m9q3sXNqzVdN4ygMPE%3D;Path=/;Domain=.lijit.com;Expires=Sat, 19-Feb-2022 19:34:30 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=f7189ce1e32a171f7ce18168;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 19-Feb-2022 19:34:30 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap3ams1

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame F034 0
747 B 50ms
50ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.139:80
AN-X-Request-Uuid: 458a4e18-2548-4ae5-b506-52cf526d839b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 0A2C
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
2 KB

139ms
138ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0A2C 0
239 B 49ms
47ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 0A2C
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZjcxODljZTFlMzJhMTcxZjdjZTE4MTY4

170 B
243 B

15ms
15ms

Image
image/png

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZjcxODljZTFlMzJhMTcxZjdjZTE4MTY4

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZjcxODljZTFlMzJhMTcxZjdjZTE4MTY4
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 0A2C
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

65ms
64ms

Image
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 0A2C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=3OzWz6dbUQ1r&ev=1&pid=558511&gdpr_consent=&gdpr=1

43 B
2 KB

142ms
141ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=3OzWz6dbUQ1r&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=3OzWz6dbUQ1r&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75d6d6d469-wqv4h
expires: -1

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 0A2C
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=f7189ce1e32a171f7ce18168&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:42329ae9b72ec213826e940bf5b9c9cd

43 B
2 KB

134ms
133ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:42329ae9b72ec213826e940bf5b9c9cd
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:31 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Fri, 19 Feb 2021 19:34:31 GMT
server: Aorta/2.5.1-20201015.f4f5b76
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:42329ae9b72ec213826e940bf5b9c9cd
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-16-91
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame D6DE
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=2786913436553577462&gdpr=1&gdpr_consent=

43 B
2 KB

134ms
134ms

Document
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=2786913436553577462&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=f7189ce1e32a171f7ce18168; _ljtrtb_43=NP9QwzP9AMUv_1XAZvZOkmT8V5Av_1GXYfwf5PTa; _ljtrtb_16=no-consent; _ljtrtb_10=1870471592671566049; _ljtrtb_86=gvBje1ySIHC3zlaceD3F; _ljtrtb_36=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb; _ljtrtb_49=GxHT5Jw7SW6l; ljtrtbexp=eJxljkEOgDAIBP%2FCuYdSKLB%2Bzfh3oxfDepwwS%2BYUlUNDrRyRc4jFy45c9XBqZ50fB4YA2N1w%2BxlJP6Ibjn4vI3Zi2m9q3sXNqzVdN4ygMPE%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=

Response headers

Server: nginx
Date: Fri, 19 Feb 2021 19:34:30 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_36=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_16=no-consent;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_49=GxHT5Jw7SW6l;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_86=gvBje1ySIHC3zlaceD3F;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_43=NP9QwzP9AMUv_1XAZvZOkmT8V5Av_1GXYfwf5PTa;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_10=1870471592671566049;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJwVjMsOgjAURP%2Bla5u0lL7coUbQRMWAimxIqcVEERYaUIz%2F7mUzyZyZnC9iAk2RK6hh0jKisbGlwr6sNC41L7FTSnmW2ou2JZogOr6bFtu2ebrmBcTXQMJ3lPJ1L5OTqIGp8XXtZjdHP8kqmrOhNtYt2HI0ENioksSXlGtPQApBwAIqBtM21vt%2BiHWwOXQFzYK8y3f3R6qOPIAeZueqr3icGvT7A3qwMz8%3D;Path=/;Domain=.lijit.com;Expires=Sat, 19-Feb-2022 19:34:30 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_1=2786913436553577462;Path=/;Domain=.lijit.com;Expires=Sat, 19-Feb-2022 19:34:30 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxljkEOgDAIBP%2FCuYdSKLB%2Bzfh3oxfDepwwS%2BYUlUNDrRyRc4jFy45c9XBqZ50fB4YA2N1w%2BxlJP6Ibjn4vI3Zi2m9q3sXNqzVdN4ygMPE%3D;Path=/;Domain=.lijit.com;Expires=Sat, 19-Feb-2022 19:34:30 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=f7189ce1e32a171f7ce18168;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1dca1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=2786913436553577462; Domain=.turn.com; Expires=Wed, 18-Aug-2021 19:34:30 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=2786913436553577462&gdpr=1&gdpr_consent=
content-length: 0
date: Fri, 19 Feb 2021 19:34:30 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 65C1 8 KB
3 KB 47ms
46ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=137711:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=52989
Expires: Sat, 20 Feb 2021 10:17:39 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame CCB3 2 KB
818 B 66ms
66ms Document
text/html 18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d575f1ac4a145f49c27415c017d2143cbe8d2cca90182a0a516d27a948a37835

