www.thenewstribune.com Open in urlscan Pro
23.75.234.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://amazonc.o.m-users-manage.online/
Effective URL:
https://www.thenewstribune.com/
Submission Tags: @phishunt_io
Submission: On October 04 via api (October 4th 2022, 2:02:24 am UTC) from DE — Scanned from DE

Summary HTTP 323 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 80 IPs in 8 countries across 57 domains to perform 323 HTTP transactions. The main IP is 23.75.234.119, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.thenewstribune.com. The Cisco Umbrella rank of the primary domain is 230841.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 1st 2022. Valid for: 5 months.

This is the only time www.thenewstribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.143.183.144 18.143.183.144	16509 (AMAZON-02) (AMAZON-02)
1 1	166.108.36.245 166.108.36.245	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
53	23.75.234.119 23.75.234.119	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.251.36.10 142.251.36.10	15169 (GOOGLE) (GOOGLE)
6	142.250.180.228 142.250.180.228	15169 (GOOGLE) (GOOGLE)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
3	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	34.251.26.3 34.251.26.3	16509 (AMAZON-02) (AMAZON-02)
2	54.76.210.146 54.76.210.146	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
9	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
4	142.251.39.3 142.251.39.3	15169 (GOOGLE) (GOOGLE)
9	13.32.99.95 13.32.99.95	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
2	13.32.121.108 13.32.121.108	16509 (AMAZON-02) (AMAZON-02)
1	172.217.19.112 172.217.19.112	15169 (GOOGLE) (GOOGLE)
1	108.138.7.53 108.138.7.53	16509 (AMAZON-02) (AMAZON-02)
1	104.18.41.98 104.18.41.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.180.227 142.250.180.227	15169 (GOOGLE) (GOOGLE)
6	151.101.130.27 151.101.130.27	54113 (FASTLY) (FASTLY)
1	13.32.99.35 13.32.99.35	16509 (AMAZON-02) (AMAZON-02)
1	54.231.170.80 54.231.170.80	16509 (AMAZON-02) (AMAZON-02)
1	2.18.169.60 2.18.169.60	16625 (AKAMAI-AS) (AKAMAI-AS)
6	166.108.36.240 166.108.36.240	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
2	142.251.39.38 142.251.39.38	15169 (GOOGLE) (GOOGLE)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
1	96.16.147.243 96.16.147.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
2	104.18.16.107 104.18.16.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.216.226.0 52.216.226.0	16509 (AMAZON-02) (AMAZON-02)
19	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
4	18.64.83.82 18.64.83.82	16509 (AMAZON-02) (AMAZON-02)
5	54.208.179.247 54.208.179.247	14618 (AMAZON-AES) (AMAZON-AES)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
6	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	54.235.97.224 54.235.97.224	14618 (AMAZON-AES) (AMAZON-AES)
3	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
1	34.117.124.38 34.117.124.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.201.92.233 35.201.92.233	15169 (GOOGLE) (GOOGLE)
1	34.95.76.208 34.95.76.208	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.2.19 108.138.2.19	16509 (AMAZON-02) (AMAZON-02)
1	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
1	3.239.232.73 3.239.232.73	14618 (AMAZON-AES) (AMAZON-AES)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1 3	143.204.89.56 143.204.89.56	16509 (AMAZON-02) (AMAZON-02)
4	52.44.206.121 52.44.206.121	14618 (AMAZON-AES) (AMAZON-AES)
1	52.30.254.53 52.30.254.53	16509 (AMAZON-02) (AMAZON-02)
2	91.228.74.206 91.228.74.206	16509 (AMAZON-02) (AMAZON-02)
1	34.107.191.194 34.107.191.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.66.112.48 18.66.112.48	16509 (AMAZON-02) (AMAZON-02)
3	18.66.112.76 18.66.112.76	16509 (AMAZON-02) (AMAZON-02)
2	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
1	18.64.108.220 18.64.108.220	16509 (AMAZON-02) (AMAZON-02)
2	18.66.23.210 18.66.23.210	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.52 18.66.97.52	16509 (AMAZON-02) (AMAZON-02)
3	34.217.7.19 34.217.7.19	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	172.217.19.97 172.217.19.97	15169 (GOOGLE) (GOOGLE)
10	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
3	178.249.101.99 178.249.101.99	11054 (LIVEPERSON) (LIVEPERSON)
8	178.249.101.98 178.249.101.98	11054 (LIVEPERSON) (LIVEPERSON)
3	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
1	13.32.121.51 13.32.121.51	16509 (AMAZON-02) (AMAZON-02)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
1	3.217.212.221 3.217.212.221	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	3.124.27.64 3.124.27.64	16509 (AMAZON-02) (AMAZON-02)
4	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
2	208.89.15.170 208.89.15.170	11054 (LIVEPERSON) (LIVEPERSON)
12	3.64.188.198 3.64.188.198	16509 (AMAZON-02) (AMAZON-02)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
2	52.29.201.209 52.29.201.209	16509 (AMAZON-02) (AMAZON-02)
323	80

1 18.143.183.144 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-183-144.ap-southeast-1.compute.amazonaws.com

amazonc.o.m-users-manage.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 166.108.36.245 (Miami, United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com

thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 23.75.234.119 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-234-119.deploy.static.akamaitechnologies.com

www.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.idahostatesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bellinghamherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-wires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theolympian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.36.10 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s44-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.180.228 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

edge.adobedc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.26.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-26-3.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.210.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-210-146.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.66.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.3 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.32.99.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-95.fra60.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-108.fra60.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.19.112 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f16.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-53.fra56.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.98 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.227 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.170.80 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.169.60 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-169-60.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 166.108.36.240 (Miami, United States)

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet846.ejoco.com

publicapi.misitemgr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.38 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.147.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-147-243.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.16.107 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.226.0 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.64.83.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-83-82.txl50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.208.179.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-179-247.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.235.97.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-97-224.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f98.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.124.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.124.117.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.92.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.92.201.35.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.76.208 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.76.95.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.2.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-19.fra56.r.cloudfront.net

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.239.232.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-73.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.89.56 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-56.fra50.r.cloudfront.net

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.44.206.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-206-121.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.254.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-254-53.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.206 (United Kingdom)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.191.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.191.107.34.bc.googleusercontent.com

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-76.fra56.r.cloudfront.net

cdn-prod.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.101.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.108.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-108-220.txl50.r.cloudfront.net

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.23.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-210.vie50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-52.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.217.7.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-7-19.us-west-2.compute.amazonaws.com

app.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.19.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f1.1e100.net

e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.101.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: am-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.249.101.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: am-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-51.fra60.r.cloudfront.net

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.212.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-212-221.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.27.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-27-64.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.64.188.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.201.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-201-209.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	thenewstribune.com 1 redirects thenewstribune.com — Cisco Umbrella Rank: 210483 www.thenewstribune.com — Cisco Umbrella Rank: 230841 media.thenewstribune.com	2 MB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 170	238 KB
19	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 304 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 pubads.g.doubleclick.net — Cisco Umbrella Rank: 369 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390	222 KB
17	celtra.com ads.celtra.com — Cisco Umbrella Rank: 4552 cache-ssl.celtra.com — Cisco Umbrella Rank: 5340 track.celtra.com — Cisco Umbrella Rank: 5158	449 KB
11	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 4572 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4874	722 KB
10	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1620 sync-tm.everesttech.net — Cisco Umbrella Rank: 930 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 10117	1 KB
9	boltdns.net cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 6873	4 MB
8	google.com www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 136	3 KB
7	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 3569 api.bounceexchange.com — Cisco Umbrella Rank: 3653	205 KB
6	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 4537 va.idp.liveperson.net — Cisco Umbrella Rank: 16996 va.v.liveperson.net — Cisco Umbrella Rank: 5447	119 KB
6	securiti.ai cdn-prod.securiti.ai — Cisco Umbrella Rank: 36607 app.securiti.ai — Cisco Umbrella Rank: 47442	109 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 391 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 750	48 KB
6	misitemgr.com publicapi.misitemgr.com — Cisco Umbrella Rank: 78217	51 KB
6	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 6494	22 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118 imasdk.googleapis.com — Cisco Umbrella Rank: 456 storage.googleapis.com — Cisco Umbrella Rank: 696	798 KB
5	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1981	3 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 16596 www.i.matheranalytics.com — Cisco Umbrella Rank: 17361	42 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	233 KB
4	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 6863 k.p-n.io — Cisco Umbrella Rank: 3616	52 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4818	7 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	132 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	289 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 5221 www.google.de — Cisco Umbrella Rank: 3460	1 KB
3	keywee.co 1 redirects cdn.keywee.co — Cisco Umbrella Rank: 12445	23 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 7498 page.cdnbasket.net — Cisco Umbrella Rank: 7505 view.cdnbasket.net — Cisco Umbrella Rank: 7512	1014 B
3	amazonaws.com s3.amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 33495 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5114	10 KB
3	adobedc.net edge.adobedc.net — Cisco Umbrella Rank: 7234	3 KB
3	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 13572 dpm.demdex.net — Cisco Umbrella Rank: 293	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 6079 e.cdnwidget.com — Cisco Umbrella Rank: 21872	305 B
2	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 19259 pixel.quantserve.com — Cisco Umbrella Rank: 683	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	88 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 2681	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	112 KB
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	22 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 4219	94 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 218	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3974 p1.parsely.com — Cisco Umbrella Rank: 3168	24 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	63 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 26789	96 KB
1	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 2506	345 B
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 1356	548 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1200	1 KB
1	imrworldwide.com secure-us.imrworldwide.com — Cisco Umbrella Rank: 2662	597 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3135	258 B
1	everestjs.net www.everestjs.net — Cisco Umbrella Rank: 9053	3 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 7309	37 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 4720	143 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 2308	596 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 913	326 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 2288	37 KB
1	theolympian.com www.theolympian.com — Cisco Umbrella Rank: 449343	52 KB
1	mcclatchy-wires.com www.mcclatchy-wires.com — Cisco Umbrella Rank: 120106	34 KB
1	bellinghamherald.com www.bellinghamherald.com — Cisco Umbrella Rank: 478298	890 KB
1	idahostatesman.com www.idahostatesman.com — Cisco Umbrella Rank: 122478	49 KB
1	m-users-manage.online 1 redirects amazonc.o.m-users-manage.online	358 B
323	57

	Domain	Requested by
47	www.thenewstribune.com	www.thenewstribune.com
12	track.celtra.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.thenewstribune.com tpc.googlesyndication.com e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.thenewstribune.com e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net www.thenewstribune.com www.googletagservices.com
9	cf-images.us-east-1.prod.boltdns.net	www.thenewstribune.com
8	lpcdn.lpsnmedia.net	lptag.liveperson.net
8	sync-tm.everesttech.net	www.thenewstribune.com
6	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
6	publicapi.misitemgr.com	www.thenewstribune.com
6	edge.api.brightcove.com	www.thenewstribune.com
6	www.google.com	www.thenewstribune.com tpc.googlesyndication.com e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
5	jadserve.postrelease.com	s.ntv.io www.thenewstribune.com
4	cache-ssl.celtra.com	ads.celtra.com www.thenewstribune.com
4	tags.srv.stackadapt.com	www.thenewstribune.com tags.srv.stackadapt.com
4	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
4	imasdk.googleapis.com	www.thenewstribune.com imasdk.googleapis.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	www.thenewstribune.com e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
3	www.facebook.com
3	accdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
3	app.securiti.ai	cdn-prod.securiti.ai
3	cdn-prod.securiti.ai	www.thenewstribune.com cdn-prod.securiti.ai
3	cdn.keywee.co	1 redirects cdn.keywee.co
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	www.i.matheranalytics.com	www.thenewstribune.com
3	edge.adobedc.net	www.thenewstribune.com
2	k.p-n.io	cdn.p-n.io
2	va.v.liveperson.net	lptag.liveperson.net
2	va.idp.liveperson.net	lptag.liveperson.net va.idp.liveperson.net
2	googleads4.g.doubleclick.net	www.thenewstribune.com
2	www.google.de
2	googleads.g.doubleclick.net	www.googleadservices.com e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
2	e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net cdn.confiant-integrations.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
2	lptag.liveperson.net	www.thenewstribune.com
2	cdn.p-n.io	www.thenewstribune.com cdn.p-n.io
2	www.googletagmanager.com	www.thenewstribune.com
2	ml314.com	www.thenewstribune.com ml314.com
2	connect.facebook.net	www.thenewstribune.com connect.facebook.net
2	cdn.confiant-integrations.net	htlbid.com cdn.confiant-integrations.net
2	js.matheranalytics.com	1 redirects www.thenewstribune.com
2	sb.scorecardresearch.com	www.thenewstribune.com
2	adservice.google.com	imasdk.googleapis.com securepubads.g.doubleclick.net
2	s0.2mdn.net	imasdk.googleapis.com e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
2	htlbid.com	www.thenewstribune.com
2	media.thenewstribune.com	www.thenewstribune.com
2	cm.g.doubleclick.net	2 redirects
2	dpm.demdex.net	www.thenewstribune.com
1	protected-by.clarium.io	e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
1	ads.celtra.com	www.thenewstribune.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.quantserve.com
1	pxl.qccerttest.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	e.cdnwidget.com
1	api.bounceexchange.com	assets.bounceexchange.com
1	rules.quantcount.com	edge.quantserve.com
1	dyv1bugovvq1g.cloudfront.net	htlbid.com
1	ids.cdnwidget.com	assets.bounceexchange.com
1	edge.quantserve.com	www.thenewstribune.com
1	secure-us.imrworldwide.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	api.ipify.org	www.thenewstribune.com
1	d15kdpgjg3unno.cloudfront.net	htlbid.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	lasteventf-tm.everesttech.net	www.everestjs.net
1	p1.parsely.com	www.thenewstribune.com
1	ams-pageview-public.s3.amazonaws.com	htlbid.com
1	www.everestjs.net	www.thenewstribune.com
1	tag.wknd.ai	www.thenewstribune.com
1	cdn.parsely.com	www.thenewstribune.com
1	s.ntv.io	www.thenewstribune.com
1	s3.amazonaws.com	www.thenewstribune.com
1	geo.privacymanager.io	ats.rlcdn.com
1	www.gstatic.com	www.google.com
1	geolocation.onetrust.com	www.thenewstribune.com
1	ats.rlcdn.com	www.thenewstribune.com
1	storage.googleapis.com	www.thenewstribune.com
1	www.theolympian.com	www.thenewstribune.com
1	www.mcclatchy-wires.com	www.thenewstribune.com
1	www.bellinghamherald.com	www.thenewstribune.com
1	www.idahostatesman.com	www.thenewstribune.com
1	cm.everesttech.net	1 redirects
1	adobedc.demdex.net	www.thenewstribune.com
1	fonts.googleapis.com	www.thenewstribune.com
1	thenewstribune.com	1 redirects
1	amazonc.o.m-users-manage.online	1 redirects
323	92

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
account.thenewstribune.com
subscribe.thenewstribune.com
liveedition.thenewstribune.com
www.legacy.com
myaccount.thenewstribune.com
thenewstribune.newspapers.com
go.mcclatchy.com
t.news.thenewstribune.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
games.thenewstribune.com
placead.mcclatchy.com
www.accesousa.com
classifieds.mcclatchy.com
jobs.thenewstribune.com
thenewstribune.com
www.mcclatchy.com
privacy-central.securiti.ai

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-01` - `2022-12-14`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
adobedc.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
edge.adobedc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-18` - `2022-11-18`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
htlbid.com Amazon	`2021-11-21` - `2022-12-19`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
*.misitemgr.com Entrust Certification Authority - L1K	`2022-08-16` - `2023-09-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
tag.wknd.ai R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.everestjs.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.confiant-integrations.net E1	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2022-10-03` - `2023-01-01`	3 months	crt.sh
www.i.matheranalytics.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
data.cdnbasket.net GTS CA 1D4	`2022-09-27` - `2022-12-26`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2022-09-27` - `2022-12-26`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2022-09-27` - `2022-12-26`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
queue.amazonaws.com Amazon	`2022-08-19` - `2023-08-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-13` - `2022-10-11`	3 months	crt.sh
ml314.com GTS CA 1D4	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
ids.cdnwidget.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
pushlycdn.com Amazon	`2022-02-14` - `2023-03-15`	a year	crt.sh
app.securiti.ai Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.anyword.com Amazon	`2022-07-05` - `2023-08-03`	a year	crt.sh
*.wunderkind.co R3	`2022-08-13` - `2022-11-11`	3 months	crt.sh
e.cdnwidget.com R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
celtra.com Amazon	`2022-02-09` - `2023-03-09`	a year	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2022-04-10` - `2023-04-26`	a year	crt.sh
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-03-22` - `2023-03-22`	a year	crt.sh
*.p-n.io Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.thenewstribune.com/
Frame ID: BFDFF010EB6D1DFD73F5A19B4E55A9B5
Requests: 218 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/6fdff88d-057e-43f5-b676-f8f72dc8a394
Frame ID: F88CDDA3B728A68E48DA0A8B3F855D3D
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/c28cf710-5b5d-41b7-9d60-f7a02edc4ef0
Frame ID: 1A1A031C817F62203177834BD2A6D24A
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/66a18b0d-9eab-4088-9a2c-eff0a0baef92
Frame ID: 3A8E11BE66B525E992EFF72CEB60F521
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/ccc9bc2f-a002-4e5e-9579-4d371a262683
Frame ID: BA35BF2867C68180D75BF2ECE3ECCAA7
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html
Frame ID: 50486EE763A0B837F588F5D5F3B86840
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html
Frame ID: C3427A5F8435ACDE7E75C5CC1F9CCB19
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html
Frame ID: AC2E81FD6828966F425E7621B8A64C91
Requests: 2 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 8662964BBFD8684260A1FDD72AC8886A
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/c805f426-8ab0-41af-970f-88a529afa969
Frame ID: 01FCA60EC172EBC31CD879F430E44397
Requests: 6 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/f555d3ce-bc4f-48e7-b35b-8246e4dd87d5
Frame ID: 5AC81D39499A1A24143180712CA04EAF
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/17de705b-da2b-4ddc-8348-04e36b2343d1
Frame ID: C9B4120FEBA4A1D85816EB41C68F1711
Requests: 6 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/a71d3919-6314-442b-bcd7-cf9a28ffe896
Frame ID: B8DF2344F75E86B0DDE3F84FF4EDB59C
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/80dd0f7a-8129-4583-8389-0032a4f21903
Frame ID: 07C5941E308AF55D816E0A2B0184F803
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/29e9df7f-9213-4012-a401-38615d35a4a2
Frame ID: A76953BFA4E92E94A248C60840A5BD61
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/d2cd444e-252f-4ca4-b6e3-a69debde72c0
Frame ID: 67CFFE0783C13429C85A508A6AD3E2D7
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/311f48ac-fc13-48f6-8adb-acf51d3baf05
Frame ID: E0FB594C444F16EF7558D1094BB68D82
Requests: 7 HTTP requests in this frame

Frame: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27ADFF46C60B45AA21292276CC97A9C2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMdobSiUq1sNkXAz9S31_nJdhCOg3nMMveVZi-d66agE1Jd19yTbfaqaMqF8_KBWbqCPHandGCeROfyIwgXH3CSjn4SZ3xTFKc7SVWbPC9BxR6nFF5lgCzD-zTROQ-RsYd5rSY20iCe-vevLOEiGT5O81isZMaKz_oBmNDs3fjaHS1qX_KtR0959d5xsthTuTqkXaD-T5NAROQ8AtTrQIOx3SS04upliDIQONq6ojgoo3_fQFIo0ZKjFTdm6BBJOvug1FIrW56xrJZm0Jqm31bZX3l55-hoJvNH6Ts0Bykk3YFw33PrLK8j53sh0XNVPnsKica8dk9aHcMMmXld8SHj3BFtHnDgUI&sai=AMfl-YSjaxOSlvAVxoFfvdiiCWBWhs5LHgcJ_8cVXLVipLLXxr7QjgYIuNMpFS-Gk1IJVNno_0WtrjLFrW8wI2GQsW9FL5jL2HtMOqPO5ckqRSZglfPrm1u1xSPlOgVvUEvbfA&sig=Cg0ArKJSzJxbRU2WXdWoEAE&uach_m=[UACH]&adurl=
Frame ID: 3F71474383CC047163805E99E1B532E5
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A392F24183A11B9AEC53947E3415281
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 829CCF80B4F2C32ECD3492FC8C507F81
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaY2x3ShIDdvNuj3hX1F3RDIhQLzbt80QZKa-nG-fon89IQrJNugG_qKZ1JAs6NzJbuF9gy3IBTmH3i9k4ibYGyBE-qMkUZZMtgnwwbFz69LfUaLfD7BpCI-F7K9hXbKXcHfYKz5d7dTbSsua8rw1TOneZeV6HAwrWx4TdriAFllOy7KuN_0Y8vhytkYDmcpONm1utTDCcIDc6YfvORDEY7dcj4Cj2d4DABZeBzxDVsd0vVYMnHTsZn6pktXLbJKFC0QqPa6smCwMi4SfH9gDUMIFJL0N5MlvMxWUCLd9LYTu66mJ6Hn8IWnWnSbWqvwX-g-YSNwx3eRN3r5EGDbu-4RRelLf17Dwvn6w&sai=AMfl-YRBF-nb0Ln_D1W5cG8fQdhoAVDdKFWEP50Mj4w6AXMpeHGB2b2fwdUiecqIKieVzpOCVRCFZGRfX6IY59REJCzsjhyNXBE6RyKF_Xi9IRM5cMstvWYIOyfF2sdo2hta-A&sig=Cg0ArKJSzP4AObix02RJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 92AA21EFC0910DD8CA8AAF3A7CB847F5
Requests: 8 HTTP requests in this frame

Frame: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D9436259E5D60B27A13650D826529F28
Requests: 15 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true
Frame ID: 32BDEB6EF115205E091D75AC2B0DB882
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhiq_O_FATAB&v=APEucNX1GRSRd71I8FQXEIjlbxfU9KmagWktGWBQNNBcMOfAQnbJp9--Y-fcFj23YFQaQmWonnDrteZhH9er0R_PIuLNtEQydQ
Frame ID: BC9BB728FC496974426F57ADF95DB9FB
Requests: 1 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1664848937432&loc=https%3A%2F%2Fwww.thenewstribune.com
Frame ID: 320FA4FC58DD24E38788878D69B1D904
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 961C0DBC01DB1DA2D5EEFDF4A03591D2
Requests: 3 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/blobs/a6602359da09b3808cd9a24eec034ce0a93e357ce3706dd7007e1882c5e1ad1d/723459.jpg?transform=crush&quality=85
Frame ID: 740B623266751EBB2D5E0E473FBB20AC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tacoma WA Breaking News, Crime & More | Tacoma News TribuneClose navigation panelVideo mediaVideo mediaVideo media

Page URL History Show full URLs

https://amazonc.o.m-users-manage.online/ HTTP 307
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

323
Requests

82 %
HTTPS

0 %
IPv6

57
Domains

92
Subdomains

80
IPs

8
Countries

10764 kB
Transfer

20301 kB
Size

22
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://account.thenewstribune.com/auth0
Title: LOG IN

Search URL Search Domain Scan URL

URL: https://subscribe.thenewstribune.com/beinformed
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://liveedition.thenewstribune.com/
Title: Tacoma Now

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/tribnet/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://myaccount.thenewstribune.com/tac_nt/home#navlink=subnav
Title: Account Management

Search URL Search Domain Scan URL

URL: https://thenewstribune.newspapers.com/#navlink=subnav
Title: Archives

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1#navlink=subnav
Title: Media Kit

Search URL Search Domain Scan URL

URL: http://t.news.thenewstribune.com/webApp/mccSignupPage?siteName=thenewstribune#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tacomanewstribune#navlink=subnav
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/thenewstribune#navlink=subnav
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thenewstribune/#navlink=subnav
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TacomaNewsTribune#navlink=subnav
Title: YouTube