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"0dd544ba92c1df4da5daf41f8afe66104"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame CF37 8 KB
3 KB 46ms
45ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=137711:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ap.lijit.com/beacon?informer=11277942&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=52989
Expires: Sat, 20 Feb 2021 10:17:39 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame AF1E 37 KB
14 KB 52ms
51ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=137711:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87015
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D240 37 KB
14 KB 56ms
55ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=137711:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87015
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 services
sync.technoratimedia.com/ Frame CCB3 0
361 B 137ms
135ms Image
text/plain 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 397777459
access-control-allow-origin: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
access-control-allow-credentials: true

GET
H2 200 sync
x.bidswitch.net/ Frame CCB3 43 B
145 B 71ms
68ms Image
image/gif 52.57.230.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.230.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame CCB3
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb&gdpr=1&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

35 B
237 B

64ms
64ms

Image
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame CCB3
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8562036c-a736-448d-b942-ac4942265c1c-003&rndcb=1288105287
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-8562036c-a736-448d-b942-ac4942265c1c-003&rndcb=1288105287
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=7fcf83d7-6858-43e4-9145-f981e6e7f2e4&google_hm=N2ZjZjgzZDctNjg1OC00M2U0LTkxNDUtZjk4MWU2ZTdm...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMkNo1fci-CeEW1CCLNS4q4&google_cver=1&ssp=adconductor&bsw_param=7fcf83d7-6858-43e4-9145-f981e6e7f2e4
https://sync.1rx.io/usersync/bidswitch/7fcf83d7-6858-43e4-9145-f981e6e7f2e4?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-8562036c-a736-448d-b942-ac4942265c1c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8562036c-a736-448d-b942-ac4942265c1c-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8562036c-a736-448d-b942-ac4942265c1c-003

35 B
237 B

68ms
68ms

Image
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-8562036c-a736-448d-b942-ac4942265c1c-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 19:34:31 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Date: Fri, 19 Feb 2021 19:34:31 GMT
Server: Tengine
ETag: RX8562036ca736448db942ac4942265c1c003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-8562036c-a736-448d-b942-ac4942265c1c-003
Connection: keep-alive
Content-Type: text/html

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame CCB3 43 B
168 B 131ms
129ms Image
image/gif 52.6.106.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.106.191 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-106-191.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame CCB3 43 B
2 KB 140ms
139ms Image
image/gif 63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 19:34:29 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C026
Redirect Chain

https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=emx&i=5525161056102060062brt153501613763270462648f1

35 B
237 B

67ms
67ms

Document
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=emx&i=5525161056102060062brt153501613763270462648f1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=emx&i=5525161056102060062brt153501613763270462648f1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

content-type: text/html
date: Fri, 19 Feb 2021 19:34:29 GMT
location: https://rtb.gumgum.com/usersync?b=emx&i=5525161056102060062brt153501613763270462648f1
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 8660
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YDASx8Co8YsAALV5JoEAAAAA

35 B
237 B

69ms
69ms

Document
image/gif

18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YDASx8Co8YsAALV5JoEAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YDASx8Co8YsAALV5JoEAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1a37c309-acb8-47f9-b95b-e8882c1cd9cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:31 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Fri, 19 Feb 2021 19:34:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YDASx8Co8YsAALV5JoEAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40315.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng39.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":46,"gdpr":true,"ipv4":"0.0.0.0","key":"YDASx8Co8YsAALV5JoEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40315"}
X-SO-Key: YDASx8Co8YsAALV5JoEAAAAA
X-SO-IP: 37.120.211.172
X-SO-Cluster-ID: 46
X-SO-Upstream-ID: a-ad40315