Search URL Search Domain Scan URL

URL: https://liveedition.thenewstribune.com/#navlink=subnav
Title: Tacoma Now

Search URL Search Domain Scan URL

URL: https://games.thenewstribune.com/#navlink=subnav
Title: Puzzles & Games

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/tribnet/#navlink=navbar
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placead.mcclatchy.com/obits/tacoma/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://www.accesousa.com/
Title: Acceso USA

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/tacoma/
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/tacoma#navlink=subnav
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://jobs.thenewstribune.com/#navlink=navbar
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Farticle266731826.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Farticle266731826.html&text=Watch%20what%20The%20News%20Tribune%27s%20Gregg%20Bell%20learned%20from%20Seahawks%27%20wild%20win%20at%20Detroit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Farticle266723166.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Farticle266723166.html&text=Seattle%20QB%20Geno%20Smith%20talks%20about%20his%20game%20against%20Detroit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.thenewstribune.com%2Flatest-news%2Farticle266723261.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thenewstribune.com%2Flatest-news%2Farticle266723261.html&text=Watch%3A%20Pete%20Carroll%20raves%20about%20Geno%20Smith%2C%20Seahawks%27%20offense%20in%20shootout%20past%20Lions%20

Search URL Search Domain Scan URL

URL: https://thenewstribune.com/mobile
Title: Tacoma News Tribune App

Search URL Search Domain Scan URL

URL: http://t.news.thenewstribune.com/webApp/mccSignupPage?siteName=thenewstribune
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tacomanewstribune

Search URL Search Domain Scan URL

URL: https://twitter.com/thenewstribune

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/TacomaNewsTribune

Search URL Search Domain Scan URL

URL: https://myaccount.thenewstribune.com/tac_nt/home
Title: Vacation Hold

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-tribune/#navlink=mi_footer
Title: About Us

Search URL Search Domain Scan URL

URL: http://t.news.thenewstribune.com/webApp/mccSignupPage?siteName=thenewstribune#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/tacoma#navlink=mi_footer
Title: Place a Classified

Search URL Search Domain Scan URL

URL: https://placead.mcclatchy.com/obits/tacoma/index.html#navlink=mi_footer
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://privacy-central.securiti.ai/#/dsr-universal/0a979fab-900d-4113-aab0-e2bf786400ac
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://amazonc.o.m-users-manage.online/ HTTP 307
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://cm.everesttech.net/cm/dd?d_uuid=71150945207633381443669278850740175888 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzuUIwAAAHlFagMx

Request Chain 30

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzExNTA5NDUyMDc2MzMzODE0NDM2NjkyNzg4NTA3NDAxNzU4ODg= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzExNTA5NDUyMDc2MzMzODE0NDM2NjkyNzg4NTA3NDAxNzU4ODg=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOdWE9KdfsZhhIuJ1dUMB64&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 138

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1606 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/8/ml.br.js

Request Chain 201

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

323 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thenewstribune.com/
Redirect Chain

https://amazonc.o.m-users-manage.online/
https://thenewstribune.com/
https://www.thenewstribune.com/

197 KB
25 KB

156ms
37ms

Document
text/html

23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7b23034edf1bbf42b80ffdea1afd4e50fe3640fc7eaf2651712bebae39a55124

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 24280
content-type: text/html;charset=utf-8
date: Tue, 04 Oct 2022 02:02:11 GMT
etag: W/"310e5-THHSbhM29dfk8RYkoN/Pue3Lcog"
expires: Tue, 04 Oct 2022 02:02:11 GMT
last-modified: Tue, 04 Oct 2022 01:59:49 GMT
mi-api: WPS
mi-cache: HIT
mi-cache-age: 3
pragma: no-cache
server: MI
surrogate-control: varnish=ESI/2.1
vary: Accept-Encoding
x-akamai-transformed: 9 24089 0 pmb=mTOE,4
x-mi-in-market: 0
x-proxy-forwarding-type: BlackList
x-varnish: 807636581, 233681538 257392994

Redirect headers

Connection: Keep-Alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 04 Oct 2022 02:02:10 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.thenewstribune.com/
Server: Apache

GET
H2 200 thenewstribunecore.js Show response
www.thenewstribune.com/ziylnbso-o/ 214 KB
63 KB 60ms
55ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c923828f2515a367ee171e361f88c604ef8291c1a01a0ffbefc40370b89afac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 318
content-length: 64069
last-modified: Thu, 29 Sep 2022 16:38:32 GMT
server: MI
etag: W/"35623-5e9d382009200"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 60887476 54271590
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=95
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 vendor.bundle-e8bf89b42a8198ff411c.js Show response
www.thenewstribune.com/wps/build/webpack/ 99 KB
34 KB 52ms
47ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-e8bf89b42a8198ff411c.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 34371
last-modified: Thu, 22 Sep 2022 17:37:51 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"18ca4-1836646f998"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 734756361, 307116394
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=204947
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-607fd7cfea582dcf340d.js Show response
www.thenewstribune.com/wps/build/webpack/ 9 KB
3 KB 61ms
57ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mi-header.bundle-607fd7cfea582dcf340d.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 40bd715f039fc3a10bee6d57043e4ffc5ede47c39789313e15873ca467777d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 3011
last-modified: Thu, 22 Sep 2022 17:37:51 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"22c6-1836646f998"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 647066379, 74176706
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=578972
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 371ms
23ms Stylesheet
text/css 142.251.36.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s44-in-f10.1e100.net

Software

ESF /

Resource Hash

a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 01:47:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Oct 2022 02:02:11 GMT

GET
H2 200 mi-styles.edbcba0a9d4e3d9d95fb.css
www.thenewstribune.com/wps/build/webpack/css/ 208 KB
45 KB 39ms
35ms Stylesheet
text/css 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.edbcba0a9d4e3d9d95fb.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 28997777275ee4741feb19e27a7b628db71161cbe7017ee17484508bb73c5cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 45311
last-modified: Thu, 22 Sep 2022 17:38:06 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"33e62-18366473430"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 677953640, 22662847
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=571306
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 guid.js Show response
www.thenewstribune.com/wps/source/scripts/libs/ 1 KB
968 B 66ms
63ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/source/scripts/libs/guid.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 352034
content-length: 547
last-modified: Thu, 22 Sep 2022 17:34:37 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"505-183664403c8"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 730540866, 508070548 270850525
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=517453
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
964 B 720ms
52ms Script
text/javascript 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f4.1e100.net

Software

GSE /

Resource Hash

0f7bb922403a0dde555b8ff2724b25b64f0d42045117f311697d1d10c459d61c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 1; mode=block
expires: Tue, 04 Oct 2022 02:02:12 GMT

GET
H2 200 16c6055d Show response
www.thenewstribune.com/akam/13/ 26 KB
9 KB 11ms
10ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/16c6055d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 04763f567754fa13c29c6ca95d8f0182db2a77e8667d37d731c37e32aa89c2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:06:36 GMT
etag: "c0f7f14c0d4906abc5c54f245ae642f00a92142be4030321ec7f783611a1015c"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 8774
expires: Tue, 04 Oct 2022 02:02:11 GMT

GET
H2 200 mastheadPage.bundle-2a61125a3fda4d2d932e.js Show response
www.thenewstribune.com/wps/build/webpack/ 131 KB
44 KB 81ms
78ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mastheadPage.bundle-2a61125a3fda4d2d932e.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 31463f7196625e2a74f34f94d8d9908c5a94a0e8809c8ba494c2ccd4f5c87aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 88
content-length: 44094
last-modified: Thu, 22 Sep 2022 17:37:53 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"20a81-18366470168"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 680956078, 77941187 73887349
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=571334
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 premium-topper.js Show response
www.thenewstribune.com/static/hi/prodx/premium-topper/ 9 KB
3 KB 90ms
88ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bd24c662d59b09dc2750610bca4aa94d397a00dd217f9590ad8fc6c0ac93a389

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 51
content-length: 3059
last-modified: Thu, 23 Jun 2022 20:56:37 GMT
server: MI
etag: W/"2419-5e223b0882b40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 373086607, 690061019 697100174
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=145
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mi-footer.bundle-9e59a31b822d120051b7.js Show response
www.thenewstribune.com/wps/build/webpack/ 8 KB
3 KB 70ms
68ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mi-footer.bundle-9e59a31b822d120051b7.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 101501
content-length: 2925
last-modified: Thu, 22 Sep 2022 17:37:51 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2137-1836646f998"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 728300930, 346587280 260935204
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=326578
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 vue.bundle-eeca3ceab7d82993245e.js Show response
www.thenewstribune.com/wps/build/webpack/ 107 KB
38 KB 77ms
75ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/vue.bundle-eeca3ceab7d82993245e.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bccdaeff95efbd6865f096373aed67124dbb2546b36310525ecc973f87590907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 102129
content-length: 38877
last-modified: Thu, 22 Sep 2022 17:38:25 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"1ad49-18366477e68"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 670867316, 624166826 368508986
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=159774
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videojs.bundle-243f8c7ebc265ae92f6e.js Show response
www.thenewstribune.com/wps/build/webpack/ 575 KB
152 KB 83ms
81ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videojs.bundle-243f8c7ebc265ae92f6e.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b21477b09777a8444a6ec61ee4d70ac815a00625c0cd724d488328040e6e2e06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 31
content-length: 154946
last-modified: Thu, 22 Sep 2022 17:38:25 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"8fd16-18366477e68"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 675408857, 86872330 86740884
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=571519
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoStory.bundle-ac8c70bb2ca8b9b54db5.js Show response
www.thenewstribune.com/wps/build/webpack/ 172 KB
52 KB 91ms
89ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-ac8c70bb2ca8b9b54db5.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 525efeb6315110c3ba4b37840accb46e1992875e5a434aeda15e9576f7745ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 88
content-length: 52926
last-modified: Thu, 22 Sep 2022 17:38:25 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2ae71-18366477e68"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 653078354, 924503398 913400507
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=533128
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 footer.bundle-1f06f5f8ac3bfe589066.js Show response
www.thenewstribune.com/wps/build/webpack/ 10 KB
3 KB 96ms
95ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/footer.bundle-1f06f5f8ac3bfe589066.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 469745
content-length: 2570
last-modified: Tue, 20 Sep 2022 14:59:14 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"284c-1835b6909d0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 601153299, 128785205 810425253
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=70384
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 1e847092-8691-4c81-8d6c-a0247b2e6228 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1e847092-8691-4c81-8d6c-a0247b2e6228
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 685d875825ac52a0ef19f065f10878fbfadbbc15e33f48af6a82a5ff5a08f450

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 acquire Show response
adobedc.demdex.net/ee/v1/identity/ 3 KB
2 KB 104ms
48ms Fetch
application/json 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/identity/acquire?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=ec0308fb-b664-4915-ae68-cb94bbdafe74

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

c58668c37693fc91dc876f7f94512c385d37a16b2ce913cad9d17539d5f91f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 02:02:10 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: ec0308fb-b664-4915-ae68-cb94bbdafe74
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.9.54:a77b84d1

GET
H2 200 netdale.78fe6c6ad79ec3d70e3d.js Show response
www.thenewstribune.com/ziylnbso-o/ 80 KB
22 KB 18ms
17ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/netdale.78fe6c6ad79ec3d70e3d.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/1e847092-8691-4c81-8d6c-a0247b2e6228
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f32f53fed8fcdb278b87841e00df7045b5cbb0e2a5babb6bc74a4a77eb542a7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 294
content-length: 22347
last-modified: Thu, 29 Sep 2022 16:38:28 GMT
server: MI
etag: W/"14196-5e9d381c38900"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 61310317, 260999850 259661442
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=226000
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 7659b47d-5b69-4d02-a28f-bf4b8711e644 Show response
https://www.thenewstribune.com/ 234 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/7659b47d-5b69-4d02-a28f-bf4b8711e644
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd17bcf79f3ec09a5cdac00b3b199ae3a853ac23d0d69d646a16b710510ffd69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 234
Content-Type: [object object]

GET
BLOB 200
OK 64b25fc6-df3a-4c6a-aa8d-cb3b6bee219e Show response
https://www.thenewstribune.com/ 311 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/64b25fc6-df3a-4c6a-aa8d-cb3b6bee219e
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11545d74a2da2ad36c4bc054de486b19549257010a49cea35bb59086d9c7d9e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 311
Content-Type: [object object]

GET
BLOB 200
OK 8f66ee6e-5b8c-4b7f-87bf-0acd91e02531 Show response
https://www.thenewstribune.com/ 362 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/8f66ee6e-5b8c-4b7f-87bf-0acd91e02531
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d89fcffc0f013b852144e04aa7a737bb546d07b34e548d8a4921ab04df726082

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 362
Content-Type: [object object]

GET
BLOB 200
OK d3285963-1703-40a4-a364-31cf1705eaff Show response
https://www.thenewstribune.com/ 323 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d3285963-1703-40a4-a364-31cf1705eaff
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949b0b9bf6768359f6f85d4b5c112de352e47a7f476f0f47c1574a1e26f3f8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 323
Content-Type: [object object]

GET
BLOB 200
OK 8df0fca7-914a-4981-b97c-2e441a464933 Show response
https://www.thenewstribune.com/ 313 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/8df0fca7-914a-4981-b97c-2e441a464933
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 830cac2a8908afc16e114cd8393040e1cf11977a968af0c0dd052d592868ea16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 313
Content-Type: [object object]

GET
BLOB 200
OK 7cbd1ad8-1947-45fb-b2a0-eb8a2c5a931f Show response
https://www.thenewstribune.com/ 290 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/7cbd1ad8-1947-45fb-b2a0-eb8a2c5a931f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c67b61c036e739d02f7ede3743012003c6bf06788c9fba601b65983c0a0ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 290
Content-Type: [object object]

GET
BLOB 200
OK dfdea9d9-a562-4ce6-8807-a5ababd66bf3 Show response
https://www.thenewstribune.com/ 299 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/dfdea9d9-a562-4ce6-8807-a5ababd66bf3
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a6a1024807e3504d93d0fc26e07281450105e97e36169a178243b9856dad356

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 299
Content-Type: [object object]

GET
BLOB 200
OK a0a67e2a-3cca-4476-abd5-663c20727911 Show response
https://www.thenewstribune.com/ 359 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a0a67e2a-3cca-4476-abd5-663c20727911
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 650587719d00d216eff81b7a8feade391863ace124e282d62018b1df5fd75f92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 359
Content-Type: [object object]

GET
BLOB 200
OK a4175cd8-51f1-4777-b183-fb2a10188e2f Show response
https://www.thenewstribune.com/ 313 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a4175cd8-51f1-4777-b183-fb2a10188e2f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becd124e0894570d928778df3677413aa7c44cb86e63e4592ccb117d3f2a5b21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 313
Content-Type: [object object]

GET
BLOB 200
OK ae34469a-c820-4aa9-be2c-075b7ccf326b Show response
https://www.thenewstribune.com/ 325 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ae34469a-c820-4aa9-be2c-075b7ccf326b
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 359ca6d9de759ae6cc10299b0952d454830da1b9f1109146dc4626685b898258

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 325
Content-Type: [object object]

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 4 KB
2 KB 136ms
75ms Fetch
application/json 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=88d9e5c8-84fa-46b8-bdd5-df020ce3aa81

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44da744510338f9526948a489814d2384d9c98f5ce15114ebe33bcebe5888dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: 88d9e5c8-84fa-46b8-bdd5-df020ce3aa81
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.9.54:a77b84d1

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YzuUIwAAAHlFagMx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=71150945207633381443669278850740175888
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzuUIwAAAHlFagMx

42 B
942 B

378ms
35ms

Image
image/gif

54.76.210.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzuUIwAAAHlFagMx

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

HTTP/1.1

Server

54.76.210.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-210-146.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-05525f3f4.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tRSjTVocS7A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzuUIwAAAHlFagMx
Date: Tue, 04 Oct 2022 02:02:11 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEOdWE9KdfsZhhIuJ1dUMB64&google_cver=1
dpm.demdex.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzExNTA5NDUyMDc2MzMzODE0NDM2NjkyNzg4NTA3NDAxNzU4ODg=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzExNTA5NDUyMDc2MzMzODE0NDM2NjkyNzg4NTA3NDAxNzU4ODg=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOdWE9KdfsZhhIuJ1dUMB64&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

345ms
35ms

Image
image/gif

54.76.210.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOdWE9KdfsZhhIuJ1dUMB64&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

HTTP/1.1

Server

54.76.210.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-210-146.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-0fd49f064.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: T/PhrU0jQzI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOdWE9KdfsZhhIuJ1dUMB64&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ 0
177 B 37ms
7ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664848932.684016,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19138-FRA

GET
H2 503 btu4jd3a
sync-tm.everesttech.net/upi/pid/ 0
59 B 38ms
9ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664848932.684740,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19138-FRA

GET
H2 503 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ 0
59 B 38ms
9ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664848932.684715,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19138-FRA

GET
H2 503 UH6TUt9n
sync-tm.everesttech.net/upi/pid/ 0
60 B 36ms
8ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664848932.684684,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19138-FRA

GET
H2 503 ny75r2x0
sync-tm.everesttech.net/upi/pid/ 0
60 B 36ms
8ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664848932.684667,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19138-FRA

GET
H2 503 b9pj45k4
sync-tm.everesttech.net/upi/pid/ 0
61 B 36ms
8ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664848932.684643,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19138-FRA

GET
H2 503 h0r58thg
sync-tm.everesttech.net/upi/pid/ 0
59 B 7ms
6ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664848932.694159,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19138-FRA

GET
H2 503 r7ifn0SL
sync-tm.everesttech.net/upi/pid/ 0
59 B 7ms
7ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Tue, 04 Oct 2022 02:02:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664848932.694262,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19138-FRA

GET
H2 200 identityModulev3.min.js Show response
www.thenewstribune.com/wps/source/scripts/libs/ 35 KB
11 KB 13ms
11ms XHR
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/source/scripts/libs/identityModulev3.min.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 534272
content-length: 11142
last-modified: Tue, 20 Sep 2022 14:55:43 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"8dbb-1835b65d198"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 572861972, 262513373 818161924
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=150212
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 logo.svg
www.thenewstribune.com/wps/build/images/thenewstribune/ 10 KB
4 KB 14ms
12ms Image
image/svg+xml 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/logo.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/mastheadPage.bundle-2a61125a3fda4d2d932e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b9f65b633a49a499a034c954707d726a90d5571ec8fc571eb7c5e4e59e9b3108

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 76249
content-length: 4088
last-modified: Thu, 22 Sep 2022 17:37:51 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2810-1836646f998"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 745663103, 438280396 377081822
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=356492
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 515ms
29ms Font
font/woff2 142.251.39.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f3.1e100.net

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:01:49 GMT
x-content-type-options: nosniff
age: 18023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 21:01:49 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 519ms
34ms Font
font/woff2 142.251.39.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f3.1e100.net

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:01:50 GMT
x-content-type-options: nosniff
age: 18022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 21:01:50 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v21/ 27 KB
27 KB 542ms
57ms Font
font/woff2 142.251.39.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f3.1e100.net

Software

sffe /

Resource Hash

a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:44:22 GMT
x-content-type-options: nosniff
age: 404270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27456
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 09:44:22 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 557ms
72ms Font
font/woff2 142.251.39.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f3.1e100.net

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:05:29 GMT
x-content-type-options: nosniff
age: 17803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 21:05:29 GMT

GET
H2 200 tacoma-puyallup-logo-color-2021-08.svg
media.thenewstribune.com/static/images/logos/ 11 KB
11 KB 782ms
415ms Image
image/svg+xml 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thenewstribune.com/static/images/logos/tacoma-puyallup-logo-color-2021-08.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 855b336540e9460f01d5d358d35d24748cbd20db695e0d41f6945cdbef07b7e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
last-modified: Thu, 02 Sep 2021 18:53:17 GMT
server: Apache
etag: "2ba5-5cb07b2251042"
vary: Origin
content-type: image/svg+xml
x-n: S
accept-ranges: bytes
content-length: 11173

GET
H2 200 tacoma-gateway-logo-color-horizontal-2021-08.svg
media.thenewstribune.com/static/images/logos/ 8 KB
8 KB 989ms
623ms Image
image/svg+xml 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thenewstribune.com/static/images/logos/tacoma-gateway-logo-color-horizontal-2021-08.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4561da777935fa07b41fbb1e3ade995d20c92560e803303f6f7e0d8fec27ff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
last-modified: Thu, 02 Sep 2021 18:53:17 GMT
server: Apache
etag: "1f97-5cb07b224fe46"
vary: Origin
content-type: image/svg+xml
x-n: S
accept-ranges: bytes
content-length: 8087

GET
H2 200 wxicons-blk-7.svg
www.thenewstribune.com/wps/source/images/widgets/weather/wxicons-blk/ 956 B
921 B 17ms
13ms Image
image/svg+xml 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/source/images/widgets/weather/wxicons-blk/wxicons-blk-7.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4bebeadc347808ade083c9eece87f0da0b0702d4aaf189a99de64e155578d18f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 8829
content-length: 504
last-modified: Thu, 22 Sep 2022 17:34:37 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"3bc-183664403c8"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 685262786, 969677166 960440102
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=89648
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 heron%20apts.jpeg
www.thenewstribune.com/latest-news/v5ikwn/picture266765951/alternates/LANDSCAPE_768/ 49 KB
50 KB 19ms
17ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/v5ikwn/picture266765951/alternates/LANDSCAPE_768/heron%20apts.jpeg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0676db1b4ed58d66f40b8475abd367dc036fd23f2f62471a312ef5428618e293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 50242
last-modified: Mon, 03 Oct 2022 20:25:29 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "5abad0a37a6940cd14215e9a3b5bbcee"
mi-cache: MISS
access-control-max-age: 86400
x-varnish: 222313176, 469010650
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=584825
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Meridian%20temple
www.idahostatesman.com/news/local/170vq/picture184642768/alternates/LANDSCAPE_768/ 48 KB
49 KB 41ms
32ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.idahostatesman.com/news/local/170vq/picture184642768/alternates/LANDSCAPE_768/Meridian%20temple
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ff1357227ca09ffdb1908cbf8184f8561f0319dd8aa0ad4bccc96bf15b85431e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2647
content-length: 49169
last-modified: Thu, 12 Aug 2021 22:58:58 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "cabae47930abdcad445d56d05d16f64c"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 94807454, 559579734 541659544
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=590338
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/473eab21-aa23-4b77-a51f-b4cd6fd601c9/a25472aa-c7fa-413f-8ed4-ef9918ac7a98/1280x720/match/ 288 KB
289 KB 70ms
11ms Image
image/jpeg 13.32.99.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/473eab21-aa23-4b77-a51f-b4cd6fd601c9/a25472aa-c7fa-413f-8ed4-ef9918ac7a98/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 73e0ab1ded0297d2e168e06b00e2dc924d5443519b83743f74354a6fae4bdbf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 20:51:06 GMT
Via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 18665
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: _ZtqbIaT1suo3BQD7TIvq82dEwOP_2i2_ekyR0VoD8iT60Z5xyGBig==
Expires: Tue, 03 Oct 2023 20:51:06 GMT

GET
H2 200 220929%20cb%20timberline%20vs.%20gig%20harbor%20football_03.JPG
www.thenewstribune.com/latest-news/de5p2g/picture266601521/alternates/LANDSCAPE_768/ 37 KB
37 KB 27ms
26ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/de5p2g/picture266601521/alternates/LANDSCAPE_768/220929%20cb%20timberline%20vs.%20gig%20harbor%20football_03.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: eb0c0421ff1b9a9fbf727eed3e1b059e781c8e28351c2a156d7534bbcd572c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 169
content-length: 37856
last-modified: Mon, 03 Oct 2022 20:23:43 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "418915cd51f13c6432d20e43d01da813"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 462169796, 222313183 223031883
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=584714
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 enhancements.js Show response
www.thenewstribune.com/static/hi/themes/ 7 KB
3 KB 38ms
36ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/themes/enhancements.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 697a410186a8355c10719ac5515b9a771a04d753bf618ee43d24e1d7789c5fd2

Request headers

Referer: https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 146
content-length: 2710
last-modified: Thu, 15 Sep 2022 19:04:26 GMT
server: MI
etag: W/"1c98-5e8bbea00c280"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 227574041, 224962178 219164184
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=122
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 exclusive-card.js Show response
www.thenewstribune.com/static/hi/prodx/premium-topper/ 2 KB
1 KB 38ms
37ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/prodx/premium-topper/exclusive-card.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 18e07d2e805871c64b625eb03c950fc77cbbdb707a26493fce307d39f4571524

Request headers

Referer: https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 299
content-length: 752
last-modified: Fri, 06 May 2022 19:44:44 GMT
server: MI
etag: W/"688-5de5d17130300"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 570303018, 567029624 575444002
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=130
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 380 KB
127 KB 429ms
21ms Script
text/javascript 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-ac8c70bb2ca8b9b54db5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

2bf517104f255123ba18c57e1de2f672c0271712d716ff844a26ea8162453b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129563
x-xss-protection: 0
expires: Tue, 04 Oct 2022 02:02:12 GMT

GET
H2 200 fontawesome-webfont.woff2
www.thenewstribune.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 19ms
19ms Font
font/woff2 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.edbcba0a9d4e3d9d95fb.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Referer: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.edbcba0a9d4e3d9d95fb.css
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 348
content-length: 56780
last-modified: Thu, 22 Sep 2022 17:34:37 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"ddcc-183664403c8"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 682358437, 87725364 79375205
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=16
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Peak410.jpg
www.thenewstribune.com/latest-news/qh2atu/picture266591061/alternates/LANDSCAPE_768/ 57 KB
58 KB 21ms
16ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/qh2atu/picture266591061/alternates/LANDSCAPE_768/Peak410.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e3d0acf28df68e69811737a86c2f287b6fa0fcfd6e8480de208c8de9bb81bd19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 278
content-length: 58471
last-modified: Fri, 30 Sep 2022 01:25:56 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "57be871a9cacc97e6724d2437c7b9e54"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 213782512 204927357
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=554655
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 carlights.jpg
www.bellinghamherald.com/latest-news/c87d8v/picture266563341/alternates/LANDSCAPE_768/ 888 KB
890 KB 72ms
59ms Image
image/png 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bellinghamherald.com/latest-news/c87d8v/picture266563341/alternates/LANDSCAPE_768/carlights.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9655253b7d5a8c206ab1a7f8379d4083ffb375e0455a1c88e578458166738a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 146
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 909055
last-modified: Thu, 29 Sep 2022 17:36:48 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "2bbea072be3527da0e8c5fbec6795f35"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 55019921, 505509145 509177416
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=554427
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Tacoma%20culinary%20comeback%20%20event%20image.png
www.thenewstribune.com/latest-news/svsri0/picture266495141/alternates/LANDSCAPE_768/ 187 KB
188 KB 27ms
22ms Image
image/png 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/svsri0/picture266495141/alternates/LANDSCAPE_768/Tacoma%20culinary%20comeback%20%20event%20image.png
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c297ee6020627db680d8ebcebd65f1cac37332a1cdb57865ae6adb04aac9379b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 191817
last-modified: Wed, 28 Sep 2022 16:11:07 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "8f1830177169ce86fb51f4b8118ef2b0"
mi-cache: MISS
access-control-max-age: 86400
x-varnish: 674137673, 307081094
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=208836
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 St.%20Joseph%20Medical%20Center_5.JPG
www.thenewstribune.com/latest-news/t52v13/picture246997922/alternates/LANDSCAPE_768/ 56 KB
56 KB 53ms
49ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/t52v13/picture246997922/alternates/LANDSCAPE_768/St.%20Joseph%20Medical%20Center_5.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7e44dc6e44e1e7eefeb15a0f0735b5c657f5a117799077460d379c26a628dea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1241
content-length: 57246
last-modified: Thu, 05 Nov 2020 21:05:35 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "5ad34d1bfe86ed956d22f6d8c2973fdd"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 250817788 254412016
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=598665
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/757be17c-2a25-4763-a823-efe48cb99f6a/fe111879-504e-4295-ad32-39479f77b983/1280x720/match/ 666 KB
667 KB 14ms
10ms Image
image/jpeg 13.32.99.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/757be17c-2a25-4763-a823-efe48cb99f6a/fe111879-504e-4295-ad32-39479f77b983/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 8173a43d8c2abc694b678f38ee1dabab5acd6d456e87a9fad9e66b28dd67d488

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 05:25:53 GMT
Via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 74178
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: WX1sPes_pVoXUSW8mSCqhCj4cDlBuP071IpctpDGOuP5HNVZMPDSnQ==
Expires: Tue, 03 Oct 2023 05:25:53 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/fc41e564-85f5-47ff-939f-57a0ae188950/e1f76205-5472-4067-adac-6fb220d33356/1280x720/match/ 296 KB
297 KB 39ms
16ms Image
image/jpeg 13.32.99.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/fc41e564-85f5-47ff-939f-57a0ae188950/e1f76205-5472-4067-adac-6fb220d33356/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 30a0db93353ae367619db114f53600dfaa9db283eb6010bff276c950ec7ac40b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 12:03:26 GMT
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 50325
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: qI5C5YuN306Sp04sEljSlkp_p-6mtTa8Qo6o_AInJhjE8Oh9LMrUzw==
Expires: Tue, 03 Oct 2023 12:03:26 GMT

GET
H2 200 2eb241e2-889b-45e5-a7a5-397909839ad9
www.mcclatchy-wires.com/incoming/rd7zkf/picture266654401/alternates/LANDSCAPE_768/ 33 KB
34 KB 73ms
61ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/rd7zkf/picture266654401/alternates/LANDSCAPE_768/2eb241e2-889b-45e5-a7a5-397909839ad9
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 893a55c2e7c07712792fcde5c0dd5933fc4ec023bf63f15635d89d07b5077c44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 136
content-length: 34245
last-modified: Sat, 01 Oct 2022 04:43:39 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "97ffbd88ebc58de9205d653be71dba97"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 928976294, 426666966 415950539
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=355627
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 PXL_20210515_172318300.jpg
www.thenewstribune.com/latest-news/37zzi7/picture253805618/alternates/LANDSCAPE_768/ 97 KB
98 KB 64ms
60ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/37zzi7/picture253805618/alternates/LANDSCAPE_768/PXL_20210515_172318300.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d8167a9aa3ac0cf221fa0534ce2092e8d1020c467412efdcf61efa7199d6539a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 87312
content-length: 99265
last-modified: Sat, 28 Aug 2021 00:50:43 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "4fff8b76f7beada21b15c8784ae82ee3"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 59085041 1047238366
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=561784
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 221002%20AP%20Seahawks%20vs.%20Lions_01.JPG
www.thenewstribune.com/latest-news/x3gqzk/picture266717616/alternates/LANDSCAPE_768/ 45 KB
46 KB 66ms
63ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/x3gqzk/picture266717616/alternates/LANDSCAPE_768/221002%20AP%20Seahawks%20vs.%20Lions_01.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: cd128af4214da3af47b577b5178867896a3fd099acf3644d32bef4e24733e5f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 46566
last-modified: Sun, 02 Oct 2022 20:43:53 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "a4aefc2f31097dd539ac5079d84a8c18"
mi-cache: MISS
access-control-max-age: 86400
x-varnish: 412940329, 197006841
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=499406
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 01JobKralikDiveTD.jpg
www.theolympian.com/latest-news/xub525/picture266656356/alternates/LANDSCAPE_768/ 51 KB
52 KB 73ms
58ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theolympian.com/latest-news/xub525/picture266656356/alternates/LANDSCAPE_768/01JobKralikDiveTD.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aaa9a417fb29481253415983b89bb002a7314565e1a1234e8051b48adc15362f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 914
content-length: 52371
last-modified: Sat, 01 Oct 2022 06:39:07 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "0ac0216c060cbb6b61ec6d371b5af0a9"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 157422157 148189758
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=363300
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 220930%20pc%20fb%20kc%20fw_0961.jpg
www.thenewstribune.com/latest-news/37nl4u/picture266654896/alternates/LANDSCAPE_768/ 48 KB
48 KB 68ms
65ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/37nl4u/picture266654896/alternates/LANDSCAPE_768/220930%20pc%20fb%20kc%20fw_0961.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f2c84cabd8a36cbea2035808805b210e03147ad717c31904b957ad0346dcecfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3529
content-length: 49110
last-modified: Sat, 01 Oct 2022 05:12:44 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "8140ba94b279eedbfa48ceb858fab592"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 348908669 357646190
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=360544
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 34a256c9-4ad0-4806-8f5b-c07f612fbf83 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/34a256c9-4ad0-4806-8f5b-c07f612fbf83
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0220aa940451c8343ce72cea556f0987a1bb0e6ee88e202afb223876e3cd8681

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 htlbid.css
htlbid.com/v3/thenewstribune.com/ 3 KB
639 B 447ms
412ms Stylesheet
text/css 13.32.121.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/netdale.78fe6c6ad79ec3d70e3d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-108.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c2d839942cb9548ad7447ed4fe2bd45e0c84b4eef108fd5c6ec085b0e2405da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
content-encoding: br
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2022 20:07:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"a49d79868f355680f4cf86ab4c2ff095"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: 3pTvAGNpJAK33ayg5b3pSAC_p_s6kGQWMRhpqvPWjPEWW1xlS7L6Sg==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/thenewstribune.com/ 381 KB
96 KB 486ms
452ms Script
application/javascript 13.32.121.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/netdale.78fe6c6ad79ec3d70e3d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-108.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cfe55df715f0074c0d7b064bd5e6f492e11a8ea9ba55966ffd5a151b87c7a17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
content-encoding: br
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2022 20:06:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"1505f36534d32e5afe5e27174f7132ff"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: 8_4zkTSo5hhqvdlfQLLyhpcnqlwXmWEk0_GHGENCknr670mzqMRDKg==

GET
BLOB 200
OK f2987ffc-5d19-4cba-ae2c-db511078bf0d Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/f2987ffc-5d19-4cba-ae2c-db511078bf0d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 580e98c046a917971bcea078968423ca8962e921795d7f47cafb2377a7573880

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 587 B
424 B 54ms
48ms Fetch
application/json 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=5daa5207-2a32-485a-b07f-634bc179a50c

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

3c29b36437287cf07d0b290ba0521e3ce3d71587632641586b7d216bb849879c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 598
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: 5daa5207-2a32-485a-b07f-634bc179a50c
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.9.54:a77b84d1

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 522 B
406 B 48ms
43ms Fetch
application/json 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=5882fdb3-9e3c-42d5-84ae-bee13a15feb8

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

d2a09ca2002504ba3d599f59279718a75cd3bb14c3fa1299659c1b855e2a7c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: 5882fdb3-9e3c-42d5-84ae-bee13a15feb8
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.9.54:a77b84d1

GET
BLOB 200
OK 056bbb03-3584-4cd5-84a5-e86a43dffc9f Show response
https://www.thenewstribune.com/ 338 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/056bbb03-3584-4cd5-84a5-e86a43dffc9f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b8a4248e101485352d17aa7418d3df32777b8dc20652f3d19f645d6152a3351

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 338
Content-Type: [object object]

GET
H2 200 1bf0v_5heI8egwOnp-0bRzXFOpQF6hMx9FZBtcijKSOU.json Show response
storage.googleapis.com/mc-high-impact/prodx/premium-topper/docs/ 5 KB
5 KB 816ms
427ms Fetch
application/json 172.217.19.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/mc-high-impact/prodx/premium-topper/docs/1bf0v_5heI8egwOnp-0bRzXFOpQF6hMx9FZBtcijKSOU.json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.19.112 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s27-in-f16.1e100.net
Software: UploadServer /
Resource Hash: e8b3d709b2d9b43a3543702eda0d72c2f429eac72694c895fb87ac2a80abbd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
x-guploader-uploadid: ADPycds9hxWtLuV6uJwSbIqV2bZxTNM216ethwxeSRpyUmAPqr_59Nd-E6BwEIzCv4hoZEB_2sMKAObnJFnZERljJ4Em8WH2GN85
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4881
last-modified: Mon, 03 Oct 2022 00:17:24 GMT
server: UploadServer
etag: "88861cea2828c0531e562f6695940bd6"
vary: Origin
x-goog-generation: 1664756244327114
content-type: application/json
access-control-allow-origin: https://www.thenewstribune.com
x-goog-hash: crc32c=HyPtrg==, md5=iIYc6igowFMeVi9mlZQL1g==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=300
x-goog-stored-content-length: 4881
accept-ranges: bytes
expires: Tue, 04 Oct 2022 02:07:12 GMT

GET
BLOB 200
OK 510756c4-21fa-4e96-859a-1a4d972adfb2 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/510756c4-21fa-4e96-859a-1a4d972adfb2
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29250cc2ed9a89b4f5c3665913db772f7ce3da6ac0a837604ff27e6ceb318f85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 2f28eb87-3324-4e29-b87c-2367d125dbcd Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/2f28eb87-3324-4e29-b87c-2367d125dbcd
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d677217d2dfcfa63faa54310178c8037a021eccded47ba88d34071b620dbc86b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 3f393fd0-aed1-4888-afce-a06366f36d6f Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/3f393fd0-aed1-4888-afce-a06366f36d6f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d25d8dfe1e47e153bca5d69a06a0c18ec984e2b70ae043c37c114c674cbb9929

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK d084f38e-b6ee-43ea-8321-61afe2e84416 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d084f38e-b6ee-43ea-8321-61afe2e84416
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0036a0fd6aad3469f1c465e6ce22f44a35c999ac0f553a9d0c38ef31c231b77b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 401d742d-089e-4600-b8a4-7abee93f988a Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/401d742d-089e-4600-b8a4-7abee93f988a
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a1ac5462b7c0e961906468e369d14f6e0ea4b0488375086769e215d33fc39cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 44ms
13ms Script
application/x-javascript 108.138.7.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/34a256c9-4ad0-4806-8f5b-c07f612fbf83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: gzip
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
date: Mon, 03 Oct 2022 04:46:33 GMT
x-amz-cf-pop: FRA56-P6
age: 76540
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: W/"148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-id: O6jhGBtySWGKiQqeWbT17CV_PrxAJTkhzhzfoFV4rRsEqxy86vIf6A==

GET
H2 200 sponsored.01abd9cb7841daf917ee.js Show response
www.thenewstribune.com/ziylnbso-o/ 1 KB
866 B 14ms
11ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/sponsored.01abd9cb7841daf917ee.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/f2987ffc-5d19-4cba-ae2c-db511078bf0d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 20ea6f07a1e9f755bdc500d50d302b60a4c677590d5cc4256f0a2df87dc11b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 572
content-length: 484
last-modified: Thu, 29 Sep 2022 16:38:28 GMT
server: MI
etag: W/"431-5e9d381c38900"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 700519034, 324867982 330467293
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=226391
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.thenewstribune.com/ziylnbso-o/ 42 B
392 B 148ms
136ms Image
image/gif 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ziylnbso-o/pdp.gif?z=eyJpZCI6Im1pX2FzX3RudF83MDg5NTc1OTMyMzYwNDQwMzQzMzYxNzg2MjU3NDc0NDYxMzc5OV8xXzBfMTY2NDg0ODkzMTYyOSIsInRoZW1lIjoiY3VzdG9tIn0=
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 577770
content-length: 42
last-modified: Mon, 26 Sep 2022 16:26:40 GMT
server: MI
etag: "2a-5e996fe0a3000"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 69922198, 126921440 298897458
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 video.28a8eb94952fca26d516.js Show response
www.thenewstribune.com/ziylnbso-o/ 15 KB
5 KB 34ms
22ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/video.28a8eb94952fca26d516.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/510756c4-21fa-4e96-859a-1a4d972adfb2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 74ca5dbb3b67ee695f5d7ce026543faf1e3f1a5e244933d01070032a1627ec7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 258
content-length: 4983
last-modified: Thu, 29 Sep 2022 16:38:28 GMT
server: MI
etag: W/"3b3c-5e9d381c38900"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 262113306 259661526
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=226114
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 performance.70df73ea3f16f014e062.js Show response
www.thenewstribune.com/ziylnbso-o/ 8 KB
3 KB 44ms
33ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/performance.70df73ea3f16f014e062.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/2f28eb87-3324-4e29-b87c-2367d125dbcd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6345619c4e5b468d0f4cb64006632869688a99dc8557cfc1c9c4a1f27087081b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 295
content-length: 2640
last-modified: Thu, 29 Sep 2022 16:38:28 GMT
server: MI
etag: W/"1e9c-5e9d381c38900"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 328634307 307068680
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=225939
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.6ffcbac8e173d0c511c1.js Show response
www.thenewstribune.com/ziylnbso-o/ 25 KB
10 KB 47ms
37ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/quarantine.6ffcbac8e173d0c511c1.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/3f393fd0-aed1-4888-afce-a06366f36d6f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c27f0e1e15464ee2b0061907912c52136996b93a4dd0f242b0d75494e1374703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 181
content-length: 9500
last-modified: Thu, 29 Sep 2022 16:38:28 GMT
server: MI
etag: W/"651e-5e9d381c38900"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 53846898, 259499074 250815149
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=225987
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 geofeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 199 B
326 B 377ms
40ms Script
text/javascript 104.18.41.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/d084f38e-b6ee-43ea-8321-61afe2e84416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.41.98 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856e1fa655a0f69c95931b037b11d2d8634ac79837ff3fc483ebfbaa6ce690b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 754a558539a05b2c-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 parsely.6187f548b9cbe8b3d32c.js Show response
www.thenewstribune.com/ziylnbso-o/ 1 KB
995 B 47ms
39ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/parsely.6187f548b9cbe8b3d32c.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/401d742d-089e-4600-b8a4-7abee93f988a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c75ef674607c29835e4ce97cd7dabff32f1ca04798c1d7b443e77f27ac94d7db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 573
content-length: 614
last-modified: Thu, 29 Sep 2022 16:38:28 GMT
server: MI
etag: W/"4b7-5e9d381c38900"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 257758000, 57840891 42528555
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=226403
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ 392 KB
157 KB 751ms
356ms Script
text/javascript 142.250.180.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f3.1e100.net

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

OPTIONS
H2 200 6313173706112
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ Frame 0
0 52ms
8ms Preflight 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6313173706112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 04 Oct 2022 02:02:12 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra19177-FRA
x-timer: S1664848932.456105,VS0,VE0

OPTIONS
H2 200 6313167692112
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ Frame 0
0 40ms
14ms Preflight 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6313167692112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 04 Oct 2022 02:02:12 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra19177-FRA
x-timer: S1664848932.456285,VS0,VE0

GET
H2 200 6313173706112 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ 7 KB
8 KB 25ms
15ms Fetch
application/json 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6313173706112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-ac8c70bb2ca8b9b54db5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bc6030c3bb263834c497174f7bbf56f772f6e4c68f98403aec59021bf6e14098

Request headers

Accept: application/json;pk=BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

bc-override-client-ip: 195.74.76.194
date: Tue, 04 Oct 2022 02:02:12 GMT
powered-from: eu-central-1a
bcov-request-id: 3837fd4d-36a5-4159-b19d-e4da24a12cc3
via: 1.1 varnish
age: 6215
policy-key-accountid: 5615998024001
x-cache: HIT
powered-by: BC
content-length: 7380
x-served-by: cache-fra19177-FRA
policy-key-raw: BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
x-timer: S1664848932.491443,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 1

GET
H2 200 6313167692112 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ 7 KB
7 KB 121ms
113ms Fetch
application/json 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6313167692112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-ac8c70bb2ca8b9b54db5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a483819b1f4d37775acef9f4220efe3d1abdc3d673fd3e66ed1ff25d1095d0d3

Request headers

Accept: application/json;pk=BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

bc-override-client-ip: 37.58.57.5
date: Tue, 04 Oct 2022 02:02:12 GMT
powered-from: eu-central-1c
bcov-request-id: 155d62d8-1c0e-4f54-aa1d-1e4518567e5d
via: 1.1 varnish
age: 0
policy-key-accountid: 5615998024001
x-cache: MISS
powered-by: BC
content-length: 7315
x-served-by: cache-fra19177-FRA
policy-key-raw: BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
x-timer: S1664848932.491611,VS0,VE105
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 0

GET
H2 200 6313170048112 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ 7 KB
8 KB 25ms
16ms Fetch
application/json 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6313170048112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-ac8c70bb2ca8b9b54db5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: abbe8b4006e0a71090cb3b2c49e49668bfb4c0cb28d3fd0e66f4f083649cae7b

Request headers

Accept: application/json;pk=BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

bc-override-client-ip: 195.74.76.194
date: Tue, 04 Oct 2022 02:02:12 GMT
powered-from: eu-central-1c
bcov-request-id: 3e2fbabf-9dc6-4c8a-8318-18f197fbfad2
via: 1.1 varnish
age: 6215
policy-key-accountid: 5615998024001
x-cache: HIT
powered-by: BC
content-length: 7638
x-served-by: cache-fra19177-FRA
policy-key-raw: BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
x-timer: S1664848932.491626,VS0,VE9
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 1

OPTIONS
H2 200 6313170048112
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ Frame 0
0 26ms
11ms Preflight 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6313170048112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 04 Oct 2022 02:02:12 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra19177-FRA
x-timer: S1664848932.456270,VS0,VE0

POST
H2 200 pixel_16c6055d Show response
www.thenewstribune.com/akam/13/ 0
776 B 18ms
17ms XHR
text/html 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/pixel_16c6055d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/akam/13/16c6055d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:12 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Tue, 04 Oct 2022 02:02:12 GMT

GET
BLOB 200
OK 1c464cdd-f7ef-4e03-ad98-79694dab3ad9 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1c464cdd-f7ef-4e03-ad98-79694dab3ad9
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 859cf6cffa16b1891c8af215fb81a92de69cc75481bde57ebc9827c502d5db73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
596 B 42ms
8ms Fetch
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash: a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:05:13 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront), 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 3419
x-amzn-requestid: 682a028f-1d40-4fd4-8134-93b0142de1ba
x-amzn-trace-id: Root=1-633b86c9-03d4917f195a8f4f2e4fd8d1;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: ZdH_jECDDoEFV6g=
content-length: 30
x-amz-cf-id: L-PnUDskyimLlo0WrtG8ivJomt3RuXmhbGRZdr3Qf_S5mrRG0FjTYg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/bc4ba8e2-a887-436f-af1d-253734c72c79/56eda63b-64a6-4e89-8bc7-8c7de3c15cec/1280x720/match/ 0
0

GET
H/1.1 200
OK play-button.png
s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/ 9 KB
9 KB 638ms
119ms Image
image/png 54.231.170.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/play-button.png
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.170.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 02:02:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 22 Apr 2015 01:47:56 GMT
Server: AmazonS3
x-amz-request-id: 24HMG8B6MSVYJA0S
ETag: "182516d4ba61695d505ca0bd246f63fb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8810
x-amz-id-2: 9Z+5ea2pCZLNj6DEry2eLNSeLiQCHMqj7TdClOnnAZr0PH0R5pc517cLYK2k7mh/W1iKCoY6LbQ=

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/bc4ba8e2-a887-436f-af1d-253734c72c79/56eda63b-64a6-4e89-8bc7-8c7de3c15cec/1280x720/match/ 636 KB
636 KB 15ms
11ms Image
image/jpeg 13.32.99.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/bc4ba8e2-a887-436f-af1d-253734c72c79/56eda63b-64a6-4e89-8bc7-8c7de3c15cec/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: / BC
Resource Hash: daca9194d6092b3f68991624fe113944cd46fe7934fae7e6b8d4e89f1b33976a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 02:38:02 GMT
Via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 84250
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: fEtvEViRkbqEH9fJMd8JmkiwM8zon-2c_NXZ0tR5OzCr8aRjElOlkA==
Expires: Tue, 03 Oct 2023 02:38:02 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/bc4ba8e2-a887-436f-af1d-253734c72c79/56eda63b-64a6-4e89-8bc7-8c7de3c15cec/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: / BC
Resource Hash: daca9194d6092b3f68991624fe113944cd46fe7934fae7e6b8d4e89f1b33976a