GET
H3-Q050 200 pixel Show response
cm.g.doubleclick.net/ Frame 64FB 170 B
190 B 16ms
15ms Document
image/png 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xYTM3YzMwOS1hY2I4LTQ3ZjktYjk1Yi1lODg4MmMxY2Q5Y2I=&gdpr=1&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV8xYTM3YzMwOS1hY2I4LTQ3ZjktYjk1Yi1lODg4MmMxY2Q5Y2I=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmXVm7HQYcIjX5AGmf-9kBxgfm7UyQ0mqffqZdiuNbVAIrEC7jSfUNzHxif7NY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

content-type: image/png
date: Fri, 19 Feb 2021 19:34:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 58F9 8 KB
3 KB 90ms
56ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=137711:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=52989
Expires: Sat, 20 Feb 2021 10:17:39 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame B111 70 B
264 B 67ms
67ms Document
image/gif 52.214.43.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-43-215.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=16c99b79-61fa-4794-bcd9-4f998b0ca175; TDCPM=CAEYBSABKAIyCwiomO-6g8aqORAFOAE.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Response headers

date: Fri, 19 Feb 2021 19:34:30 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1254 37 KB
14 KB 57ms
57ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=137711:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87015
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1BE3 37 KB
14 KB 54ms
54ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87012
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1BE3 0
75 B 64ms
63ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=83197003&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:33 GMT
Content-Length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame AF1E 37 KB
14 KB 55ms
55ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87012
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D240 37 KB
14 KB 54ms
53ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87012
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AF1E 0
75 B 64ms
64ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=59490440&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:33 GMT
Content-Length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1254 37 KB
14 KB 60ms
60ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87011
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:34 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1254 0
75 B 63ms
63ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=40262261&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:33 GMT
Content-Length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D240 37 KB
14 KB 54ms
54ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=87009
Expires: Sat, 20 Feb 2021 19:44:45 GMT
Date: Fri, 19 Feb 2021 19:34:36 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D240 0
75 B 63ms
63ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13578607&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 19:34:37 GMT
Content-Length: 0

POST
H/1.1 200
OK 62f380209b Show response
bam-cell.nr-data.net/events/1/ 24 B
500 B 567ms
566ms XHR
image/gif 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/62f380209b?a=309219100&v=1198.fe6ec20&to=ZlNUNxdQWhZTWk0KWl8ZdwARWFsLHU1cDkVdV0IGSFlbCFdJWARQ&rst=15799&ck=1&ref=https://www.newberryobserver.com/
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.newberryobserver.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 19 Feb 2021 19:34:39 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.newberryobserver.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 62426d2caa4c4c5c-AMS
Content-Length: 24
cf-request-id: 085d628fe500004c5ca2a89000000001

Verdicts & Comments Add Verdict or Comment

305 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 01:37:39	Name: IDE Value: AHWqTUmXVm7HQYcIjX5AGmf-9kBxgfm7UyQ0mqffqZdiuNbVAIrEC7jSfUNzHxif7NY
.newberryobserver.com/	1970-01-20 01:37:39	Name: __gads Value: ID=51fa7d8f022aaeb4:T=1613763266:S=ALNI_MYQsgV46fd-7IV87OeuX-E2UJqQTg
.www.newberryobserver.com/	1970-01-19 16:16:15	Name: liqwid Value:
www.newberryobserver.com/	1970-01-19 16:17:51	Name: zdSessionId_81286763 Value: 5034ef40-d4fc-45e5-a201-11bf9bf5debb
.newberryobserver.com/	1970-01-19 16:17:29	Name: _gid Value: GA1.2.1104888966.1613763267
www.newberryobserver.com/	1970-01-19 16:16:05	Name: 81286763-ehtoken Value: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=JY%2BsnfqtqCR0uPxO9hCIbygTeVKmlAPT2YXpZ1TtEr4%3D&se=1613766181&skn=all
.newberryobserver.com/	1970-01-19 16:16:05	Name: __utmb Value: 257048724.1.10.1613763266
.newberryobserver.com/	1970-01-20 09:47:15	Name: _ga Value: GA1.2.941903050.1613763266
.newberryobserver.com/	1970-01-19 16:16:03	Name: __utmt Value: 1
.newberryobserver.com/	1970-01-20 09:47:15	Name: __utma Value: 257048724.941903050.1613763266.1613763266.1613763266.1
www.newberryobserver.com/	1970-01-19 16:16:03	Name: _gat_csWidget Value: 1
.newberryobserver.com/	1970-01-19 16:16:03	Name: _gat_awxoapTracker Value: 1
.newberryobserver.com/	1969-12-31 23:59:59	Name: __utmc Value: 257048724
.www.newberryobserver.com/	1970-01-20 01:01:51	Name: LVG Value: fca088d2-fd3a-4455-81ab-f92ee803d822
.newberryobserver.com/	1970-01-19 20:38:51	Name: __utmz Value: 257048724.1613763266.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s24514.pcdn.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://japfg-trending-content.appspot.com/widgey-dug.php?s=10190&v=1&q=3&i=1(Line 1) Message: widget:7ps:pop:w
console-api	log	(Line 17) Message: queued
console-api	log	(Line 9) Message: loaded