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 02:54:37 GMT
Via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 83255
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: 7Q5M5qqpj0wZriNnyzauNVUzLo9aOnxQ2JDn41xqyWjBmSmj-gPsmw==
Expires: Tue, 03 Oct 2023 02:54:37 GMT

GET image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/2579aef7-6852-43c8-983f-89fb4e8fe46a/c30a25aa-de41-4fb9-a491-213a2b679d7b/1280x720/match/ 0
0

GET
BLOB 200
OK 1889e60a-3fd1-4d84-815b-7a1bde41da4f Show response
https://www.thenewstribune.com/ 370 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1889e60a-3fd1-4d84-815b-7a1bde41da4f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b444f096bf7f18c6ca3a139e2478f3d70897f7d70998baf2158ea9ad3e7c71e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 370
Content-Type: [object object]

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 509 KB
143 KB 484ms
40ms Script
application/x-javascript 2.18.169.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/1c464cdd-f7ef-4e03-ad98-79694dab3ad9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.169.60 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-169-60.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: afe47171747a2bd220313a3b7ef68648cbda2191f3c4767e4e1d2af32495ac09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 02:02:13 GMT
Content-Encoding: gzip
x-amz-request-id: 2KX2ESNXKP9T6T4V
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: cMS4XjNQ5VKVm5bbIQnunJNFvyL43wt7yY9XpfOy5vFv194iCpC5GuusNWtqMyhH3ZqDRmiL/7o=
Last-Modified: Thu, 29 Sep 2022 23:24:13 GMT
Server: AmazonS3
ETag: "6c5da5565fef519ab1a344897881948a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/2579aef7-6852-43c8-983f-89fb4e8fe46a/c30a25aa-de41-4fb9-a491-213a2b679d7b/1280x720/match/ 501 KB
502 KB 17ms
17ms Image
image/jpeg 13.32.99.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/2579aef7-6852-43c8-983f-89fb4e8fe46a/c30a25aa-de41-4fb9-a491-213a2b679d7b/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 6bdddaab69d5f8dac4ec5ce26ca83039962be1618cf1deb0d6777fd182cae395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 23:03:02 GMT
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 97150
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: 9qEv1m4jcfMf_otumVZXUfV_peFgrws45B3Zbu8k6GdyBTrvN9v5hQ==
Expires: Mon, 02 Oct 2023 23:03:02 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/2579aef7-6852-43c8-983f-89fb4e8fe46a/c30a25aa-de41-4fb9-a491-213a2b679d7b/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/quarantine.6ffcbac8e173d0c511c1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 6bdddaab69d5f8dac4ec5ce26ca83039962be1618cf1deb0d6777fd182cae395

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 23:42:33 GMT
Via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 94779
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: 9pXht3Tv2wSEIr-OB6fptRNuJHuPp37WlnTrTNHOO2tlr7jqapNcog==
Expires: Mon, 02 Oct 2023 23:42:33 GMT

GET
BLOB 200
OK 8c2dbdb0-5d2c-4955-b4b3-704f6eb8e042 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/8c2dbdb0-5d2c-4955-b4b3-704f6eb8e042
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c910e625a98b8bddec3ed1c8c88a0396caadfd418c33872286a6e56a8d50ae91

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

OPTIONS
H/1.1 200
OK 6313173706112
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ Frame 0
0 1296ms
139ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6313173706112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 Miami, United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.thenewstribune.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Tue, 04 Oct 2022 02:02:13 GMT
Vary: X-Forwarded-Host

GET
H/1.1 200
OK 6313173706112 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ 15 KB
15 KB 288ms
286ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6313173706112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-ac8c70bb2ca8b9b54db5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 Miami, United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: 8341c09064b5ba9bbf17d2d98e34e43a06302b469d38a66f4e228e6a38ea7a03

Request headers

Referer: https://www.thenewstribune.com/
X-Forwarded-Host: www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 02:02:14 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.thenewstribune.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 6313170048112 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ 18 KB
18 KB 354ms
353ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6313170048112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-ac8c70bb2ca8b9b54db5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 Miami, United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: 844ed6bed8b1ab643b3fe111633c53abc5a96a9dc28368334f513c0cff884eef

Request headers

Referer: https://www.thenewstribune.com/
X-Forwarded-Host: www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 02:02:14 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.thenewstribune.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

OPTIONS
H/1.1 200
OK 6313170048112
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ Frame 0
0 945ms
140ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6313170048112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 Miami, United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.thenewstribune.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Tue, 04 Oct 2022 02:02:13 GMT
Vary: X-Forwarded-Host

GET
BLOB 200
OK 6fdff88d-057e-43f5-b676-f8f72dc8a394 Show response
https://www.thenewstribune.com/ Frame F88C 327 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/6fdff88d-057e-43f5-b676-f8f72dc8a394
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 242013aa9859153b059201f37aa2f3ee54042ebdcd50b6ed96aa4a9d2ae5e4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 327
Content-Type: text/javascript

GET
BLOB 200
OK c28cf710-5b5d-41b7-9d60-f7a02edc4ef0 Show response
https://www.thenewstribune.com/ Frame 1A1A 344 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/c28cf710-5b5d-41b7-9d60-f7a02edc4ef0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2535815833746fe6683a50cac72e5025b099db7b21e6a5b3896e01973c91050

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 344
Content-Type: text/javascript

GET
BLOB 200
OK 66a18b0d-9eab-4088-9a2c-eff0a0baef92 Show response
https://www.thenewstribune.com/ Frame 3A8E 642 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/66a18b0d-9eab-4088-9a2c-eff0a0baef92
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e73afee09520bd500d0b4be8e29d9a7d48a00faa0faf333608479c8b2573956

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 642
Content-Type: text/javascript

GET
BLOB 200
OK ccc9bc2f-a002-4e5e-9579-4d371a262683 Show response
https://www.thenewstribune.com/ Frame BA35 433 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ccc9bc2f-a002-4e5e-9579-4d371a262683
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a344d4c39d7f2c3be22d25f42778f132f3b154494dc03de8ca404f2d8ecc771c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 433
Content-Type: text/javascript

GET
BLOB 200
OK 398b4438-45c1-4bed-9a2a-422ed6eff894
https://www.thenewstribune.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/398b4438-45c1-4bed-9a2a-422ed6eff894
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK 75b9f94a-620b-4fba-aebb-0cd926e101e8
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/75b9f94a-620b-4fba-aebb-0cd926e101e8
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
H2 200 bridge3.536.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5048 686 KB
221 KB 317ms
14ms Document
text/html 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

9ec872d58a5c69122782bdc67523a5483d766169686b83bed86a73d36691ae5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226455
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 20:50:32 GMT
expires: Tue, 03 Oct 2023 20:50:32 GMT
last-modified: Mon, 03 Oct 2022 15:54:58 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 611ms
78ms Script
text/javascript 142.251.39.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Oct 2022 02:02:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 545ms
28ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thenewstribune.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
BLOB 200
OK 4e7ea957-e129-4436-8eae-068b4c9438b4
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/4e7ea957-e129-4436-8eae-068b4c9438b4
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK d94d00ab-16f7-4a55-9112-06952385e5c8
https://www.thenewstribune.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d94d00ab-16f7-4a55-9112-06952385e5c8
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK 407e134e-d596-4b98-8ebb-3c388ccf71a8
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/407e134e-d596-4b98-8ebb-3c388ccf71a8
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK e7e2a3f4-880f-4552-b613-0c3e492c256d
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/e7e2a3f4-880f-4552-b613-0c3e492c256d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
H2 200 bridge3.536.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C342 686 KB
221 KB 483ms
14ms Document
text/html 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

9ec872d58a5c69122782bdc67523a5483d766169686b83bed86a73d36691ae5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226455
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 20:50:32 GMT
expires: Tue, 03 Oct 2023 20:50:32 GMT
last-modified: Mon, 03 Oct 2022 15:54:58 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pdp.gif
www.thenewstribune.com/ziylnbso-o/ 42 B
385 B 360ms
360ms Image
image/gif 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ziylnbso-o/pdp.gif?k=eyJpZCI6Im1pX2FzX3RudF83MDg5NTc1OTMyMzYwNDQwMzQzMzYxNzg2MjU3NDc0NDYxMzc5OV8xXzBfMTY2NDg0ODkzMTYyOSIsImRvbUludGVyYWN0aXZlIjoyNzE4LCJyZXF1ZXN0U3RhcnQiOjIwNjZ9
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 577771
content-length: 42
last-modified: Mon, 26 Sep 2022 16:26:40 GMT
server: MI
etag: "2a-5e996fe0a3000"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 540986245 69922199
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604763
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thenewstribune.com/ 66 KB
23 KB 90ms
11ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thenewstribune.com/p.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/8c2dbdb0-5d2c-4955-b4b3-704f6eb8e042
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e2f603f1c3d380a4e66add278127064b269dcf63c203aea18eb166d3e54113bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Oct 2022 02:31:35 GMT
content-encoding: gzip
via: 1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 18:59:58 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 84732
etag: W/"620d49ae-1070e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: uNKUycyIBuFYXMLkChjYNixF0ONG2PidvlH4EF6K-QkaeCDEktbRLg==
expires: Tue, 04 Oct 2022 02:30:00 GMT

GET image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/909188f6-7914-4746-bf7e-b3c939ccd5fd/main/1280x720/35s491ms/match/ 0
0

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/909188f6-7914-4746-bf7e-b3c939ccd5fd/main/1280x720/35s491ms/match/ 75 KB
76 KB 9ms
9ms Image
image/jpeg 13.32.99.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/909188f6-7914-4746-bf7e-b3c939ccd5fd/main/1280x720/35s491ms/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 61922484f36678d206073f40a2edea61772d851cde2cd0a72c8dd0233848b2cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 22:57:05 GMT
Via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 97507
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: MOf_y7TpBzj-J-0-j48Jy88MLGYuoO8kgWXUgQd0Y3epWhiGaFCFEA==
Expires: Mon, 02 Oct 2023 22:57:05 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/909188f6-7914-4746-bf7e-b3c939ccd5fd/main/1280x720/35s491ms/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 61922484f36678d206073f40a2edea61772d851cde2cd0a72c8dd0233848b2cf

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 03:35:43 GMT
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 80790
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: qJGve3aEZ1TctqretlBxB06VboR4iwL5Ar35dDoKb3Fz-stRLgIRTw==
Expires: Tue, 03 Oct 2023 03:35:43 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/3749/ 85 KB
37 KB 358ms
22ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3749/i.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/6fdff88d-057e-43f5-b676-f8f72dc8a394
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 74440cf06b520cd22e90ecf3ae9855e247a77a6aaf9bd8365af78bedeb88eb73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:53:20 GMT
content-encoding: gzip
via: 1.1 google
age: 11333
x-envoy-upstream-service-time: 3
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37452
server: istio-envoy
etag: 24a3af1f43bf1b
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 1A1A 4 KB
2 KB 45ms
11ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/c28cf710-5b5d-41b7-9d60-f7a02edc4ef0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:27:49 GMT
content-encoding: gzip
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 74065
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: lhmw91dQVsKElj7w7Tn9rb-3938xgSKiXqD7zFPhb8fAcs3pAn0IMA==

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ Frame 3A8E 7 KB
3 KB 353ms
19ms Script
application/javascript 96.16.147.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/66a18b0d-9eab-4088-9a2c-eff0a0baef92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.147.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-147-243.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 02:02:13 GMT
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: R6X1Z4GZMHQJ34R0
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2663
x-amz-id-2: jm8UZxXlNwBRe5MV76nXmfeJxyOsHxAxlRqx4Yx6Lk22skfaD1o6r2gLlsQkG8CibRTuc9Pz10M=

GET
H/1.1 200
OK 6313167692112 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ 17 KB
17 KB 321ms
320ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6313167692112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-ac8c70bb2ca8b9b54db5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 Miami, United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: 527a100fe206c1c3272f8f02a5e402925dbc6291cbb0ed73ab081ebb61f33476

Request headers

Referer: https://www.thenewstribune.com/
X-Forwarded-Host: www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 02:02:14 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.thenewstribune.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

OPTIONS
H/1.1 200
OK 6313167692112
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ Frame 0
0 630ms
141ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6313167692112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 Miami, United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.thenewstribune.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Tue, 04 Oct 2022 02:02:13 GMT
Vary: X-Forwarded-Host

GET
H3

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/8/ Frame BA35
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1606
https://js.matheranalytics.com/static/ltm/ma12095/all/8/ml.br.js

143 KB
42 KB

55ms
18ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/8/ml.br.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H3
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: b4e8ce318f935b3a426d31961c37589ee76626ff62b65e6be06764a3ca6862ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 19:56:30 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 02 Mar 2022 19:26:52 GMT
server: nginx
age: 21943
etag: "014a97acdf06a1d13b98c864ad2adf46"
vary: Accept-Encoding
x-cache: HIT Wed, 02 Mar 2022 19:44:10 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42494

Redirect headers

date: Tue, 04 Oct 2022 02:02:13 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/8/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 8-gc-euw1-10923

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 127 KB
28 KB 391ms
24ms Script
text/javascript 104.18.16.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b8b604f23852bd0617e4bb6dab249f02ed3cfe14f82b5e8663330dab323bdd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 01:14:15 GMT
server: cloudflare
x-amz-request-id: N41DM9DPBGKX49W7
age: 696
etag: W/"9748f153e2bcea2d453bdbb0d620692d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 754a558c9ce39a06-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: TI7rRm1ywa6rcM4yzyt1rzBYV/bJ4bFv+Hm4PasglJtoc01dm5rDG1lSYSq5mHmqb4dOOmA1M04=

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
0 424ms
150ms Fetch
image/png 52.216.226.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1d5c59e663ea
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.226.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 02:02:14 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: 24HNW47P9E6ZH1TK
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: FdTCyAfhja26Bsmx1YGX/zxhnu+xBv/CjrYtPoY6xeAjQ2MRZMH/3OtHN2AEFFQCNKfK3hegpCQ=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 484ms
79ms Script
text/javascript 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

sffe /

Resource Hash

b46c6b15a028032be0ef428550942a5084c3e76e966cf2f8df3ce2f6fdaf17b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27704
x-xss-protection: 0
server: sffe
etag: "1353 / 921 of 1000 / last-modified: 1664834791"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Oct 2022 02:02:13 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 167 KB
43 KB 309ms
39ms Script
application/javascript 18.64.83.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.83.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-83-82.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:06:03 GMT
content-encoding: gzip
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 1d306dc69347ed17cde7ecdf2fbdbf88.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 20:15:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, TXL50-P2
age: 3371
x-amz-server-side-encryption: AES256
etag: W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 86rW2-gHj40H9s6Ie6Dr06iiLZe3PZoohdv0ckMPOYaTLV_Yf3EodA==

GET
H2 200 AP22274188789665.jpg
www.thenewstribune.com/latest-news/knfblj/picture266655481/alternates/FREE_1140/ 113 KB
114 KB 16ms
13ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/knfblj/picture266655481/alternates/FREE_1140/AP22274188789665.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b11acb5530c22abb01c75e567dda951903805366acbb8205118e63e23c48a02c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1064
content-length: 116031
last-modified: Sat, 01 Oct 2022 05:28:21 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "e85ab10eaf81513519eeaf669646259d"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 142525068, 360167350 352082469
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=359185
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 newsletters_generic.jpg
www.thenewstribune.com/latest-news/uqgccl/picture262737677/alternates/FREE_320/ 9 KB
9 KB 22ms
20ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/uqgccl/picture262737677/alternates/FREE_320/newsletters_generic.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d3ed130473bf81b6bed2f55cf0f19b02119361fae839ab494443c70f2b1b2318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 7699
content-length: 9036
last-modified: Tue, 21 Jun 2022 20:43:41 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "e541a8870b819e2106786166f9206bb0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 509084041, 806881453 777160130
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=558967
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Tacoma%20culinary%20comeback%20%20event%20image.png
www.thenewstribune.com/latest-news/svsri0/picture266495141/alternates/FREE_1140/ 367 KB
368 KB 29ms
26ms Image
image/png 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/svsri0/picture266495141/alternates/FREE_1140/Tacoma%20culinary%20comeback%20%20event%20image.png
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 274839257a926075bf2f9afbb4acaff17175e3c8beff332fac10e846cdd2bbc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5918
content-length: 375582
last-modified: Wed, 28 Sep 2022 16:11:07 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "cb7e42e5c2989d0525c9aadc0c2ba20e"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 251463458 234284703
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=214680
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Seahawks.jfif
www.thenewstribune.com/latest-news/gf7l3w/picture263851627/alternates/FREE_1140/ 86 KB
86 KB 35ms
34ms Image
image/jpeg 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/gf7l3w/picture263851627/alternates/FREE_1140/Seahawks.jfif
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3ee3fd4422e68e94b09e937a007aedf344569f7a749aa0da571c191715e97167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 34533
content-length: 87785
last-modified: Tue, 26 Jul 2022 20:45:08 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "d6bedee6ca943038988169fa37dbd036"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 46639991, 716090066 711231139
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=125974
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 348ms
101ms Script
text/javascript 54.208.179.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.thenewstribune.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.179.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-179-247.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: b80c553ea97c894037cafeaf9c818eb3975f04b7126d35379fa2e4b252690121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:13 GMT
content-encoding: gzip
server: nginx/1.12.1
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 705
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
BLOB 200
OK 61a4ed89-dfaf-44c7-b274-d800355037d8
https://www.thenewstribune.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/61a4ed89-dfaf-44c7-b274-d800355037d8
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK 1b06cdd3-9381-4dd3-a1b4-fb420839a563
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1b06cdd3-9381-4dd3-a1b4-fb420839a563
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK 5a73fafe-070e-4ae0-8239-afb8b6b9136d
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/5a73fafe-070e-4ae0-8239-afb8b6b9136d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
H2 200 bridge3.536.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AC2E 686 KB
221 KB 324ms
13ms Document
text/html 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

9ec872d58a5c69122782bdc67523a5483d766169686b83bed86a73d36691ae5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226455
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 20:50:32 GMT
expires: Tue, 03 Oct 2023 20:50:32 GMT
last-modified: Mon, 03 Oct 2022 15:54:58 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK d023c78e-8b74-410e-bbb1-370e921612d0 Show response
https://www.thenewstribune.com/ 394 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d023c78e-8b74-410e-bbb1-370e921612d0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86965529bea18e7f50351d8e35cffa3a4f4d930b76226f6e8e0211b9b2aadc80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 394
Content-Type: [object object]

GET
H2 204 b
sb.scorecardresearch.com/ Frame 1A1A 0
190 B 8ms
7ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b3&cv=3.8.0.210223&ns__t=1664848933875&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.thenewstribune.com%2F&c8=Tacoma%20WA%20Breaking%20News%2C%20Crime%20%26%20More%20%7C%20Tacoma%20News%20Tribune&c9=https%3A%2F%2Fwww.thenewstribune.com%2F
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:13 GMT
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: _jFEeTIzK-j8EqCsG3xm-_pTBLFVjHecEQWedUC8tUKAX8uf_vIoSQ==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 182ms
33ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1664848933937&plid=46231609&idsite=thenewstribune.com&url=https%3A%2F%2Fwww.thenewstribune.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.thenewstribune.com%2F&sref=&sts=1664848933929&slts=0&title=Tacoma+WA+Breaking+News%2C+Crime+%26+More+%7C+Tacoma+News+Tribune&date=Tue+Oct+04+2022+02%3A02%3A13+GMT%2B0000+(GMT)&action=pageview&pvid=9955422&u=pid%3Df8630696cedf5391b1bf66a92d5e01ae
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 02:02:14 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 04-Oct-2022 02:02:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pdp.gif
www.thenewstribune.com/ziylnbso-o/ 42 B
392 B 142ms
132ms Image
image/gif 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ziylnbso-o/pdp.gif?z=eyJpZCI6Im1pX2FzX3RudF83MDg5NTc1OTMyMzYwNDQwMzQzMzYxNzg2MjU3NDc0NDYxMzc5OV8xXzBfMTY2NDg0ODkzMTYyOSIsInBsYXllcnMiOlsidmlkZW8tZ2FsbGVyeSIsInZpZGVvLWdhbGxlcnkiLCJ2aWRlby1nYWxsZXJ5Il19
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:14 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 577809
content-length: 42
last-modified: Mon, 26 Sep 2022 16:26:40 GMT
server: MI
etag: "2a-5e996fe0a3000"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 923354259, 485602865 12121443
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ Frame 3A8E 0
138 B 65ms
8ms XHR
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=BCB411D5368DC888-80D2BABBF030B15B&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=70895759323604403433617862574744613799&_les_url=https%3A%2F%2Fwww.thenewstribune.com%2F
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 04 Oct 2022 02:02:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664848934.116958,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19138-FRA

GET
H2 200 main_3688701b74155c6e8cbc42aa49fd4c65.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 346 KB
69 KB 78ms
16ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_3688701b74155c6e8cbc42aa49fd4c65.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3749/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 05946407fea8f855f22d5cb6dd76d4992da19352a68dbec50b8a6c24bc2e6231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:01:57 GMT
content-encoding: br
age: 374417
x-guploader-uploadid: ADPycdsRf5fC9TnmbuhST7Sj4ue_qitOi4ncI20q_v7ubpAIBGoRf4Kva0gcCYzI-ZBhKGDr9RmZTIK45cjWzz7EaUqTdISj2Bpn
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69904
last-modified: Thu, 29 Sep 2022 18:01:45 GMT
server: UploadServer
etag: "1313390d1e7464e1a75141c0d175b536"
x-goog-generation: 1664474505124889
x-goog-hash: crc32c=fNdJKw==, md5=ExM5DR50ZOGnUUHA0XW1Ng==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 69904
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 29 Sep 2023 18:01:57 GMT

GET
H2 200 cjs_min_93e18f8d92a3704ae302522cde927999.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 46 KB
15 KB 94ms
31ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3749/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f91a7a5baacde1a440359f91663eede5cff90eb02b6dbfc76792d83e5779667b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:50:19 GMT
content-encoding: gzip
age: 972715
x-guploader-uploadid: ADPycdsY94EnkjqCfU8g0zu63YR0lM2OBZImYLkGZnT8GGbDSBeSkFIjiIkpQqgXR9qQZx6iXAe33Mu1Y0iu0RWsZvWVQ0q9yIFm
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14850
last-modified: Tue, 23 Aug 2022 19:50:06 GMT
server: UploadServer
etag: "158c4f91896e8d16c51d2221e14dc869"
x-goog-generation: 1661284206245542
x-goog-hash: crc32c=S5gI1w==, md5=FYxPkYlujRbFHSIh4U3IaQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 14850
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 22 Sep 2023 19:50:19 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 63ms
22ms XHR
application/javascript 18.64.83.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.83.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-83-82.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding: gzip
via: 1.1 89cfaf7130b791496ae5b9cd16f7eb0a.cloudfront.net (CloudFront)
date: Mon, 03 Oct 2022 06:44:04 GMT
x-amz-cf-pop: TXL50-P2
age: 69490
x-cache: Hit from cloudfront
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: u4a-nH8A6oX200Ra8Mq2z8QzrUeczsYxSF8sOeRMOJYtuTIm-HNL3Q==

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 100ms
98ms Image
image/gif 54.208.179.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4604241&ntv_pl=1092954
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.179.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-179-247.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:14 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 101ms
100ms Image
image/gif 54.208.179.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=2a15d429-4c0c-450d-9420-e57a99d38a67&ntv_fl=aiKFO5BQmNlpJWOY5E-s2QR8pMh2mCVbW-xvMZq4kDS8Uil9ovu4bngZr2L1MTyRiGOhcrtKuXqRoW067GjzLqPrKPaKfGQyBLqQAxN5yKfVC12QJzLC5R1lKNT-KvH7a1Wr2JJzbyAkbyhHKEgQSKGR46U0qWq4smhMRr2xcxA=&ntv_ht=JZQ7YwA&ntv_at=303,302&ntv_a=AAAAAAAAAAWq0QA&ord=1664848934110&ntv_it
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.179.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-179-247.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:14 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 101ms
100ms Image
image/gif 54.208.179.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092954&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.179.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-179-247.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:14 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202210031351/ 208 KB
65 KB 319ms
17ms Script
application/javascript 104.18.16.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202210031351/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d249b361a6ae00ae9f7fb9c92123796a721f94653283d830bb78b0ebc3a29329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 18:35:15 GMT
server: cloudflare
x-amz-request-id: 9PNMV2T8QR78S8XX
age: 24141
etag: W/"bfa2cb2fcba193a15075ce5a72776e05"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 754a559028ad9a06-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5NpgcVxGvFlKFXsbxNdKq2Q20TK1gUZmw7AACqgPVeGqMwYoGNcGgqlAWXJDkRs34kE9KTazpy4=

GET
H2 200 pubads_impl_2022092701.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 334ms
29ms Script
text/javascript 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

sffe /

Resource Hash

34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 11:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131011
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 08:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 03 Oct 2023 11:36:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 379 B
817 B 730ms
50ms XHR
application/json 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thenewstribune.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

7e024c71c4826be10da52af72cf5f981fcdf85b49e764658c674d0bdedc324ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 181
x-xss-protection: 0
expires: Tue, 04 Oct 2022 02:02:14 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame BA35 43 B
245 B 635ms
100ms Image
image/gif 54.235.97.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&sec=Homepage&prem=0&ptype=Home&tv=js-3.0.148&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=8&tvcfg=all&tid=78af9a0f-5b81-48d1-b5f8-a7fb6daf4da6&pid=612772ec-e274-4801-9939-c00913f69403&dtm=1664848934231&qnm=_matherq&visible=1&tabid=ea7072d9-b81d-4be8-98e0-ffe179de0163&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1664848934&vid=1&lvidt=1664848934&duid=9c99ecfc8e63c3da&fp=2509661442&cid=ma12095&mrk=74930801&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJfSG9tZVBhZ2V8fHx8Il1dfSwicGVyZiI6eyJzdGFydCI6IjE2NjQ4NDg5MzI3MzciLCJyZWRpckNudCI6IjAiLCJuYXZUeXBlIjoibGluayIsImhlYXBVIjoiMjcuNm1iIiwiaGVhcFQiOiIzNy4zbWIiLCJyZXNwRSI6IjciLCJkb21Mb2FkIjoiMCIsImRvbUludGVyIjoiNyIsImRvbUxvYWRTIjoiNyIsImRvbUxvYWRFIjoiNyIsImRvbUNtcGx0IjoiNyIsImxvYWRTIjoiNyIsImxvYWRFIjoiNyJ9fQ
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.97.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-97-224.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 04 Oct 2022 02:02:14 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5048 3 KB
2 KB 541ms
89ms XHR
text/xml 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.thenewstribune.com%2F&correlator=2088804322403039&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTAC.site_thenewstribune%2F_HomePage&hl=en&cmsid=2476245&description_url=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Farticle266731826.html&vid_t=Watch%20what%20The%20News%20Tribune%E2%80%99s%20Gregg%20Bell%20learned%20from%20Seahawks%E2%80%99%20wild%20win%20at%20Detroit&vid=6313173706112&cust_params=sec_sect%3D26329%2C7103%2C26389%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.536.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=123734905&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.536.0&media_url=blob%3Ahttps%253a%2F%2Fwww.thenewstribune.com%2F6f3f9f1d-8fbf-4c2f-9305-0a25264e9ef9&sid=CB206662-0897-489A-B51B-4E86FC80ADB2&nel=0&eid=44748969%2C44750824%2C44760950%2C44765701&dlt=1664848931258&idt=2663&dt=1664848934327&cookie_enabled=1&scor=4076387499280382&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

d1c46e4ec59dd157a5d6e18adc55c08814a820074720757c34fd3266b8c49237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 978
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C342 3 KB
1023 B 533ms
90ms XHR
text/xml 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.thenewstribune.com%2F&correlator=1732180468859406&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTAC.site_thenewstribune%2F_HomePage&hl=en&cmsid=2476245&description_url=https%3A%2F%2Fwww.thenewstribune.com%2Flatest-news%2Farticle266723261.html&vid_t=Watch%3A%20Pete%20Carroll%20raves%20about%20Geno%20Smith%2C%20Seahawks%E2%80%99%20offense%20in%20shootout%20past%20Lions&vid=6313170048112&cust_params=sec_sect%3D7103%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.536.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=p&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=3438072188&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.536.0&media_url=blob%3Ahttps%253a%2F%2Fwww.thenewstribune.com%2F3cc65f82-aa87-43dd-b6d0-94aa4e2d5608&sid=CB206662-0897-489A-B51B-4E86FC80ADB2&nel=0&eid=44748969%2C44750824%2C44760950%2C44765701&dlt=1664848931258&idt=2794&dt=1664848934337&cookie_enabled=1&scor=2549612227837307&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

7e9d6400e5a858108676b34ac562bf223b7ffbe15c5cfa992486203ca17ec5ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 949
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 inbox_ff39b67feb7efb3b74df724f531434eb.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 73 KB
19 KB 68ms
33ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_ff39b67feb7efb3b74df724f531434eb.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_3688701b74155c6e8cbc42aa49fd4c65.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0a3207ed6ac144bb58e9ea8a9a44d3e121e1ffb5444e72256017e2d5e7266873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:19:53 GMT
content-encoding: br
age: 985341
x-guploader-uploadid: ADPycdsi6uf3PooxS_bgcF39d8es-6dBbg2TXDMszLDuUsbgQgs-M74zpT7zBj-T4ewkFtRW09fzrnjXFsu-RPtUQFty3Pq7iWck
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19115
last-modified: Thu, 22 Sep 2022 16:19:42 GMT
server: UploadServer
etag: "64072da428f642ac6e49b3f040ae2f9b"
x-goog-generation: 1663863582142952
x-goog-hash: crc32c=lXMscA==, md5=ZActpCj2QqxuSbPwQK4vmw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19115
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 22 Sep 2023 16:19:53 GMT

GET
H3 200 onsite_594abc2b6ab7a4163a442e0f8acebf61.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 160 KB
34 KB 63ms
31ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_594abc2b6ab7a4163a442e0f8acebf61.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_3688701b74155c6e8cbc42aa49fd4c65.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ce4f517240bd5934346fb0891d1eda77fb7c4f6f3ca14524023f07c595c0c037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:20:08 GMT
content-encoding: br
age: 985326
x-guploader-uploadid: ADPycdsPAmQFxn3fzhdw2FloVjELds01Kbi_YaWfvq0bRRAJWjjoOkH01xkdOjugTNOTbR1SGlX2-NhzLA1I1E51qxxJDo_rXN3V
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34621
last-modified: Thu, 22 Sep 2022 16:19:51 GMT
server: UploadServer
etag: "395f1d51ae9e6c756a05a0ccf843c744"
x-goog-generation: 1663863591209163
x-goog-hash: crc32c=yu2Mig==, md5=OV8dUa6ebHVqBaDM+EPHRA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 34621
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 22 Sep 2023 16:20:08 GMT

GET
H3 200 ads_d5c889b4e199be96498a6cfb8f958318.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 360 KB
67 KB 62ms
31ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads_d5c889b4e199be96498a6cfb8f958318.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_3688701b74155c6e8cbc42aa49fd4c65.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 50c1d3050160688ab650b0d73e6c21a45efe68acf4d566f1dccdb3b6a8271ff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:01:53 GMT
content-encoding: br
age: 374421
x-guploader-uploadid: ADPycdtmlqbb6VFHmV3k7cYXjyd63r1o-9TyKuvMY5T_4Wa_CgEysR0BrpZ6oay89nnBm5h0RVxpClHu2ys-aF8nfE4chA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68663
last-modified: Thu, 29 Sep 2022 18:01:35 GMT
server: UploadServer
etag: "74482edd70a80a63f6d106f5caf6bf7f"
x-goog-generation: 1664474495225084
x-goog-hash: crc32c=PswMHA==, md5=dEgu3XCoCmP20Qb1yva/fw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 68663
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 29 Sep 2023 18:01:53 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AC2E 3 KB
1022 B 406ms
90ms XHR
text/xml 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.thenewstribune.com%2F&correlator=76194018981937&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTAC.site_thenewstribune%2F_HomePage&hl=en&cmsid=2476245&description_url=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Farticle266723166.html&vid_t=Seattle%20QB%20Geno%20Smith%20talks%20about%20his%20game%20against%20Detroit&vid=6313167692112&cust_params=sec_sect%3D26329%2C7103%2C26389%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.536.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=p&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=3331662890&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.536.0&media_url=blob%3Ahttps%253a%2F%2Fwww.thenewstribune.com%2Ff04d292c-6921-4ac5-8e8a-1f5fcb883f70&sid=CB206662-0897-489A-B51B-4E86FC80ADB2&nel=0&eid=44748969%2C44750824%2C44760950%2C44765701&dt=1664848934463&cookie_enabled=1&scor=3616634885201789&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

4bfac80126acaa331e92a0ce7506c790489fc39ab408bfc1105d7353a95d1774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 948
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 422ms
113ms XHR
application/json 34.117.124.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.124.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.124.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 9931197ba16483006740a0041fb1bd36fb02741f3b6ee7588cad8754abae6254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:14 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 493ms
114ms XHR
application/json 35.201.92.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.92.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.92.201.35.bc.googleusercontent.com
Software: /
Resource Hash: efd82ae470bd59c1535d2a920e8b481a861bcd5a3ed62bf2515a6a50003b8232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:14 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 614ms
115ms XHR
application/json 34.95.76.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.76.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.76.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 6967c4beb25051a0c11891b36c53678be622889460ffd3d5d44d92e08fc20b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:15 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 100 KB
21 KB 342ms
9ms Script
application/javascript 108.138.2.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 051bc401da542c03c1addebfe9b686e83a9c04f56250e41bf28dce0fd6b6edd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: E3hZ_pNNEOcfcR3dSaFIMfHUAbf2q0D6
content-encoding: gzip
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
date: Mon, 03 Oct 2022 22:34:52 GMT
last-modified: Wed, 14 Sep 2022 22:06:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 12443
etag: W/"d1ea0fca3233bc6f8599239f96cc8050"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=84600
x-amz-cf-id: VxPkcTX1mndSjyDpAXewxvmk9rEe5JUcPeeoPHFLVvIba6ChOQrT8Q==

GET
H3 200 local_storage_frame16.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 8662 2 KB
1 KB 14ms
14ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_3688701b74155c6e8cbc42aa49fd4c65.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 1383901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 1055
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 01:37:13 GMT
etag: "3be42b9997686f409d49179e72e04bd8"
expires: Mon, 18 Sep 2023 01:37:13 GMT
last-modified: Thu, 15 Sep 2022 14:50:35 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1663253435838110
x-goog-hash: crc32c=wLJoZQ== md5=O+QrmZdob0CdSReecuBL2A==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1055
x-guploader-uploadid: ADPycdsinj9smyaTRr7WoM31Ole5gPRBkKSSWhsCwl5_x9FuY8joNfH4g2OT8GjdSeaHal-FsdOHemPa6Gp_33YfpNh4Go-moROI

GET
BLOB 200
OK ff2c6b39-73ee-4c61-acc7-74efdb5648c8 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ff2c6b39-73ee-4c61-acc7-74efdb5648c8
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a577093679d5f34fe9d64d2b8647d0d14edc443c836a3391c43990aabd15eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK ac9b9839-14c7-4e71-ae61-60a5b0e7b9a9 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ac9b9839-14c7-4e71-ae61-60a5b0e7b9a9
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b9fdf22e5006fe739274ae36f752b95b937b7fac38d7107cf0aaf26adafa88b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 994a91e4-9ce2-45e7-a94a-ab3efa1e0769 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/994a91e4-9ce2-45e7-a94a-ab3efa1e0769
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3f951924d27c9b4860a43bd5726a513e6cc606bf43809bc6fac4da2e394e2e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H/1.1 200
OK / Show response
api.ipify.org/ 19 B
258 B 321ms
101ms XHR
application/json 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-59-199.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c281e65a91ee0ee836aff677027641b3f72eac21679771e291d9e42cd794e1dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 02:02:15 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thenewstribune.com
Connection: keep-alive
Content-Length: 19

GET
BLOB 200
OK ed2f4141-5d9b-48ff-9bc3-313e1a38b863 Show response
https://www.thenewstribune.com/ 354 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ed2f4141-5d9b-48ff-9bc3-313e1a38b863
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 933ccc2479173ac153e5d4d51e2b6a27d8339b478fa89afc9f28a2558bbe113e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 354
Content-Type: [object object]

GET
BLOB 200
OK 0ffd3370-1b01-4b50-a949-bc8a8b8b9a68 Show response
https://www.thenewstribune.com/ 370 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0ffd3370-1b01-4b50-a949-bc8a8b8b9a68
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3860a941087d9792921f4ede5472f5fc3e8aeb4aafb328c78e19a10a1e30e63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 370
Content-Type: [object object]

GET
BLOB 200
OK c805f426-8ab0-41af-970f-88a529afa969 Show response
https://www.thenewstribune.com/ Frame 01FC 580 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/c805f426-8ab0-41af-970f-88a529afa969
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc23f0b941f100ab048b7ad426f8f0a3baa64f0214128f35c215eec65d79eb44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 580
Content-Type: text/javascript

GET
BLOB 200
OK f555d3ce-bc4f-48e7-b35b-8246e4dd87d5 Show response
https://www.thenewstribune.com/ Frame 5AC8 341 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/f555d3ce-bc4f-48e7-b35b-8246e4dd87d5
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e226b4538fe26361bdef2ceebf7cd5b5eb411d2ab752905fe4fa788043d6748c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 341
Content-Type: text/javascript

GET
BLOB 200
OK 17de705b-da2b-4ddc-8348-04e36b2343d1 Show response
https://www.thenewstribune.com/ Frame C9B4 426 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/17de705b-da2b-4ddc-8348-04e36b2343d1
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8f221f028cab6d2619c4c624a1be0044cdea534580268ef8e26eced08d61f27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 426
Content-Type: text/javascript

GET
BLOB 200
OK a71d3919-6314-442b-bcd7-cf9a28ffe896 Show response
https://www.thenewstribune.com/ Frame B8DF 390 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a71d3919-6314-442b-bcd7-cf9a28ffe896
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fef013c1c2efb6a9abf8510ff88054861f60b56b50d276fd3925ec7fff2047b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 80dd0f7a-8129-4583-8389-0032a4f21903 Show response
https://www.thenewstribune.com/ Frame 07C5 545 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/80dd0f7a-8129-4583-8389-0032a4f21903
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d7a61d537d5d760873c8a3382cd94843074a083d1dee675df4921aa876d3f35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 545
Content-Type: text/javascript

GET
BLOB 200
OK 29e9df7f-9213-4012-a401-38615d35a4a2 Show response
https://www.thenewstribune.com/ Frame A769 388 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/29e9df7f-9213-4012-a401-38615d35a4a2
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38c6a2d5b4a654ad9062ea9e6ba8632e6396ebeaa2943020a0897b9f7e038519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 388
Content-Type: text/javascript

GET
BLOB 200
OK d2cd444e-252f-4ca4-b6e3-a69debde72c0 Show response
https://www.thenewstribune.com/ Frame 67CF 342 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d2cd444e-252f-4ca4-b6e3-a69debde72c0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a3b0bfa12d811192b83c90de77d01b7cf811dfc4f4bb6764c2f931c59659055

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 342
Content-Type: text/javascript

GET
BLOB 200
OK 311f48ac-fc13-48f6-8adb-acf51d3baf05 Show response
https://www.thenewstribune.com/ Frame E0FB 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/311f48ac-fc13-48f6-8adb-acf51d3baf05
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0025b4565edf4c7cfc56348ffbe82d06aad15d8950c48e32e7aada9668cac068

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 1282
Content-Type: text/javascript

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 681ms
98ms XHR
text/xml 3.239.232.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.239.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-239-232-73.compute-1.amazonaws.com
Software: /
Resource Hash: 0e1b23e83e1d1c69f9775a2ce1029383114d0827b56e621a7f3430c094a6ce17

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Tue, 04 Oct 2022 02:02:15 GMT
x-amzn-RequestId: 9b690c96-6e7f-5a39-b434-5723f8187ae1
Content-Length: 378
Content-Type: text/xml

GET
H2 200 push.93fd9492ac601240f2e8.js Show response
www.thenewstribune.com/ziylnbso-o/ 1 KB
1 KB 12ms
12ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/push.93fd9492ac601240f2e8.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/ff2c6b39-73ee-4c61-acc7-74efdb5648c8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5f7029e3b47ec6f691e64d2b0d9907f8deb170b53cb6a851516e365cd8581970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 235
content-length: 660
last-modified: Thu, 29 Sep 2022 16:38:28 GMT
server: MI
etag: W/"5c3-5e9d381c38900"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 697768008, 325489885 328272134
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=225982
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 chatbot.bba5b1260ca54eb50d7d.js Show response
www.thenewstribune.com/ziylnbso-o/ 2 KB
1 KB 15ms
15ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/chatbot.bba5b1260ca54eb50d7d.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/ac9b9839-14c7-4e71-ae61-60a5b0e7b9a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 14c4aa65456d3dac54a31a405d4551023bc6d8c41ebc1f506620e07f43417687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6085
content-length: 1025
last-modified: Thu, 29 Sep 2022 16:38:28 GMT
server: MI
etag: W/"939-5e9d381c38900"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 255083315 247219862
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=231896
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pageLoad.57b51d7e9a8d84d20aee.js Show response
www.thenewstribune.com/ziylnbso-o/ 3 KB
2 KB 20ms
20ms Script
application/javascript 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ziylnbso-o/pageLoad.57b51d7e9a8d84d20aee.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/994a91e4-9ce2-45e7-a94a-ab3efa1e0769
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2d5b8a3910283f62c4e916b4ac27e52820b74fca5bc47cb3a9faa16f30b278f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 291
content-length: 1297
last-modified: Thu, 29 Sep 2022 16:38:28 GMT
server: MI
etag: W/"d97-5e9d381c38900"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 253704338 259888404
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=225891
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.thenewstribune.com/ziylnbso-o/ 42 B
394 B 149ms
149ms Image
image/gif 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ziylnbso-o/pdp.gif?a=eyJpZCI6Im1pX2FzX3RudF83MDg5NTc1OTMyMzYwNDQwMzQzMzYxNzg2MjU3NDc0NDYxMzc5OV8xXzBfMTY2NDg0ODkzMTYyOSIsIm5vdyI6MTY2NDg0ODkzNDg1MSwibnMiOnRydWV9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 577772
content-length: 42
last-modified: Mon, 26 Sep 2022 16:26:40 GMT
server: MI
etag: "2a-5e996fe0a3000"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 69922198, 133864725 298897458
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604758
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.thenewstribune.com/ziylnbso-o/ 42 B
393 B 149ms
149ms Image
image/gif 23.75.234.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ziylnbso-o/pdp.gif?k=eyJpZCI6Im1pX2FzX3RudF83MDg5NTc1OTMyMzYwNDQwMzQzMzYxNzg2MjU3NDc0NDYxMzc5OV8xXzBfMTY2NDg0ODkzMTYyOSIsImdwdFJlcXVlc3RlZCI6NDMzNSwibG9hZEV2ZW50U3RhcnQiOjU2OTN9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.234.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-234-119.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 577810
content-length: 42
last-modified: Mon, 26 Sep 2022 16:26:40 GMT
server: MI
etag: "2a-5e996fe0a3000"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 923354259, 483443937 12121443
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 01FC 101 KB
27 KB 560ms
10ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/c805f426-8ab0-41af-970f-88a529afa969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Oct 2022 02:02:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6+mSIrCIoOpAgDSKMfBSX6El7dWfrFUjesiQn+69se4XPBHANTWEJHTf1xLjuS3UMJScWdt91W0omnyuPC+NXw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 5AC8 31 KB
12 KB 549ms
16ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?49
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/f555d3ce-bc4f-48e7-b35b-8246e4dd87d5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:46:06 GMT
content-encoding: br
age: 969
x-guploader-uploadid: ADPycdv5kbMDy4a14g8SRn4u7qBSURbfggfz4JCJFEoG1BQslJUQpu1lUR3tyuS5Y9x5m1XDnbjmdLZBHuYBHvw8awCjyQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11383
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
etag: W/"fe36d3317b1b052708eb2260e253aa63"
vary: Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type: application/javascript
cache-id: AMS-cba56054
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: none

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C9B4 117 KB
46 KB 624ms
66ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-848620132

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/17de705b-da2b-4ddc-8348-04e36b2343d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

638dd2b7dcbf1ed5c418c0ffa6c0d6e5d9072c841caf90b1222016be9313f1b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46886
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Oct 2022 02:02:15 GMT

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/ Frame B8DF
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
23 KB

11ms
11ms

Script
application/javascript

143.204.89.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Protocol: H2
Server: 143.204.89.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-56.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:27:41 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 246874
etag: "13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=259200,public
content-length: 22739
x-amz-cf-id: XjHvbG3GyV0j2btC_p1hrsKB3Rn93vLJASEaCJeMTt-Eie3ypw_Asw==

Redirect headers

date: Mon, 03 Oct 2022 09:40:03 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 58932
x-cache: RefreshHit from cloudfront
location: /dist/analytics-1.5.12.min.js
content-length: 0
x-amz-cf-id: 2Q0j-y2gByMBmiYCiGGtJm6KQwT_TZgkyK640522GI49JN7EC-jVDQ==

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ Frame 07C5 17 KB
6 KB 745ms
104ms Script
text/javascript 52.44.206.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/80dd0f7a-8129-4583-8389-0032a4f21903
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-206-121.compute-1.amazonaws.com
Software: /
Resource Hash: 3a7d144b71246ddb90a2e1e5632c0b4062039d55c819508ba6a7e33700c488c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 Oct 2022 02:02:15 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5403
Content-Type: text/javascript

GET
H2 200 m
secure-us.imrworldwide.com/cgi-bin/ Frame A769 44 B
597 B 568ms
35ms Image
image/gif 52.30.254.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1664848935089
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.254.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-254-53.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:15 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ Frame 67CF 26 KB
10 KB 544ms
9ms Script
application/javascript 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/d2cd444e-252f-4ca4-b6e3-a69debde72c0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: gzip
etag: "+b0B6ncQDCugPb96DWf2QA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 11 Oct 2022 02:02:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E0FB 106 KB
42 KB 591ms
38ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/311f48ac-fc13-48f6-8adb-acf51d3baf05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2e8e0c08bc924e2737c15a18ec7522068e91cac78826b0f53f4f6e327a22ea5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42386
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Oct 2022 02:02:15 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
205 B 635ms
116ms XHR
application/json 34.107.191.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=038076193&GCS2=YjFlNTdjMmMtOWUxMC00MmFiLWFmYTQtMTAxMGE5MTNhOWVmLmxvY2Fs&pe=false&wsid=3749&varID=0opv6&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3749%2C%22loadID%22%3A%22tFoZK6AEGalPFJV%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A14%2C%22IDStageStart%22%3A14%2C%22obsReqdata%22%3A544%2C%22obsReqpage%22%3A573%2C%22obsReqview%22%3A655%2C%22netComplete%22%3A664%2C%22IDStagePrefire%22%3A664%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.191.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.191.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Tue, 04 Oct 2022 02:02:15 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 220 KB
50 KB 512ms
11ms Script
application/javascript 18.66.112.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/push.93fd9492ac601240f2e8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-48.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 372f23dfd7b225c2d12abb8e7c4b14de6ba4b17cbe52160c9b4d2bf50829858d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:01:32 GMT
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified: Sat, 01 Oct 2022 07:55:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 612
etag: W/"0eb2f4d0dd22f5ea9a995afa00c5b6c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: G4G2-YEWLq8pzMqw6LWO1Whr8ujzwpS_s7tJ7_gDuT-nzLzrzYvaVg==