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5c43e71528bcec9eea4c6e482ddcd085.safeframe.googlesyndication.com
60a6ae725fca.bitsngo.net
8993311.fls.doubleclick.net
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ams.creativecdn.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
as-sec.casalemedia.com
b1sync.zemanta.com
bam-cell.nr-data.net
bh.contextweb.com
cdn.cityspark.com
cdnjs.cloudflare.com
ce.lijit.com
championads.midtc.com
citysparkstorage.blob.core.windows.net
cloudfront.loggly.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
csp.azureedge.net
d.turn.com
d2zqfs55y95cft.cloudfront.net
disqus.com
ecdn.analysis.fi
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image6.pubmatic.com
japfg-trending-content.appspot.com
js-agent.newrelic.com
lh3.googleusercontent.com
liqwid.net
logs-01.loggly.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
newberryobserver.com
oap.accuweather.com
p.cityspark.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prod-ps-cdn-us1.azureedge.net
prod-sb-appanalytics-us1.servicebus.windows.net
rtb.gumgum.com
s24514.pcdn.co
secure.adnxs.com
securepubads.g.doubleclick.net
site1.midtcweb.com
ssl.google-analytics.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
vortex.accuweather.com
widget.eviesays.com
widgets.outbrain.com
www.accuweather.com
www.civicscience.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.justapinch.com
www.newberryobserver.com
x.bidswitch.net
zdwidget3-bs.sphereup.com
104.40.187.26
104.42.152.64
124.146.215.43
13.226.159.54
13.88.145.64
130.211.10.17
142.250.185.130
142.250.185.162
142.250.185.166
148.66.196.157
151.101.114.110
151.101.14.49
151.101.192.134
162.247.243.147
178.162.133.150
18.195.155.181
18.200.32.70
184.25.114.71
184.30.24.22
185.184.8.30
185.29.133.58
185.33.220.145
185.64.190.78
193.0.160.128
193.122.174.27
198.148.27.139
2001:4de0:ac19::1:b:2b
213.19.147.150
213.19.147.151
23.218.208.187
23.218.208.200
23.218.208.246
23.218.209.87
2600:9000:206f:5c00:f:c7b3:ce40:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:2800:233:9de:380:d6:22cb:12e3
2606:4700:3030::6815:5795
2606:4700::6810:135e
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2014
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9a
2a00:1450:400c:c00::9c
2a02:26f0:64::210:6b83
34.234.111.29
35.244.159.8
40.79.44.59
46.228.164.13
52.160.40.218
52.202.125.251
52.214.43.215
52.57.230.211
52.6.106.191
52.72.211.249
52.95.124.170
54.236.68.122
54.81.50.0
63.251.86.49
64.202.112.191
65.9.63.164
65.9.96.121
66.155.71.149
68.71.161.21
69.173.144.165
70.42.32.191
72.251.249.9
00c73164abbada7946bfef6df7e63d4308c68ca0610d7c77abd57c126f38b3ba
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
02ab19a52b62ddee291f3d0e87e0427a9edbfa3dbbc58d665dd11e34eb643ce3
0303483d0cb598ba747efaba6d5ac6a35c10180c9eaa8777400a14c67192086a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0607c15048f053045027629a02c3ba6c94fa6625e53ebcda178663a7912849b7
0619085a147e08ed6f4ca7b734f145d742ab39a7ae702f6730607feb25a97573
08a24e4201f556bf1d56c0cbba8fd27028c85171b13b401362bf38a7be153e03
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ce83306c2a3d45ede1b5b4ff27577789383faa0f9e1bb76f482c0437f12bef2
0eeb7cb28ce41e88b552a9050b6083baca48cd2ac7c29b3f0a4fbe6d6e9d9c2d