GET
H2 200 cookie-consent.css
cdn-prod.securiti.ai/consent/ 39 KB
7 KB 504ms
7ms Stylesheet
text/css 18.66.112.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent.css

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/pageLoad.57b51d7e9a8d84d20aee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-76.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6aa807a90524c0f03f878d1c916e874aaaa3898eef8a624f5edcf259da7dcf29

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: s8oFQF8jPiUlVWCtjbgpMYDb9yA5b15T
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Tue, 04 Oct 2022 01:20:06 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2531
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 01 Oct 2022 21:18:48 GMT
server: AmazonS3
etag: W/"e4c17f490bfbe77840510ab5ef63b36a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
x-amz-cf-id: Gh1Wombz-jE-Z6SoYV_kTENCcR6SSTE3YVKMgzSowB1zSKeS_HbT4g==

GET
H2 200 cookie-consent-sdk.js Show response
cdn-prod.securiti.ai/consent/ 170 KB
44 KB 507ms
11ms Script
application/javascript 18.66.112.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/pageLoad.57b51d7e9a8d84d20aee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-76.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

73371376d8952af1a7631f72439bbb8e42fbecb8283959a83dda1ce06a5a8ba8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: wigLYPfWDp3Q0WATyYFmrXBoDBAmwmC8
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Tue, 04 Oct 2022 01:20:18 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2531
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 01 Oct 2022 21:18:45 GMT
server: AmazonS3
etag: W/"de3e28c84874b0c78bed55038d4d6ca5"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: L01KLR-E5fsz6oG1wKPGf246aQjBdWuRW-WjlfWxvA7f_-Z9_DrJqw==

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 109ms
28ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=2196236

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/chatbot.bba5b1260ca54eb50d7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 98ms
97ms Image
image/gif 54.208.179.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=2a15d429-4c0c-450d-9420-e57a99d38a67&ntv_a=AAAAAAAAAAWq0QA&ntv_ht=JZQ7YwA&ntv_fl=aiKFO5BQmNlpJWOY5E-s2QR8pMh2mCVbW-xvMZq4kDS8Uil9ovu4bngZr2L1MTyRiGOhcrtKuXqRoW067GjzLqPrKPaKfGQyBLqQAxN5yKfVC12QJzLC5R1lKNT-KvH7a1Wr2JJzbyAkbyhHKEgQSKGR46U0qWq4smhMRr2xcxA=&ord=1556595485&ntv_ift=0&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.179.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-179-247.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:15 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/ 6 KB
1 KB 865ms
441ms XHR
application/json 18.64.108.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.108.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-108-220.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb3a807724f8ffe110901a26ffecd191e852ed9466f506950550eff10ce213f

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Oct 2022 02:02:17 GMT
content-encoding: gzip
via: 1.1 9d638fe6fe3e82d4d1292fa9e998dfbe.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 791
last-modified: Tue, 04 Oct 2022 02:00:43 GMT
server: AmazonS3
etag: "fdd047d4c98a64facbe186685e1e7f0d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Z70FIbckc2xWejY1nqEz20PHGCD8ea2wrEpo7wxycuCt9ktnPcVDQw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 131 B
493 B 22ms
21ms XHR
application/json 18.64.83.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thenewstribune.com&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.83.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-83-82.txl50.r.cloudfront.net
Software: Server /
Resource Hash: e7e696f3b5ef25c97cde87bfbe910d446dc98e85192c814c4c3a540d1ac857ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:45:30 GMT
via: 1.1 1d306dc69347ed17cde7ecdf2fbdbf88.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: TXL50-P2
age: 4605
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 131
x-amz-cf-id: j7sBcjOcIk3T_-Y-OhHC-gFzB-z0JABYmr97OOjkY8Xv98zu-panPQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
466 B 171ms
69ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.thenewstribune.com%2F&pid=MpYwmKB7s1lcO&cb=0&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22htlad-2-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7675%2FTAC.site_thenewstribune%2F_HomePage%22%7D%2C%7B%22sd%22%3A%22htlad-12-gpt%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7675%2FTAC.site_thenewstribune%2F_HomePage%22%7D%5D&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: FCHQ4B6MCFKP9N36200R
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: CHrufKZ8VYtn8yR9YM-KwHYTvt6gGQWFXJHlcUHd9kg7aWaaFnz4ag==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 131 B
484 B 22ms
21ms XHR
application/json 18.64.83.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thenewstribune.com&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.83.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-83-82.txl50.r.cloudfront.net
Software: Server /
Resource Hash: e7e696f3b5ef25c97cde87bfbe910d446dc98e85192c814c4c3a540d1ac857ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:45:30 GMT
via: 1.1 1d306dc69347ed17cde7ecdf2fbdbf88.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: TXL50-P2
age: 4605
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 131
x-amz-cf-id: pHc1HOHCBHKez1nlBStUmzPS5Qt1WXgnUTAZoKyPtlFfb5VnfyMg3g==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
467 B 141ms
67ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.thenewstribune.com%2F&pid=MpYwmKB7s1lcO&cb=1&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F7675%2FTAC.site_thenewstribune%2F_HomePage%22%7D%5D&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: XKWVYEJMC2WAXHA0133H
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3kk_r9w9m5pwQXVmHKf_bLhVpSHp_6JhX4oTn-q6GG7isOGG21HmwA==

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ Frame 67CF 1 KB
1 KB 380ms
9ms Script
application/javascript 18.66.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-52.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1add57ee1ca3481a226f33de0ae643ce3e3e454e717bed135649ec1455232046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:30:24 GMT
content-encoding: gzip
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1913
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Mon, 22 Aug 2022 12:05:47 GMT
server: AmazonS3
etag: W/"38c1c6b9eca2fe0d875e1cfe555905e5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: c3rAyafsK8zUeGATTP0mmQz7doP6eNbWVgteBXM2EEzU7c3Ehgzm9w==

GET
H3 200 utsync.ashx Show response
ml314.com/ Frame 5AC8 62 B
81 B 104ms
75ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88280&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.thenewstribune.com%2F&pv=1664848935678_gwhqpxc6y&bl=en-us&cb=2729337&return=&ht=&d=&dc=&si=1664848935678_gwhqpxc6y&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.thenewstribune.com%2F&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?49
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:15 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 en.json Show response
cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/e1f7f95d-86a8-43ee-baa1-dbf966e10daa/ 227 KB
56 KB 325ms
8ms XHR
application/json 18.66.112.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/e1f7f95d-86a8-43ee-baa1-dbf966e10daa/en.json

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-76.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3caec09d4d3de6d05deb20d3744dca95f71663e840649e58a3e6269159a65985

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 17:19:35 GMT
x-amz-version-id: j8S_25Ulr8iUlVsGRPOikVUvcw0hOB9p
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 31361
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 26 Sep 2022 18:50:27 GMT
server: AmazonS3
etag: W/"63b87d551ae186d92f6856e11804d310"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=86400
x-frame-options: DENY
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: f-Gne-PSVXCwbwNgIW0Hw915LhBPNAWTLbJG4V-TjtomHmBQzsv56Q==

GET
H2 200 location Show response
app.securiti.ai/core/v1/utils/geo/ 807 B
1 KB 602ms
175ms XHR
application/json 34.217.7.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/core/v1/utils/geo/location

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.217.7.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-217-7-19.us-west-2.compute.amazonaws.com

Software

Resource Hash

247aba09e01c114ffb72425ddc4625410d7a871c98e84866f6065cf93b96933c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
content-length: 807
x-xss-protection: 1; mode=block

GET
H2 200 1081709588515684 Show response
connect.facebook.net/signals/config/ Frame 01FC 293 KB
84 KB 311ms
10ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1081709588515684?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

b6d282cc23647db267a1cff61c755a04a2e9f44da633d02afd769c92d2e86854

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Oct 2022 02:02:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86279
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: RWp07EBU1uXvMvRkD1BJR6lDaKiq4Wjhftgz0jiVe6u3firl+hO0lkMfL1pjft3YijJewOXtnynhlAKb8Bk3UA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3010.js Show response
cdn.keywee.co/config/ Frame B8DF 233 B
563 B 10ms
9ms Script
application/javascript 143.204.89.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/3010.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-56.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:30:22 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Fri, 25 Feb 2022 21:45:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 20793
etag: "81210c02155f33808ec1fb7ec890dfee"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 233
x-amz-cf-id: Fi6Zipt9f5GXekilPrmqiWqSLkYbQe6oEDLlGAzVcD45t25VwaLIdg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E0FB 49 KB
20 KB 396ms
24ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 01:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2779
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 04 Oct 2022 03:15:57 GMT

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
341 B 323ms
47ms Script
text/html 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=1115&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZCAWADnIE4BmAVgHZDbNgAvEKABkwHcBTAEY5UwPgH1UAEyjV6JSpgBOfHCAA2cNBgKFOnAB74ATHqV8YfRcsVRsAQzVrUCAOZi4itVAAWwYAAccAFJqAEEgowAxCMieOIA6YG8+BD4eHGBFVAFEPnikEABbGMwAN1RhYDECkABrVD4oIPoAIQijNX92kPCjI18A4KNaMIjaKLGouJ5E5NT0zOzc-KLJ6L6IgGF2xW7RjY36ABFsEDqGptb20r3wq76cOAFCkVFJMUKQRQRnF1uYBw4Phbdp8UqWMRqEAuFx8d7Of6A4FGbYPJ4vPxwsQYSrIow9AFqIEgtHPV5YgqKDB2cqKOBDfFhQnElHtfx2KRiR5CJBZASWRFE5GojrQ2HwhASSQpNAwBqSQUskUIOCFLlPMTs2FicppBk9Tgkoz+LKlOxIACe1TO9RUYnNSD4-jeiuBxyNkhckVQigyABkQHYFRswpk4G6TmbfQBtLXiYAW-x8AC6PiKfDKdhj5WlIB1FWyahTsCRmZjWbQSCLYgQdkKxeZGajOGjFdQVfESDsohcXwtqcbZZbQJQ6ElXZ7fYHpeb0e5GLeHy+P1c06FQ+jUJhWOca6BG7BEK34okCD3TazLckMH8YkUAihSFqqYQICqyiDFo38-J7xxIgbGdL1bRRK2rWo+AtHgvkkHBzw3ekISBFx6wQYA4KaWg2loSNgN7aFq38EB-DgW9ymEB9APXWcf0xd5KWpWl6Xg2d2U5bkcF5bJLBY4CBHNWo5UcMRpX8KELVQ4BUw3Y8d0lKQZVQOU4V4mMYGUcQ2w7VSWyQbwqXrMQBCpdIeKgMMLxjDiuP5TU7FhHToxVNVuTs7VdXSVNuFY01zStGpbRwe0kEdZ0VJLajgLjapvDsVwsS+O9zGUHBkkkFjpRgTcxTkqVFOU9KIv3UpMqc1V1QENzxA8jDvNKk1UDNS1rXOO0HSdN54IChoxFAPM1CzWEiozAR-C4TA+ACKBowAIi0osZoAGhmic+F7RQLSWmaXAcIsNq27x0y2oEsz0mbk0wZ08EO+tTkKMTUDix0xBgAaXFsUpYqgIA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_3688701b74155c6e8cbc42aa49fd4c65.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 23
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 159ms
115ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=3749&warpspeed=2%5EHIykD&loadID=tFoZK6AEGalPFJV&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame C9B4 41 KB
15 KB 71ms
36ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-848620132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 02:02:15 GMT

GET
H2 200 push-sdk.min.css
cdn.p-n.io/ 27 KB
2 KB 7ms
7ms Stylesheet
text/css 18.66.112.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/push-sdk.min.css?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-48.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 11:42:48 GMT
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified: Fri, 30 Sep 2022 11:33:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 51568
etag: W/"5324d6c6926b312f68532f29a3bb2aec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
x-amz-cf-id: lYkZYPFKGw6LiF20u6PnCHwIi8a7ZCmWyEzKQEAUxtm-aQW_vMW7Mg==

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/ 279 KB
102 KB 38ms
38ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ziylnbso-o/chatbot.bba5b1260ca54eb50d7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

d358e50ebf07a83172682ad2226ca8d9f2ecac1aab0a5b2009dc73b139c8dd2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 365ms
24ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thenewstribune.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 325ms
22ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thenewstribune.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
17 KB 400ms
100ms XHR
text/plain 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3880681926782310&correlator=1038848402797240&eid=31070045%2C21065724&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=7675%2CTAC.site_thenewstribune%2C_HomePage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=1&adks=1219574512&sfv=1-0-38&fsapi=false&prev_scp=atf%3Dy%26pkg%3Db%26slot%3Dflex-2%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=is_testing%3Dno%26cob%3Dy%26id%3D%26pl%3Dhomepage%26ref%3D%26sect%3Decefrontpage%26sids%3D%26sub%3Dn%26top%3D%26vl%3D0%26htlbidid%3D13028&sc=1&cookie_enabled=1&abxe=1&dt=1664848935828&lmt=1664848789&dlt=1664848931258&idt=3374&adxs=255&adys=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thenewstribune.com%2F&frm=20&vis=1&psz=350x0&msz=350x0&fws=0&ohw=0&ga_vid=124309119.1664848936&ga_sid=1664848936&ga_hid=567873909&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

9180d8914b61c83d1df3b38049eec5a3c31faa7e5a0e45ada585c3e00500bc63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16834
x-xss-protection: 0
google-lineitem-id: 6124800199
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407363998
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 61ms
60ms XHR
application/json 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

3c38a5cc98e720502ab74fabe548caec516a4a92b8aa4ff8d90329038158934c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11116
x-xss-protection: 0

GET
H2 200 container.html Show response
e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 27AD 6 KB
4 KB 476ms
66ms Document
text/html 172.217.19.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 02:02:16 GMT
expires: Wed, 04 Oct 2023 02:02:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 99 KB
41 KB 655ms
355ms XHR
text/plain 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3880681926782310&correlator=4472437998172444&eid=31070045%2C21065724&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=7675%2CTAC.site_thenewstribune%2C_HomePage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C970x250%7C970x90%7C728x90%2C970x90%7C728x90&ifi=2&adks=133916278%2C3169226637%2C3608025220&sfv=1-0-38&ists=4&fsapi=false&prev_scp=slot%3Doverlay%7Catf%3Dy%26pkg%3Da%26slot%3Dtop-banner%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Catf%3Dn%26slot%3Dfixed-bottom%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=is_testing%3Dno%26cob%3Dy%26id%3D%26pl%3Dhomepage%26ref%3D%26sect%3Decefrontpage%26sids%3D%26sub%3Dn%26top%3D%26vl%3D0%26htlbidid%3D13028&sc=1&cookie_enabled=1&abxe=1&dt=1664848935852&lmt=1664848789&dlt=1664848931258&idt=3374&adxs=-12245933%2C315%2C315&adys=-12245933%2C175%2C8596&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C3&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thenewstribune.com%2F&frm=20&vis=1&psz=0x0%7C970x0%7C1600x0&msz=0x0%7C970x0%7C1600x0&fws=128%2C0%2C0&ohw=0%2C0%2C0&ga_vid=124309119.1664848936&ga_sid=1664848936&ga_hid=567873909&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

340bfc086e6b3ce466428c97fd5bc71f1adb766fbfeca9e25a604d6cb5f2d59d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42166
x-xss-protection: 0
google-lineitem-id: -2,6124800199,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138407422237,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ Frame 07C5 65 B
292 B 104ms
102ms Stylesheet
text/css 52.44.206.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-206-121.compute-1.amazonaws.com
Software: /
Resource Hash: ff76a1876dc76090734244b2e5f2c695f1fa68a2ec9a0a29b410d3d38da9f576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 Oct 2022 02:02:16 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ Frame 07C5 0
881 B 416ms
98ms Fetch
image/jpeg 52.44.206.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-206-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 Oct 2022 02:02:16 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 396ms
51ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 02:02:16 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/848620132/ Frame C9B4 2 KB
2 KB 382ms
33ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848620132/?random=1664848936067&cv=9&fst=1664848936067&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.thenewstribune.com%2F&ref=https%3A%2F%2Fwww.thenewstribune.com%2F&tiba=ggaw&auid=1231713560.1664848936&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a555b48099144f632899715b397711a2efb83bd9279e39cf14bf201408ee96de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1026
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/ 7 KB
3 KB 168ms
25ms Script
application/javascript 178.249.101.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-accdn.lpsnmedia.net

Software

ws /

Resource Hash

f7d79ab400b0c86b3f24b2e097b6a782f70b2a6d93ce8d0c274f94afbab7b86f

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 7
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Tue, 04 Oct 2022 02:03:16 GMT

GET
H2 200 desktopEmbeddedStyle.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/ 592 KB
306 KB 460ms
27ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

07c9f195b802b98c0a702dd5f26467c81db912f5b272a407f7c4dea462ad4637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 01 Oct 2022 02:35:46 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Wed, 04 Oct 2023 02:02:16 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ 40 KB
15 KB 536ms
105ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 01 Oct 2022 02:35:40 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Wed, 04 Oct 2023 02:02:16 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ 88 KB
30 KB 537ms
106ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Wed, 04 Oct 2023 02:02:16 GMT

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ 92 KB
31 KB 537ms
106ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Wed, 04 Oct 2023 02:02:16 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ 8 KB
3 KB 536ms
106ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 01 Oct 2022 02:35:41 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Wed, 04 Oct 2023 02:02:16 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/ 2 KB
2 KB 159ms
23ms Script
application/javascript 178.249.101.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-accdn.lpsnmedia.net

Software

ws /

Resource Hash

7f6d09718a572ddf37710e3656717527ac3e24083cdf23bce76586d9ff29aa07

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Tue, 04 Oct 2022 02:03:16 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 01FC 0
204 B 329ms
9ms Image
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=PageView&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&rl=https%3A%2F%2Fwww.thenewstribune.com%2F&if=true&ts=1664848936137&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664848936136.113430807&it=1664848935697&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Oct 2022 02:02:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 01FC 0
31 B 201ms
9ms Image
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=ViewContent&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&rl=https%3A%2F%2Fwww.thenewstribune.com%2F&if=true&ts=1664848936140&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664848936136.113430807&it=1664848935697&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Oct 2022 02:02:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 pixel
pxl.qccerttest.com/ Frame 67CF 35 B
548 B 368ms
7ms Image
image/gif 13.32.121.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=619776217;fpan=1;fpa=P0-294253934-1664848936142;pbc=;ns=1;ce=1;qjs=1;qv=39016d63-20220929161725;ref=https%3A%2F%2Fwww.thenewstribune.com%2F;cm=;gdpr=0;d=thenewstribune.com;dst=0;et=1664848936141;tzo=0;url=https%3A%2F%2Fwww.thenewstribune.com%2F;ogl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-51.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:01:57 GMT
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P1
age: 20
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: TddZvbANRPL6mIvYVo3QDalnbEEqQnO0j9FOlYq6ZDh0jwUANyQiXw==

GET
H2 200 pixel;r=1205834981;labels=TNT;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.thenewstribune.com%2F;ref=https%3A%2F%2Fwww.thenewstribune.com%2F;uht=2;fpan=0;fpa=P0-294253934-1664848936142;pbc=;ns=1;ce...
pixel.quantserve.com/ Frame 67CF 35 B
371 B 27ms
11ms Image
image/gif 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1205834981;labels=TNT;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.thenewstribune.com%2F;ref=https%3A%2F%2Fwww.thenewstribune.com%2F;uht=2;fpan=0;fpa=P0-294253934-1664848936142;pbc=;ns=1;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;d=thenewstribune.com;dst=0;et=1664848936149;tzo=0;ogl=;ses=702acf52-59e0-4b40-bef7-476eef234490

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame E0FB 2 B
212 B 322ms
21ms XHR
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=764504796&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&dr=&dp=%2F&dh=thenewstribune.com&ul=en-us&de=UTF-8&dt=Home%3AHomepage&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAUABAAAAACgDIC~&jid=920599275&gjid=719978083&cid=587728357.1664848936&tid=UA-48278079-1&_gid=1620512599.1664848936&_r=1&gtm=2ou9s0&cg1=The%20News%20Tribune&cg2=Homepage&cd1=TNT&cd2=The%20News%20Tribune&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd6=Homepage&cd7=Product%3A%20Escenic&cd14=&cd15=&cd16=loggedin%3Ano&z=1408325423

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F71 0
0 368ms
67ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMdobSiUq1sNkXAz9S31_nJdhCOg3nMMveVZi-d66agE1Jd19yTbfaqaMqF8_KBWbqCPHandGCeROfyIwgXH3CSjn4SZ3xTFKc7SVWbPC9BxR6nFF5lgCzD-zTROQ-RsYd5rSY20iCe-vevLOEiGT5O81isZMaKz_oBmNDs3fjaHS1qX_KtR0959d5xsthTuTqkXaD-T5NAROQ8AtTrQIOx3SS04upliDIQONq6ojgoo3_fQFIo0ZKjFTdm6BBJOvug1FIrW56xrJZm0Jqm31bZX3l55-hoJvNH6Ts0Bykk3YFw33PrLK8j53sh0XNVPnsKica8dk9aHcMMmXld8SHj3BFtHnDgUI&sai=AMfl-YSjaxOSlvAVxoFfvdiiCWBWhs5LHgcJ_8cVXLVipLLXxr7QjgYIuNMpFS-Gk1IJVNno_0WtrjLFrW8wI2GQsW9FL5jL2HtMOqPO5ckqRSZglfPrm1u1xSPlOgVvUEvbfA&sig=Cg0ArKJSzJxbRU2WXdWoEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 3F71 23 KB
10 KB 112ms
15ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 01:25:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 3F71 3 KB
1 KB 321ms
19ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 01:21:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3F71 0
0 352ms
50ms Image
text/html 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBitYXXVFho79JFGr4Hg-0XO-unP02pEhMWP_QJ7Ma2Fby6-JahCmNHXRCDThLBVcVPSQj
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s34-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F71 141 KB
44 KB 375ms
33ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 02:02:16 GMT

GET
H2 200 10935113930707113854
tpc.googlesyndication.com/simgad/ Frame 3F71 120 KB
121 KB 105ms
18ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10935113930707113854

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

0ab61b75b73adf91a9f91da1d5c9f8fff7b53a39991e5bf6d1f2f7a390021978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 19:19:45 GMT
x-content-type-options: nosniff
age: 24151
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123018
x-xss-protection: 0
last-modified: Sat, 01 Oct 2022 04:10:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Oct 2023 19:19:45 GMT

POST
H2 200 singleupload Show response
app.securiti.ai/privaci/v1/consent/cookie/ 67 B
378 B 216ms
215ms XHR
application/json 34.217.7.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.217.7.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-217-7-19.us-west-2.compute.amazonaws.com

Software

Resource Hash

f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
X-Auth-Token: c90cbd37-3516-4008-9325-c228a23488e5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
content-length: 67
x-xss-protection: 1; mode=block

OPTIONS
H2 200 singleupload
app.securiti.ai/privaci/v1/consent/cookie/ Frame 0
0 178ms
178ms Preflight 34.217.7.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.217.7.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-217-7-19.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-auth-token
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,content-type,x-request-id,x-correlation-id,X-Xsrftoken,X-Auth-Token,X-User-Auth-Token,X-Tenant-Id,X-CMP-UUID,x-xsrf-token,X-DSP-USERID,X-CMP-DOMAIN-ID,X-CMP-FORM-ID,isotype,X-CMP-PrefCenter-Id,X-ORG-ID
access-control-allow-origin: https://www.thenewstribune.com
access-control-request-method: POST
content-length: 0
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
date: Tue, 04 Oct 2022 02:02:16 GMT
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 3F71 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b8f4d612667a070c2399282cdb5aca327da4e3a70bb3671758f0dac380e3efe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A39 13 KB
5 KB 315ms
14ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 17:00:55 GMT
expires: Tue, 03 Oct 2023 17:00:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 829C 783 B
915 B 354ms
52ms Document
text/html 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f4.1e100.net

Software

GSE /

Resource Hash

04814dba80c269e2ab732f9f3f1989cc7ed4c143bfeeac1ec66bee1892ddba34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8eRnpHbxkLfFM8OOVtpeTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-8eRnpHbxkLfFM8OOVtpeTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 02:02:16 GMT
expires: Tue, 04 Oct 2022 02:02:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/848620132/ Frame C9B4 42 B
324 B 357ms
55ms Image
image/gif 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/848620132/?random=1664848936067&cv=9&fst=1664848800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.thenewstribune.com%2F&ref=https%3A%2F%2Fwww.thenewstribune.com%2F&tiba=ggaw&async=1&fmt=3&is_vtc=1&random=3251648585&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/848620132/ Frame C9B4 42 B
548 B 367ms
29ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/848620132/?random=1664848936067&cv=9&fst=1664848800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.thenewstribune.com%2F&ref=https%3A%2F%2Fwww.thenewstribune.com%2F&tiba=ggaw&async=1&fmt=3&is_vtc=1&random=3251648585&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ Frame 07C5 238 B
549 B 117ms
116ms XHR
text/plain 52.44.206.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XDbR9bgzYgamKCe5q8YQuw,%20hXFHelqg_0qGLqDaoIkgLQ&is_js=true&landing_url=https%3A%2F%2Fwww.thenewstribune.com%2F&t=sapx&tip=QnKAOMH11yznaISLZt3l6JGyeYBhH9gQGGjWneC9-7M&host=https://www.thenewstribune.com&sa_conv_data_css_value=%20%220-6be2c01e-4298-497a-53fe-fca050ff4716%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9cc0066e07e0e47427c4d68eb0e1c316c253a3905&sa-user-id-v2=s%253A0-6be2c01e-4298-497a-53fe-fca050ff4716%2524ip%252437.58.57.5.pZk4HUjsRNh2QON4r%252BGJEqzKj7kYI21AXNxUTkC1Mdg&sa-user-id=s%253A0-6be2c01e-4298-497a-53fe-fca050ff4716.0ajZRLoTkOhIHL2hSms9DiGKv5lLXVTcihysxk%252FgMnA
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.206.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-206-121.compute-1.amazonaws.com
Software: /
Resource Hash: 68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 02:02:16 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.thenewstribune.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 238

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92AA 0
0 368ms
65ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaY2x3ShIDdvNuj3hX1F3RDIhQLzbt80QZKa-nG-fon89IQrJNugG_qKZ1JAs6NzJbuF9gy3IBTmH3i9k4ibYGyBE-qMkUZZMtgnwwbFz69LfUaLfD7BpCI-F7K9hXbKXcHfYKz5d7dTbSsua8rw1TOneZeV6HAwrWx4TdriAFllOy7KuN_0Y8vhytkYDmcpONm1utTDCcIDc6YfvORDEY7dcj4Cj2d4DABZeBzxDVsd0vVYMnHTsZn6pktXLbJKFC0QqPa6smCwMi4SfH9gDUMIFJL0N5MlvMxWUCLd9LYTu66mJ6Hn8IWnWnSbWqvwX-g-YSNwx3eRN3r5EGDbu-4RRelLf17Dwvn6w&sai=AMfl-YRBF-nb0Ln_D1W5cG8fQdhoAVDdKFWEP50Mj4w6AXMpeHGB2b2fwdUiecqIKieVzpOCVRCFZGRfX6IY59REJCzsjhyNXBE6RyKF_Xi9IRM5cMstvWYIOyfF2sdo2hta-A&sig=Cg0ArKJSzP4AObix02RJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92AA 141 KB
44 KB 274ms
54ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 02:02:16 GMT

GET
H2 200 container.html Show response
e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D943 6 KB
3 KB 332ms
30ms Document
text/html 172.217.19.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210031351/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 02:02:16 GMT
expires: Wed, 04 Oct 2023 02:02:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame E0FB 4 B
447 B 362ms
19ms XHR
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-48278079-1&cid=587728357.1664848936&jid=920599275&gjid=719978083&_gid=1620512599.1664848936&_u=YEBAAUAAAAAAACgDIC~&z=1200100023

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 02:02:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/57487d69/ Frame 92AA 15 KB
5 KB 464ms
121ms Script
application/javascript 3.217.212.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/57487d69/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss56R1YFQaF_EpCmJXylNymEdBJzrryP4AMdCcZmP1IXJpUzQAPkQ2VrV6t9xU34TfbApLDG6jw3rdlmQhB-jWfvAL6RVbenzx-kGsIoQz2wt1VHhc7w7Z9zA2ktw_BZXZPoqzjBn5CIufLjSaveN5qiqp26W04xUXqfxg7Pf04Nuz1MULfMXRLBjZmE1A-lBSzou8wXe0nl6fFBr-f10L5r3nfnF0jdu7JJqDTv1EHmmqdapZc7YZ-_pNMfybQuTGhviWO-rBx1KtLRqF-pytTYn-hXwbK_ATxIZ2XDkEv2bjTCjgHtP3eHK-Vmlk3RYOZBsxwJLfpAOjsCocAAWJOeD7mRxg%26sai%3DAMfl-YQL5SWRGL5HP0LxSOIyzmXqqipIILcIhGeJXrVKMhCabZi50ncrqI2m0qvEa3Ex8-H4iJ47z9RJec1WFSMF2sfK1zMWkqYFSh8CJOQvBXOSBNRjNzNBgKQCecTLlFwQUw%26sig%3DCg0ArKJSzImn3BnpNMhyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&widthBreakpoint=2500&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=GoogleAdManager&tagVersion=html-standard-7&eas.JWVjaWQh=138407422237&externalCreativeId=138407422237&externalPlacementId=14485374&externalSiteId=14485254&externalSiteName=thenewstribune.com&externalLineItemId=6124800199&externalCampaignId=3085376364&externalAdvertiserId=5216363930&coppa=0&externalCreativeSize=728x90&scriptId=celtra-script-1&clientTimestamp=1664848936.6&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=3764924804755503
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.212.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-212-221.compute-1.amazonaws.com
Software: /
Resource Hash: 0e14234e09f553020ebe23b247cd621d365a71e356760edd909cea483ec395cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4946
Expires: 0

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/ Frame 32BD 39 KB
16 KB 59ms
56ms Document
text/html 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Tue, 04 Oct 2022 02:02:16 GMT
expires: Wed, 04 Oct 2023 02:02:16 GMT
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-cache-status: HIT
x-content-type-options: nosniff

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/ 37 KB
15 KB 75ms
71ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&force=1&env=prod&isCrossDomain=true

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 08 Aug 2022 03:16:05 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Wed, 04 Oct 2023 02:02:16 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ 958 KB
299 KB 20ms
14ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/desktopEmbedded.js?version=10.22.0.0-release_5548

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

04ad75bb75fb9bd7ccfc6ced51ab98904f932b3737be7e03ca4dd2a01eb2ec88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Wed, 04 Oct 2023 02:02:16 GMT

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/ Frame 32BD 113 B
1 KB 154ms
153ms Script
application/javascript 178.249.101.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/refererrestrictions?cb=lpCb44309x62188

Requested by

Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-accdn.lpsnmedia.net

Software

ws /

Resource Hash

4e55a068b7d1bae86ae048025e8fc3c1a9f9296e268037c136886f7b424f0c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:16 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
x-envoy-upstream-service-time: 121
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F71 0
0 366ms
65ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuukpZ9Iy6Yco0Te3aXhdDfVak5m72aUprq0p14qexcHu7IkecGgHQRhhRboCsc7YW50fMyA_CEMzX1Skm5UxdmhW3VSnA7zVMalFsa1HwGD4Q5v5rkQyuNk5m0iB9y8M4kKek5tQ6Dm7onbh07qXzaq4n4JSsIR3EdLRCjr_d82iGw5TS9v_BDqsbiMox4BPYFkbA4E6rgcU1A1HpFYha-QW63AnUQPFNCoJ7wifFXrObemLpFFsscyvEangQzdig6xmUVI6A2e0g6mjAN6NDfyckGvBmeVsRcAwcOk9X00HaM7iJrfdP3N2aJCGHi9SE7btOsrk3mePlCjirSLooxW1tScB0wmOVAKg&sai=AMfl-YT28aT6HNAN5kvXRsY8Rb2PvPhkSbt_HXzc-59VFywLNT9Nzfm0ZsGtZhDxChwx_GWmTk1JzDSHz5-sA8H6t7noeuWVvR2ZKsTmhkTokVejMtMssfCAT051zjTQK8yCmA&sig=Cg0ArKJSzMCOpzpm9V92EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 04 Oct 2022 02:02:17 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame BA35 43 B
245 B 97ms
96ms Image
image/gif 54.235.97.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjEyNDgwMDE5OSIsImVidXkiOiIzMDg1Mzc2MzY0IiwiZWFkdiI6IjUyMTYzNjM5MzAiLCJlY2lkIjoiMTM4NDA3MzYzOTk4IiwiZWVudiI6ImoiLCJlcGlkIjoiMTQ0ODUzNzQiLCJlc2lkIjoiMTQ0ODUyNTQifQ&tv=js-3.0.148&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=8&tvcfg=all&tid=ebdf101b-3b0f-4f27-af3b-10aeb5368b7a&pid=612772ec-e274-4801-9939-c00913f69403&dtm=1664848936969&qnm=_matherq&visible=1&tabid=ea7072d9-b81d-4be8-98e0-ffe179de0163&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1664848934&vid=1&lvidt=1664848934&duid=9c99ecfc8e63c3da&fp=2509661442&cid=ma12095&mrk=74930801
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.97.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-97-224.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 04 Oct 2022 02:02:17 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 92AA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06ec315383aed307022eb39089b8905f308699beb33503d359c32caf51810da5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ Frame E0FB 42 B
107 B 361ms
55ms Image
image/gif 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-48278079-1&cid=587728357.1664848936&jid=920599275&_u=YEBAAUAAAAAAACgDIC~&z=857890492

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame E0FB 42 B
107 B 331ms
25ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-48278079-1&cid=587728357.1664848936&jid=920599275&_u=YEBAAUAAAAAAACgDIC~&z=857890492

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BC9B 0
74 B 327ms
26ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhiq_O_FATAB&v=APEucNX1GRSRd71I8FQXEIjlbxfU9KmagWktGWBQNNBcMOfAQnbJp9--Y-fcFj23YFQaQmWonnDrteZhH9er0R_PIuLNtEQydQ

Requested by

Host: e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
URL: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 02:02:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame D943 23 KB
10 KB 332ms
30ms Script
text/javascript 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 21:14:44 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame D943 6 KB
3 KB 331ms
30ms Script
text/javascript 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 00:06:22 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D943 0
622 B 128ms
71ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu70yrZ-0Y_DX4vqA4HezBPepeTCnL3o8yPu6pJbV26bnXRL6qF_qvkoRaLGjre3ywRe9FjyfcKoIKIHcBtHVob39Nhii7wX2It1It9bymtcA8vzli9GW9UB2pd9bF0oTC9MHIVXOTbIw2PJi-FQ307gkp3gZAaHTJGftxr5Q82eJzqaLy9UqAnS4g9t3N6dMi-fRXNhJuk4Ty0JJnbvCcbFqaEQWmVsAHnrYXhIJPmGpBAMB3CmblfbaeIo2wDN-kfgDuRhQqt9ck-JbNxa-T3FIcooVvkx6AKDquIMM_FOkgsClHvx6uzCnQCAxJET9bl2rQpkWN_NhcHrFjG2gQcRdsXieJIjwTlYWUOOEHYJJjoV3bsm0B1S8dgYmLGGLKD_4Pr9mCjHxUrsij8FdDkGaQ1nWWxVuhGSPguCZVEmKp_QCHPncCA2ytVXjOIx2gFplMH856e3OmYXfAlxm4MpOOXlUkJs-rrr9x3K6bscg0s0wRcK4QLA6UGDFnzr-iW8iWLGMQEjbMnqD_ee3QFKfJVQ4SqnEfee8MVfuM6kwafiLdZvnkhDAyZknjs8MVBXk2fSgUAn4pyF3Bk8kGis6WcJk5di9ghAo1WiFWlo7hwubc1tk9kG2-1LI8MSMRcXKdDojoyU9D-au1qoc4IFJ-yP1DBHEqPjASUsA52F_I1DF5Ud5j0deNWkLiA8Sy0RHcznvwiSEDBWWA0zQ5egJ7aKCwUKJv1bykkRz-b46pRqiIgsqxXTSm5fnKLi8L_p6zNU950HqIIfZ6Hs8Awnm5oGs4pnSDa7cz6CJKoWkDMxJEAWAYcEFD0NlxyB4m_hB35vXMoIW0ckQKCPvxx81nApH4HwKzfJxAQ8Xv9jSdtD68DU4pys206ieHImO_hmP7_SbGZpzNR_zdVuFgK8FwqlOto8-a6oDveY1NCHya0OAZihN1eD8E592jLYLo0Pd7MAYgklsO3lINmfr47nXIUn0erEf9T3a2ynuWO4_eOdqPBEc3wg6jBLofm56q0G7DqKoOzDXiCw2pyABCdzk8k0y2kHORQnNFDfTc0RDLTwWvtLeGCrQ3TWBPZGVxBa8CgKWKmcf7bw8N0h7YmBf0Bh6q5pGjOMbFcNEuLDI1nvW1nBCeOM3fgB-CIHY6KAFDVFIZuyY9UDPg6yJaPY66mmIn48FybC1YroEo_HisumtbR1eW1ib9A_ZgzAvCqB9yxN3yYT_9nvOb0SgSndR7Gz3cuLL725FT0pTTU6yZ-1NB31mWZqGnu4JAKob9KSkZmQK1OYsTyIw&sai=AMfl-YQTDW-4zHQYOU2x6hZGrntKA7cRShe5BbahJaK-WT5yhy2sjzraIVrYcm0nfu_6D44dn1UcOq-mD5NP1QAjK1Gwhjz0HbHj3-LfFDf6r44xNQxAFrxrqAkM1S_t6pIo6eLIBRYSPEL92G9sg_OnCpCTnLUsilnYsCLh5UD9mzIkA8RtuP4hsED2qymAOlSFh0MHlz0oHtO5eKwVUQ7foNuWx0o4hpyeSyqtQVPOGNKTpZTSglJy5FbDuCIJHx6LqJ4lWwtnN3w3lXO3KF1f--VBCtjO8-ahunaf5n1qVNYM8Ty__A&sig=Cg0ArKJSzBkN0OqzUAOsEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220928.79494&adurl=

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 04 Oct 2022 02:02:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D943 41 KB
15 KB 316ms
15ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 21:11:06 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D943 42 B
110 B 365ms
61ms Image
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-At2Ipg18NSgTygrBL0QZXXnlNYnpW56g0iTzyBUZnsMAvfhxKkM-TCsKRXb2euU3loPxq2gtLcfG1AIk4zq5UkmAlXn3t9ZP_59YALKVIwpeaaJiE

Requested by

Host: e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
URL: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame D943 3 KB
1 KB 319ms
15ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
URL: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 01:21:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame D943 17 KB
7 KB 320ms
16ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
URL: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 01:25:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D943 0
0 355ms
51ms Image
text/html 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBuGvbCi0mQwtyhVSD5VWTt5rhaV4iL5JzvXlaKl-q2cs__6jgt2GMwNUm0evW64PljnSV
Requested by: Host: e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
URL: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s34-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D943 141 KB
44 KB 331ms
30ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
URL: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 02:02:17 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame D943 68 B
345 B 45ms
11ms Image
image/png 3.124.27.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YXdNeFZaTHBOVzZLNkVHNldDNVM4b1JfYTY4LzIzMDUzMzY3NjY6NzI4eDkw&v=5&s=v31gegblg8p&id=eyJkZnAiOnsiYWQiOjE3MjA0NTc0LCJjIjpudWxsLCJsIjowLCJvIjoyMzA1MzM2NzY2LCJBIjoiLzc2NzUvVEFDLnNpdGVfdGhlbmV3c3RyaWJ1bmUvX0hvbWVQYWdlIiwieSI6NzY2MjUsImNvIjowLCJzIjoiaHRsYWQtMTItZ3B0In0sInRwX2NyaWQiOm51bGx9&sb=undefined&cb=3486064&h=www.thenewstribune.com&d=eyJ3aCI6IllYZE5lRlphVEhCT1Z6WkxOa1ZITmxkRE5WTTRiMUpmWVRZNEx6SXpNRFV6TXpZM05qWTZOekk0ZURrdyIsIndkIjp7Im8iOjIzMDUzMzY3NjYsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
URL: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.27.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-27-64.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:17 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 15265586755767203531
s0.2mdn.net/simgad/ Frame D943 46 KB
46 KB 337ms
34ms Image
image/png 142.251.39.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15265586755767203531

Requested by

Host: e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
URL: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f6.1e100.net

Software

sffe /

Resource Hash

2af4c0132ae3dc8139b4aa7d82b82bd4be5bfba0441ea7b7cf34a6a022cdfcf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 19:08:12 GMT
x-content-type-options: nosniff
age: 197645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47142
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:50:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Oct 2023 19:08:12 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame BA35 43 B
245 B 97ms
96ms Image
image/gif 54.235.97.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjEyNDgwMDE5OSIsImVidXkiOiIzMDg1Mzc2MzY0IiwiZWFkdiI6IjUyMTYzNjM5MzAiLCJlY2lkIjoiMTM4NDA3NDIyMjM3IiwiZWVudiI6ImoiLCJlcGlkIjoiMTQ0ODUzNzQiLCJlc2lkIjoiMTQ0ODUyNTQifQ&tv=js-3.0.148&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=8&tvcfg=all&tid=841d5348-9645-486d-a2d4-22daae9eb3fb&pid=612772ec-e274-4801-9939-c00913f69403&dtm=1664848937062&qnm=_matherq&visible=1&tabid=ea7072d9-b81d-4be8-98e0-ffe179de0163&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1664848934&vid=1&lvidt=1664848934&duid=9c99ecfc8e63c3da&fp=2509661442&cid=ma12095&mrk=74930801
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.97.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-97-224.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 04 Oct 2022 02:02:17 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 829C 0
0 364ms
61ms Image
text/html 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=3880681926782310&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s37-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/07bc4410/compiled/ Frame 92AA 443 KB
103 KB 114ms
8ms Script
application/javascript 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/07bc4410/compiled/web.js?v=5-80a035cf46&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/57487d69/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss56R1YFQaF_EpCmJXylNymEdBJzrryP4AMdCcZmP1IXJpUzQAPkQ2VrV6t9xU34TfbApLDG6jw3rdlmQhB-jWfvAL6RVbenzx-kGsIoQz2wt1VHhc7w7Z9zA2ktw_BZXZPoqzjBn5CIufLjSaveN5qiqp26W04xUXqfxg7Pf04Nuz1MULfMXRLBjZmE1A-lBSzou8wXe0nl6fFBr-f10L5r3nfnF0jdu7JJqDTv1EHmmqdapZc7YZ-_pNMfybQuTGhviWO-rBx1KtLRqF-pytTYn-hXwbK_ATxIZ2XDkEv2bjTCjgHtP3eHK-Vmlk3RYOZBsxwJLfpAOjsCocAAWJOeD7mRxg%26sai%3DAMfl-YQL5SWRGL5HP0LxSOIyzmXqqipIILcIhGeJXrVKMhCabZi50ncrqI2m0qvEa3Ex8-H4iJ47z9RJec1WFSMF2sfK1zMWkqYFSh8CJOQvBXOSBNRjNzNBgKQCecTLlFwQUw%26sig%3DCg0ArKJSzImn3BnpNMhyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&widthBreakpoint=2500&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=GoogleAdManager&tagVersion=html-standard-7&eas.JWVjaWQh=138407422237&externalCreativeId=138407422237&externalPlacementId=14485374&externalSiteId=14485254&externalSiteName=thenewstribune.com&externalLineItemId=6124800199&externalCampaignId=3085376364&externalAdvertiserId=5216363930&coppa=0&externalCreativeSize=728x90&scriptId=celtra-script-1&clientTimestamp=1664848936.6&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=3764924804755503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: af21d2c66c628b377d0f35571b4983804e1388f6e38c2ed8c65eb2233889e051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:44:23 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.2), 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 69474
x-cache: Hit from cloudfront
content-length: 104820
server: Apache
etag: "3c5e2ca1b3b48ccd7f5ac8bb43de959a5d26420d141bdc3a17f0ee822f4d50c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 18403445 37019310
accept-ranges: bytes
x-amz-cf-id: BFHMylxy71Bm3uWFT05JA1HEu9ncFsvqFjxAoqXTh63tJcPxWACJBQ==

GET
DATA 200
OK truncated
/ Frame 92AA 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 017064ab-26e9-48a8-b362-31914d7dc998
https://www.thenewstribune.com/ Frame 92AA 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.thenewstribune.com/017064ab-26e9-48a8-b362-31914d7dc998
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H2 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A39 36 KB
16 KB 330ms
29ms Script
text/javascript 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:21:12 GMT

GET
H2 200 postmessage.min.html Show response
va.idp.liveperson.net/postmessage/ Frame 320F 11 KB
5 KB 511ms
188ms Document
text/html 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1664848937432&loc=https%3A%2F%2Fwww.thenewstribune.com