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1002227cd334b24988575ff8435e9ddade75e2ca588d8db606734c32078faae9
1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d
1250a278feee9084d3c814ce3808644a342e6d12e3d3ecb7402b6e5b9fffdaf2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13a761039c037b1a269a39d3df870d9a9b03e9ff4c6203e9c5b32b4c54bff17d
1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014
14946d7cd065a371fa776c33c682cc2c8527f007f7ec18b00f95339291bfe438
14b72277d720e24f0a940a07cb3d2ffdc9660f24da0a6de7d68a955edba1bd30
14c94d87ad9419933f4228364be4f0cf04df672c4d439bbbea0c6f6159aac0b1
169f4e45724d3711d66777e80470ba8169bfb0d532e1d058a52873948826bf93
176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81
19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1ae27e3e4e3a44acbc1250a19d772baf9bbedaf57e80767f95e533df7b97fe09
1b5d7d576e4772e55efadc4fd31fb4cec3c80a1c51454536b2ae6f515c635eef
1c969220f8e93addd1404c86c4ddea055a1f76aeb403c4c277a66063e9df8b9f
1d0e2368542302c18cb34203536c4d26e60ca266dc2cacec7e29c8bc81395f30
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e18e33a4e0b8f9c6e990abebfa907ba6f61462089879da45721c6754755f41a
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
22cb44e80058b5fc7c366957e1445e8753c8e3cc2f4ed5536a5211ba99f1d695
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
240b5109b8e3d16998bedf57759b4a2632c38f924a40ac42a86c60f0db397b5c
248b18dd819d244074248e3c0951cf7197bd3e1787b502291ed6e9a87b465d81
261a57cf8f316bdcb45d9998369ca0a5aff137868dc2c4fd3571439bb1c883d5
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4cacf5f78150174f14b68b40a41d4c3e6251d708b236a3b1919aeb614209c7
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2db73dd598b2313176c1dd6d0b247cf0371bde66d364d38f58c61a4727c11fe0
302027b67c5cc7c409bb733a911078a229fa65863532c2cb583416a36acdc70c
32c31d09bf85839d06022ac473832bc10967d7e1b20ca961cf3cf5c4691d44cc
347bf7a3c2f3a3b61466990baaac628f2157cd052cfb523e8cfb0326b0c7cdd2
34bb508f2907886afc76204909656970e4b0174e6c0b95dd95374409aa9fd55b
34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8
424e6bf81a3ceba825ca878b65b6ffef9511de435e37e9a77e876f2d45c9d9fc
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
49f6d69f23a00b2cf82d9d3000cc1661795e57b061f8c566579d40d0bd945718
4a0c1c66ba2c7ac51b7949bfe8f1c44311a7335bed29af026822eee58fff3d6a
4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
518a9d587bdaecdd96340e67db078e823ff43f9f23f2f0d9f0ceafe4cca72a0f
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
553e52f9338aefdc47bbb0cd43415aa04843c6b76b7f99557d6353926ba1add8
56a1f3f1d9126dc75234aa77231107d7bea8e11bd4ad988ab48b3b9e8f3da49f
5a6e046aaf7fe9ee29dcd2fb96c4a7b46b170ef8a8aa8df1bfda7d53f4202505
5cd1c9251fb27cc4b163855c9ce76478a5fa8c2b96e9324ef24fa30e4ec82523
61a3687a4955043a26fec76b5801136a6e02ac763dede3139ce2608d47bd5521
62c1be65d5ea3c79c344010bf6f275ed8826dfa8f5080e5d705b91ac7b6e6581
6334b681906b84fde6d68dda415a22d65d9dbeb2eb240ba7e2796a3556b4d77c
640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565
644ff791128e3eea7b0923932ced64048252205ef17888b9c62f6be7e6ce3881
6700d6201e8b577caf7652259a00a13d90d0c97b21a0dcd74b61453b69c30774
683a5ead813f860e1cb940d9ffef6900cb9334ad8a1562d647c400614c1d5d0e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae5bcaa265c0f6c53c141699fe00aa71938366b643dca027d9487372ab71b4a
6af498452b3a7a2d4d3f082e2964b094e544c6fbb7a7e618a7f1d28c6774d04d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4d2960dfdec2b2465650fd9e955cc23f6e6a2323775494b5f37bfbd97d416d
6d7d78ff8cde4d77c368a232797ebc170c115bc10ca57690bae56ea2aec0909e
6f1c3f7105f5f92d49b7e0102a29617d715788ac9e882bb0fe1ceefffa64a67b
6f51ad103bb1b81ae65981899fed07ecb2a68590e657191fdaceb79ad31992b2
70f1f7a4f140dd5eec0ad8efd5a29abfeb7873df9574f54434cb28706a9bce68
786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f
79312d1250791673e5379c0f60ea417b1e4fc1016a51ae176e2f77729b714847
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a94ee06744b31bbcf82836f06b46be8800bd7ca92e1f8d3c6b0327472c128c4
7b46dcfb1658be8c9c2a409fc01b1dd3f3e118fd1b065ef8c26e7abadc633f33
7c3b56d05a8a8860f8569cdf2e01f461357e4fa9ebc6a56e80d673bc07de3b03
7c8bd046dc907d355b80c3ac3369fbb5291c85c6406531a653a12cc7b57a8d45
7de1a9315366ed1263f37503eebabebec6d276406f8acd782570f784ec3dc205
8081a29f9e4f45ef5df5f7cda4825bbcdf8862c9a357b7d8aa0c572285d9af7c
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849b08e1b699c27d4fd2d75ff1777427a6bb4f87e4cae3c2bcda8ae882cdebca
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e1f066a3838323edc680a59434ae87fa80e0e2b69a4a1c78e9560b2b23e640
85ab38b614037e10ad547593cc3442b86e8c2cc8e76c6a0a60e20a8c0c1a8df1
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e
8ae54aefc607778dc3907fb07fb0dd871d70dd258abd89ca0d6259669073d647
8c128d9df3fd9fb9985fe0cb7e6cf1766237fdef557669ae81efb4a06eb21a33
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df7667db11a1cbae8ba0332258e0d3da3c26d2bab794bdcf8805df869482200
918a9f4519e3908d6f3514d59b3e052e1b4e9856cb33afa3168936cd415e35fc
9281c965686a7df046b4721d48bd24f0a50a990b43ab58b72685a6244a529a97
936c5a9fc8bfcc2e5d9e89c226f43c701b8dd477218cd9c9de25d9fd1c9632f9
937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f
94107238a1097b66d59ded9c22a26e793aaa854e8bd4f555e704aa23acb6b959
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
989bdd02e27c64b740e3e53ef4030b498cf9e5cae1709d80bd7c0956ec7ca23a
98b3d6237e5cc54c65ceb64f2896a46a48ebfe7826ebce57c9c92b0703c523d8
995c226ed14fcaee45eabf21834bec4d68e9f620a6dc6bf24eb28fa0f80d1833
9a6c83733b92d0fbf3a864527c5db3327ccf90f459ccb05040e4cf2fbcc1050a
9b37d896f5f9cca9a11587291dcd67f690d58ad2bbe626442c4fe48bf695269f
9bcca56ebb5351a2594acd38219d75de7a74cf7a8bb284e4aea1d4e16219a646
9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb
9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10759b64045261d0e290e3735b608903e4f67a2b98b0a5cbacc056a3b4a3c90
a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332
a1ece2165264e723d5a07841f03c821fb29f4d729205be587eb349e835070578
a26203f7d0fd2d8e79c7f5f217378fe7eb4bf7dbf736d226b588ce06c20d816d
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4b5e4f3682eb43f5707cba4329a9a4e32bc25f4be667da890925699d6f2c69e
a7c3d46c165a16eb81692c2a4b402177c3ebc537e0e35508f3c63eb17a731676
a896ec0ca2781fb235e8c898d4d8032d75cecee0622bf36ca4f33d16fe759c71
adfe4d4950bbf638480b46c08d085f0d7f4d2267486f05d2542e0bce9d23cd09
ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef4bda7b4c0a2ada0896fdbe039577cc447e143af452bd3189b15f8b605bc14
af22980db27a05bb442baf6303786a5d283d6fba657f84154a1604063947bde0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b45520392561c2702165d686be5a2cbdb5fafa7328a60a941b8fc29089c56632
b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3
c0d6084a8e594226fa0f4d8833f058bc844ed900dda131abdc1ecde567f58cfc
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c149b2bc25d35879177fa17e1e803be6c72de4225abb6fb896dfc7165cc7edf9
c5ed576c9cd7778e4feb15809637cd9d484479b96543169feb94b1b33332a837
c610e1b0683db4e64070d4059918ca087c83a5a26a942140fa3716be01a4c9a6
c68c882fd2be64369d4dd908b560f59e55d8c0fe28232e88979ea5aeee587c28
c6f46763929a528524f8959d2610cc96250cc9f19c2de2341392ffa69d2e87e3
c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259
ca93ea0da1bfb74e6f4f2b042f8c2add5ac5c52a883e0d30136a59f1b0713cc9
cbed18e97d7c679ffb50034dcf0a26b0b527651ff5ce3c242c0df5de5b285fca
cd550dc178abe2cad62b71d6224b65b017402a1a685eec1f63ed65529103eb2b
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d23a583a99dbd2bf52b3350f5c70fd39679162ded5e5eb9213caa7c2f5ada745
d575f1ac4a145f49c27415c017d2143cbe8d2cca90182a0a516d27a948a37835
d702ce72f77b99bd5f2b16545adf7a4901f418442feddcdc59223328ec490e78
d87228bf6aa3f598dc0cec253140b3420bd30d907afc29ec965a3337279f9949
d9159e57830834aa8980301715f20ba811c7db59858f0d723121fa55cbaee661
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dafbda62ac729d761f52186429fe2b2e930a1fa0503518b2f875fb273f3795e4
dbf2c0aad804d3afd9439b0a7313725d0c347fe63d32a5a978f1818310ec7320
df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e041f6c64bb2fc0751d41969321230ed7bab0f30313c665b6728bc97ca22981f
e1dbc962ce3e82944ed7959bb8da88e84564f697154af6d055d142880fafd94b
e38314a0946795e482eee76d41aaddbd8c296fdd0f0fbec7a2c3a38590acadd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e608186ccd6f03a2090d48b81d18a6223e88864c418a39a06e7f57ca218c7e5f
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e85de17444159ce149f4e83c94641075f6306d5669d24922a807db130d00532a
e911a8c9d791d1fad87a7adc13a6aadf103d6aa151b0c4a612d87b0bc8ddcbfc
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ea3cde7bc7aa4760448db9a1aa69ee1c2de7645cccfbdbca68c1ef882389df41
eae009aef71917f1857c64256a5384b801b63281ea1fbde0021cde35ae1f4972
ed09d2d86d29a8b868651c98a99f17b51a9396cda048c1bab65c5755e9d40a6f
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3015911cbcfb4adbf5f0cdf849cb27287b482b41b54a824c9e5df6e87f2eb15
f3e0214aac1dbbb663368cddd84a7518e680b031fb1b54bc672c66e7992bc8b7
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7
fd927536a19a1583559667290bad2f79ee2994a0bab4a8a2abf1a002e14c2565
fdf4c61359a7f5ccaf9eeb19a27cc4c1880264c442799c512c8afc4a7bf4948e
ffd24b5f60e021d290ff8baee2241efbcb800390226583b4db2c33d7b296f868

www.newberryobserver.com Open in urlscan Pro 52.72.211.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

278 Requests

100 %HTTPS

33 %IPv6

65 Domains

87 Subdomains

64 IPs

7 Countries

2679 kBTransfer

5118 kBSize

15 Cookies

24 Outgoing links

Page URL History

Redirected requests

278 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newberryobserver.com Open in urlscan Pro
52.72.211.249 Public Scan

Screenshot
Live screenshot

Full Image

278
Requests

100 %
HTTPS

33 %
IPv6

65
Domains

87
Subdomains

64
IPs

7
Countries

2679 kB
Transfer

5118 kB
Size

15
Cookies

278 HTTP transactions
2 data transactions