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding: gzip
content-type: text/html
date: Tue, 04 Oct 2022 02:02:17 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92AA 0
0 395ms
94ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0lt_EfCmOKLXnB7or3TePopFbYJ4b2QjhcNkdYokHRMp1vqeiS0WSHq60dM4-KvPUHuRMtHEWin0Yaja4dXQanTyBpjKsguMoCxonQ2JU8EbrZs5729z5NNI2Cd1UGXwKQ_OjsC5gegI6ZlLGCWcQIAORn8lJWhyTtgfMRmzz3uvOtohB0tAkX-GNEpx1NX9RpFq_JvsJJ1-7YxjWl0CayHqWYsVrckv1dG9_eq1L01xpcQWfGbQXmj3nzkinxYtslAizyzlMOpKz1IcNaTKrduIkTHmolCuyPu74KodY2xtFo4gBS835N57LPafDfZNDHCXvgzjwdER4ZONLC8fFa0S1-f-NmZu4Vg3Jug&sai=AMfl-YRBxjPs0FAKN_cJg7hrRB8Ofp_6wSUabR-j1fikms8vpwd99QRLHMihckISCJyZc7uOv-KPm7Cy-QmmiJ5RFkg4mTr5R5ot5AleQ5xeR18Wj8_MRSzGWhcsWWS4UeEhAg&sig=Cg0ArKJSzJ2Nvu9hp7SSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 04 Oct 2022 02:02:17 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 66ms
8ms Image
image/gif 3.64.188.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjowLCJjbGllbnRUaW1lc3RhbXAiOjE2NjQ4NDg5MzcuNTA4LCJuYW1lIjoiY29udGFpbmVyQmVjYW1lVmlld2FibGUifV19?crc32c=210039309
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 961C 22 KB
8 KB 316ms
14ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 01:47:33 GMT
expires: Wed, 04 Oct 2023 01:47:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 01FC 0
54 B 309ms
8ms Image
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=Microdata&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&rl=https%3A%2F%2Fwww.thenewstribune.com%2F&if=true&ts=1664848937689&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22fbp%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=2&o=30&fbp=fb.1.1664848936136.113430807&it=1664848935697&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Oct 2022 02:02:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ Frame D943 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18a3e127ec532e4b0aca483580c20e8e797891e9f611afd250ffec18fff8608b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D943 0
26 B 103ms
71ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 723459.jpg
cache-ssl.celtra.com/api/blobs/a6602359da09b3808cd9a24eec034ce0a93e357ce3706dd7007e1882c5e1ad1d/ Frame 740B 112 KB
113 KB 10ms
8ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a6602359da09b3808cd9a24eec034ce0a93e357ce3706dd7007e1882c5e1ad1d/723459.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 23ecf2ccf46f40cfd5b83f0cfc4f4449bee7ac235ea03725df263f32bd176bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:57:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 68676
x-cache: Hit from cloudfront
content-length: 114819
server: Apache
etag: "23ecf2ccf46f40cfd5b83f0cfc4f4449bee7ac235ea03725df263f32bd176bd8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 39341741 39365611
accept-ranges: bytes
x-amz-cf-id: PuLF1aidPUnp3T93SJbqmk6W-WlFBN-qwZZTrwj6LeJvVnDLND8Ghw==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjoxLCJjbGllbnRUaW1lc3RhbXAiOjE2NjQ4NDg5MzcuNTEyLCJzY29wZSI6Imdsb2JhbCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDYuMC41MjQ5LjkxIFNhZmFyaS81MzcuMzYiLCJvcmllbnRhdGlvbiI6MCwidG9wbW9zdFJlYWNoYWJsZVdpbmRvdyI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwfSwiaG9zdFdpbmRvdyI6eyJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwfSwibmVzdGluZyI6eyJpZnJhbWUiOnRydWUsImZyaWVuZGx5SWZyYW1lIjp0cnVlLCJpYWJGcmllbmRseUlmcmFtZSI6dHJ1ZSwiaG9zdGlsZUlmcmFtZSI6ZmFsc2UsImlmcmFtZURlcHRoIjoxfSwicGFnZVZpc2liaWxpdHlBcGkiOnRydWUsInJlcXVlc3RBbmltYXRpb25GcmFtZSI6dHJ1ZSwidG9wV2luZG93TmF0aXZlUkFGU3VwcG9ydGVkIjp0cnVlLCJhbGxvd05vbk5hdGl2ZVJBRkZvclZpZXdhYmxlVGltZVVzZWQiOmZhbHNlLCJjbGllbnRUaW1lWm9uZU9mZnNldEluTWludXRlcyI6MCwic3VwcG9ydHNDb250YWluZXJWaWV3YWJpbGl0eSI6dHJ1ZSwic3VwcG9ydHNDb250YWluZXJJbml0aWFsVmlld2FiaWxpdHkiOnRydWUsInRhZ1BhcmVudFdpZHRoIjo3MjgsInRhZ1BhcmVudEhlaWdodCI6MCwiYW1wRGV0ZWN0ZWQiOmZhbHNlLCJhbXBOZXN0aW5nTGV2ZWwiOiIiLCJzYWZlRnJhbWVEZXRlY3RlZCI6ZmFsc2UsImZldGNoU3VwcG9ydGVkIjp0cnVlLCJhc2FwRW5hYmxlZCI6bnVsbCwibmF0aXZlUHJvbWlzZXNTdXBwb3J0ZWQiOnRydWUsImJlYWNvblN1cHBvcnRlZCI6dHJ1ZSwiSW50ZXJzZWN0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsImlzTXV0YXRpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwid2ViVmlldyI6bnVsbCwiaXNXaW5kb3dPcGVuTmF0aXZlIjp0cnVlLCJwcm90b0xvYWRpbmciOnsiZGF0YUxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQiLCJibG9iTG9hZFN0YXR1cyI6InN1cHBvcnRlZCJ9LCJ0b3BXaW5kb3dMb2NhdGlvbiI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbSIsInRvcFdpbmRvd0xvY2F0aW9uTGVuZ3RoIjozMCwibmFtZSI6ImVudmlyb25tZW50SW5mbyJ9LHsic2Vzc2lvbklkIjoiczE2NjQ4NDg5MzZ4ZDcwN2Q3MWJhZGU1NDh4OTIwNTQyNzciLCJhY2NvdW50SWQiOiI1OTBlMTM4NCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjA4MjA4MDczNDc2MTM0NjM2IiwiaW5kZXgiOjIsImNsaWVudFRpbWVzdGFtcCI6MTY2NDg0ODkzNy43MjUsIm5hbWUiOiJ2aWV3cG9ydFBsYWNlbWVudEdlb21ldHJ5IiwicGFnZURpbWVuc2lvbnMiOnsiaGVpZ2h0Ijo4NjQ0LCJ3aWR0aCI6MTYwMH0sInZpZXdwb3J0UG9zaXRpb25SZWN0Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsImxlZnQiOjAsInRvcCI6MH0sImZpcnN0UGxhY2VtZW50UG9zaXRpb25SZWN0Ijp7ImxlZnQiOjAsInRvcCI6MCwid2lkdGgiOjAsImhlaWdodCI6MH19LHsic2Vzc2lvbklkIjoiczE2NjQ4NDg5MzZ4ZDcwN2Q3MWJhZGU1NDh4OTIwNTQyNzciLCJhY2NvdW50SWQiOiI1OTBlMTM4NCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjA4MjA4MDczNDc2MTM0NjM2IiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTY2NDg0ODkzNy43ODMsIm5hbWUiOiJjcmVhdGl2ZUxvYWRlZCIsInZpZXdhYmlsaXR5MDBNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJpbGl0eTUwMU1lYXN1cmFibGUiOnRydWUsInZpZXdhYmxlVGltZU1lYXN1cmFibGUiOnRydWUsImNkblZhcmlhbnQiOiJub25lIn1dfQ==?crc32c=2133704226
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 723459.jpg
cache-ssl.celtra.com/api/blobs/a6602359da09b3808cd9a24eec034ce0a93e357ce3706dd7007e1882c5e1ad1d/ Frame 740B 112 KB
113 KB 9ms
8ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a6602359da09b3808cd9a24eec034ce0a93e357ce3706dd7007e1882c5e1ad1d/723459.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 23ecf2ccf46f40cfd5b83f0cfc4f4449bee7ac235ea03725df263f32bd176bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:57:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 68676
x-cache: Hit from cloudfront
content-length: 114819
server: Apache
etag: "23ecf2ccf46f40cfd5b83f0cfc4f4449bee7ac235ea03725df263f32bd176bd8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 39341741 39365611
accept-ranges: bytes
x-amz-cf-id: hkkCz12GgpAR3IAWiDXqKZuuuGCRGeqRzc3c9NuecC2iJ4Pd4Tq7rw==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4Ijo0LCJjbGllbnRUaW1lc3RhbXAiOjE2NjQ4NDg5MzcuODAxLCJuYW1lIjoidmlld2FibGUwMCIsImNyaXRlcmlvbiI6eyJuYW1lIjoiQ29yZSIsInJhdGlvIjowLCJ0aW1lIjowfX0seyJzZXNzaW9uSWQiOiJzMTY2NDg0ODkzNnhkNzA3ZDcxYmFkZTU0OHg5MjA1NDI3NyIsImFjY291bnRJZCI6IjU5MGUxMzg0Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMDgyMDgwNzM0NzYxMzQ2MzYiLCJpbmRleCI6NSwiY2xpZW50VGltZXN0YW1wIjoxNjY0ODQ4OTM3LjgwMiwidW5pdE5hbWUiOiJtb2RhbCIsInVuaXRWYXJpYW50TG9jYWxJZCI6Niwic2NyZWVuTG9jYWxJZCI6bnVsbCwic2NyZWVuVGl0bGUiOm51bGwsInNjcmVlbklzTWFzdGVyIjpudWxsLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NDg0ODkzNy44MDIsIm5hbWUiOiJ2aWV3U2hvd24iLCJ2aWV3TmFtZSI6IjEwMjQgeCA3NjgiLCJjbGF6eiI6IkNyZWF0aXZlVW5pdFZhcmlhbnQiLCJkZXNpZ25TaXplIjp7IndpZHRoIjoxMDI0LCJoZWlnaHQiOjc2OH0sImF2YWlsYWJsZVNpemUiOnsid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMH19LHsic2Vzc2lvbklkIjoiczE2NjQ4NDg5MzZ4ZDcwN2Q3MWJhZGU1NDh4OTIwNTQyNzciLCJhY2NvdW50SWQiOiI1OTBlMTM4NCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjA4MjA4MDczNDc2MTM0NjM2IiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTY2NDg0ODkzNy44MDMsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjoxMDc1LCJzY3JlZW5Mb2NhbElkIjpudWxsLCJzY3JlZW5UaXRsZSI6bnVsbCwic2NyZWVuSXNNYXN0ZXIiOm51bGwsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjY0ODQ4OTM3LjgwMywibmFtZSI6InZpZXdTaG93biIsInZpZXdOYW1lIjoiMzIwIHggMTAwIiwiY2xhenoiOiJDcmVhdGl2ZVVuaXRWYXJpYW50IiwiZGVzaWduU2l6ZSI6eyJ3aWR0aCI6MzIwLCJoZWlnaHQiOjEwMH0sImF2YWlsYWJsZVNpemUiOnsid2lkdGgiOjE2MDAsImhlaWdodCI6MTAwfX1dfQ==?crc32c=240196856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4Ijo3LCJjbGllbnRUaW1lc3RhbXAiOjE2NjQ4NDg5MzcuODE3LCJ1bml0TmFtZSI6Im1vZGFsIiwidW5pdFZhcmlhbnRMb2NhbElkIjo2LCJzY3JlZW5Mb2NhbElkIjo4LCJzY3JlZW5UaXRsZSI6IlN0YXJ0Iiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NDg0ODkzNy44MTYsIm5hbWUiOiJzY3JlZW5TaG93biJ9LHsic2Vzc2lvbklkIjoiczE2NjQ4NDg5MzZ4ZDcwN2Q3MWJhZGU1NDh4OTIwNTQyNzciLCJhY2NvdW50SWQiOiI1OTBlMTM4NCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjA4MjA4MDczNDc2MTM0NjM2IiwiaW5kZXgiOjgsImNsaWVudFRpbWVzdGFtcCI6MTY2NDg0ODkzNy44MTcsIm5hbWUiOiJjcmVhdGl2ZVJlbmRlcmVkIn1dfQ==?crc32c=3390021284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4Ijo5LCJjbGllbnRUaW1lc3RhbXAiOjE2NjQ4NDg5MzcuODE4LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6MTA3NSwic2NyZWVuTG9jYWxJZCI6MTA3Nywic2NyZWVuVGl0bGUiOiJTdGFydCIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6bnVsbCwib2JqZWN0TmFtZSI6bnVsbCwib2JqZWN0Q2xhenoiOm51bGwsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2NjQ4NDg5MzcuODE4LCJuYW1lIjoic2NyZWVuU2hvd24ifSx7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjoxMCwiY2xpZW50VGltZXN0YW1wIjoxNjY0ODQ4OTM3LjgyNCwibmFtZSI6InZpZXdhYmxlVGltZSIsImZyb20iOjE2NjQ4NDg5MzcuODA0LCJ0byI6MTY2NDg0ODkzNy44MDR9XX0=?crc32c=1670058005
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 723459.jpg
cache-ssl.celtra.com/api/blobs/a6602359da09b3808cd9a24eec034ce0a93e357ce3706dd7007e1882c5e1ad1d/ Frame 740B 112 KB
113 KB 12ms
8ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a6602359da09b3808cd9a24eec034ce0a93e357ce3706dd7007e1882c5e1ad1d/723459.jpg?transform=crush&quality=85
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 23ecf2ccf46f40cfd5b83f0cfc4f4449bee7ac235ea03725df263f32bd176bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:57:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 68676
x-cache: Hit from cloudfront
content-length: 114819
server: Apache
etag: "23ecf2ccf46f40cfd5b83f0cfc4f4449bee7ac235ea03725df263f32bd176bd8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 39341741 39365611
accept-ranges: bytes
x-amz-cf-id: MXENYA96vVb-HUV-lOIHjqHrMen6uY97fPSx7g_qYNfP-k_5KsClPA==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjoxMSwiY2xpZW50VGltZXN0YW1wIjoxNjY0ODQ4OTM3Ljg2OSwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjI0NDEsInNjcmVlbkxvY2FsSWQiOm51bGwsInNjcmVlblRpdGxlIjpudWxsLCJzY3JlZW5Jc01hc3RlciI6bnVsbCwib2JqZWN0TG9jYWxJZCI6bnVsbCwib2JqZWN0TmFtZSI6bnVsbCwib2JqZWN0Q2xhenoiOm51bGwsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2NjQ4NDg5MzcuODY5LCJuYW1lIjoidmlld1Nob3duIiwidmlld05hbWUiOiIxNjAwIHggNTAwIiwiY2xhenoiOiJDcmVhdGl2ZVVuaXRWYXJpYW50IiwiZGVzaWduU2l6ZSI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0Ijo1MDB9LCJhdmFpbGFibGVTaXplIjp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjUwMH19XX0=?crc32c=1561237233
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjoxMiwiY2xpZW50VGltZXN0YW1wIjoxNjY0ODQ4OTM3Ljg4NSwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjI0NDEsInNjcmVlbkxvY2FsSWQiOjI0NDMsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjY0ODQ4OTM3Ljg4NSwibmFtZSI6InNjcmVlblNob3duIn1dfQ==?crc32c=706655926
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 8A39 0
40 B 319ms
18ms Image
text/plain 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?a4oD8w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame 961C 36 KB
16 KB 334ms
33ms Script
text/javascript 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:21:12 GMT

POST
H2 200 authorize Show response
va.idp.liveperson.net/api/account/2196236/anonymous/ Frame 320F 676 B
2 KB 192ms
192ms XHR
application/json 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/api/account/2196236/anonymous/authorize?__d=41980

Requested by

Host: va.idp.liveperson.net
URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1664848937432&loc=https%3A%2F%2Fwww.thenewstribune.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

f42d544d48e695c6284a667346fdfe56e921ba4c09704554e6e55f0207f9dccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

LP-DOMAIN-REFERER: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: */*
Referer: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1664848937432&loc=https%3A%2F%2Fwww.thenewstribune.com
X-Requested-With: XMLHttpRequest
LP-URL: https://www.thenewstribune.com/

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/json
access-control-allow-origin: https://va.idp.liveperson.net
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
content-length: 676

GET
H2 200 2196236 Show response
va.v.liveperson.net/api/js/ 245 B
1 KB 540ms
230ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/2196236?&cb=lpCb82597x62274&t=sp&ts=1664848937412&pid=3670369028&tid=2164680562&pt=Tacoma%20WA%20Breaking%20News%2C%20Crime%20%26%20More%20%7C%20Tacoma%20News%20Tribune&u=https%3A%2F%2Fwww.thenewstribune.com%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22f1c855dd-8f20-4247-8855-dd8f20a24779%22%2C%22account%22%3A%222196236%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 78f38392da957f060243f3c7b65e5e8b26dfeb572199a08ddefe4370f9bf2e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:18 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 961C 0
58 B 370ms
69ms Image
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjvSZKJQ7Y8DwDcnD7_UPk4CL4AoAAAAAOAHgBAI&bg=!hIelh8PNAAYQgTJdMIE7ACkAdvg8WpY-9oXvJG6M_q4MCIfMicicYWe_9JOEjjXTIw_VC0eGNuFcTQIAAACMUgAAAANoAQeZAvapRwVh0txWnb91VSS--PepTRv1RLzfmsXl96XhKJyV4KUmJP5nTZuPAMVfmgnzg0w7RkBYWZSDW0C-q-sIAVSp86PIOT_AAwSqdyVVu38lVDlC5Yycshi_n_wLz1hFGoZpd4FeUcFyJX5Hwe7NMpogrnfuynhX7dDF7mXY1ruzLDhQ7U6KZ2jqZ0136LzIyplV5ILs0F5EJzEJMbzMuAkcE9VCcZqUVo32uPvgZ6RRk10_7bOz6YGo6U5zXLlE27N7ncRHDAmMu8T2aHRyeFp_dy_ARMf6JtLSEBdyJnnm9kghclTzW7RyJ_lqBod8ar4c3bxuQlY68bxDy57G_qLPFXGjOevEmO36d7XDiamieb5M2_Hz8ykD_OnA9iW4_p80Kl0hzuinienNJ-IoJXO-Y8SMj8KjCM--bpxidR-C-qDdEIsmtsavC41biNuXQXKrENdM2aEnu5ztf1r2LExFAP53icOTTmQkFKRPUXl5ddPrMa0wOTHHdBQfQCgboJPP8fvZODshUFICUzGrFKp4BTKAx3fcuMOSr3QyG921f5RdnEwGb2A52fZEsHTu9hPaBWBpfQVzE3dPRHCpPRZMtkOZHdhKHt6Xy1TE3LfjyQClwLv2FkjVbUMhX3zWKtq8kFA52JG7WjlrwdzcTiHhH2QjVGeSwdKo3Wik5msHdmL0llrFUplBeJVnE3PWBf-MO_kQtZ0yhCp2y349Rl1sTyTH8pLffrF6FNClpGFUqiXzr_ds8KKvqvCp0l0JWoYL5vAJwgaGqirg7eZPFN0YDMxbqj0JCaGZh8sgkHo4wW9R2FP4-TJBzEZvWo12MuXnGY9ifSznILaupqz4LGjaV4xx-QZEG4enbqybBVRG07nyRlpYg1RPiV2nuZvaWKpuoZOpPUqUniSnhZZyK2B1EtdzJ9O5UdHSh0lQd5XcDw3-HTGL_kRBkRYb3_oQmwmG9k0bshBUPVi5gj5QVtOqiqFjXpiP0RA2VufhQs-PqVNiHFmJwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 365ms
64ms Image
text/html 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=3880681926782310&bg=!yMuly4_NAAYQgTJdMIE7ACkAdvg8WsGsmWXXT8z9BeryrUrK6HULQR8pQuQXFUgfUNgSD6BYstx3LgIAAAFHUgAAAANoAQcKANRsO-7RTweiMhmeQ-Kewun1Xegv8es2nwGIizfRF0pVC7tZmKEnMGNe32Bp87uzCt3aNhrFhmIpJRtp2xHVsJsq-1zHsUqk119TdrDUBD1wgKTy2JVcRal-NzNTG_mRoBDEsYdJKuW6vN4ZAVnx43PaiUGLsd9mKSOs0xY-HV5OTi5-U8iebipXyc52UvbPcwNH6hFL_Rf8Kggb0OAq6BszP2aAzuVT-dKiafMCqpg5scabREpxXSar4AI3cT1CIVi9KKFB96B6S-GtrexqV4k4S5DoP5kCoKZwO1RmulqIjdmB-LoSX2nixEtNysMlIABJXTeH5RfraXoz_Gl-4h3kPAkqoBaGNyn5JWLst2HMMxiSS0rdBY0HvnQe9ug39VnIGI17_Bz5MqK9zoWenbFL4mTPilemqz94FhtRBnfsrSfbdRDonMe0pUVbprjG1vYspedXLNjDRJ9fZTTL7pkblLFY2KE_yE2j4elrQaImtvJAbwZTmMJFrhj6fUQznkXYtKAkEs31FwVTckAAkUrFQg5TPLAOHh8Pz6rFphe5QQWV_KRPFzK_qQ6TNCdJk3seyNcarQzGgWBPSXCdQYULflF13gpIoK3da93ChUvIhR4M1bO3NEuBKvwZbadQksb4C41mN3UXFR_gtGkeDyazbNOUL57Ic3onn9oJF34zV7eV-ZaqeRSIFhOrwwXWJurNd1mh9jgvNWwMOYNhAibo_TFXiWhUROExUa-WJTtRK36fcmSCQLIHfUrweoEyYXhqsUPGdkC2rRF4kh1BA9SA-b2tsbu9UDpHRYeTdSwxQby09Tdq4029DPAel8iACeLEY2x9AmB3I7E7orqhncMNaJsGojbTXNOzfL7kH5OKqGL8sZmgEVveZYGNO9VlUwVBMIXSvuoNu3d07xW9MNEfD94fX7vr5QYV0Gdp88zVoIWbGonWxguNaJCnFvc1Rc1ICyJbkkdL8GNgIHQMXbXAGwOG6piwaUjUhYY2pVcMBvBL7rj4KOgIlKVnKWJAr4O5d7jZGtSohXQ9tjPKTivg-J_gS-tplNKVTEoImSqIjgfGqrU31x8LKfUkmaFHM6T5VG9L7LQCmBxeULhsh8CGw0iRSgqWkGoAC8yYFt4YMqIWxggNtd4jz_mlXe_DFqfXJmJnK9uIqWgtR-eQQe4tihEuuRBlBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s37-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D943 42 B
166 B 403ms
102ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqVsZYOPrSAHW0rB6u10c_cP_F85hJdJbLrEkDS6yD65W1D1uiJdVe7FsUH7weAd4-JR4IQZpOPEN7mLEiyPbX_qnDwMTzPektDNDUeLpBu0P1Jfak0WwnMllPbsFkZrFz3gLauA&sai=AMfl-YR66WfUtDku0kTptHzf7nerKzSwwDPgM7A1OUVZ0FA9PP7qO9OGCw1HHPbCIPmTS0VUADHdOAhi5rq9ZPSz2v7b0wu1PdpuFiIY9jEGWwZ4YzIGsMcbgbIWB8k0p_c&sig=Cg0ArKJSzBeRjDCkrIttEAE&cid=CAASUORoW2aSFntY13DclvlohXC1--zlG_5114Y7FzPjVNA72bz9a52cuRi7GQql5IWsF_czD-hnkAdssELxowVTxTKG0wbAkCD3NI7go1NkT7SO&id=lidar2&mcvt=1000&p=1102,444,1192,1172&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3608025220&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664848936580&rpt=1133&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 02:02:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2196236 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 101ms
100ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/2196236?sid=78WGdMkYSW6EpBpan439kw&cb=lpCb14351x34422&t=pl&ts=1664848938260&pid=3670369028&tid=2164680562&vid=QwN2EwOGYxYTVlZDNkOWU0
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: aeedf9763ed3dcd3e02fec462abc6e44600999c7408123fe158190b834aa1b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:02:18 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjoxMywiY2xpZW50VGltZXN0YW1wIjoxNjY0ODQ4OTM4LjgwNCwibmFtZSI6InZpZXdhYmxlNTAxIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiI1MC8xIiwicmF0aW8iOjAuNSwidGltZSI6MTAwMH19XX0=?crc32c=2826925768
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjoxNCwiY2xpZW50VGltZXN0YW1wIjoxNjY0ODQ4OTM4LjgzLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTY2NDg0ODkzNy44MDQsInRvIjoxNjY0ODQ4OTM4LjgyNH1dfQ==?crc32c=1335881326
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 36ms
8ms Fetch 52.29.201.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.201.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-201-209.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 04 Oct 2022 02:02:19 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 30ms
8ms Fetch 52.29.201.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.201.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-201-209.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 04 Oct 2022 02:02:19 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjoxNSwiY2xpZW50VGltZXN0YW1wIjoxNjY0ODQ4OTM5Ljg0NiwibmFtZSI6InZpZXdhYmxlVGltZSIsImZyb20iOjE2NjQ4NDg5MzguODI0LCJ0byI6MTY2NDg0ODkzOS44M31dfQ==?crc32c=961694358
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjoxNiwiY2xpZW50VGltZXN0YW1wIjoxNjY0ODQ4OTQwLjg2MywibmFtZSI6InZpZXdhYmxlVGltZSIsImZyb20iOjE2NjQ4NDg5MzkuODMsInRvIjoxNjY0ODQ4OTQwLjg0Nn1dfQ==?crc32c=2204805469
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY0ODQ4OTM2eGQ3MDdkNzFiYWRlNTQ4eDkyMDU0Mjc3IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwODIwODA3MzQ3NjEzNDYzNiIsImluZGV4IjoxNywiY2xpZW50VGltZXN0YW1wIjoxNjY0ODQ4OTQyLjg3OSwibmFtZSI6InZpZXdhYmxlVGltZSIsImZyb20iOjE2NjQ4NDg5NDAuODQ2LCJ0byI6MTY2NDg0ODk0Mi44NjN9XX0=?crc32c=4096505886
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 04 Oct 2022 02:02:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cf-images.us-east-1.prod.boltdns.net
URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/bc4ba8e2-a887-436f-af1d-253734c72c79/56eda63b-64a6-4e89-8bc7-8c7de3c15cec/1280x720/match/image.jpg

Domain: cf-images.us-east-1.prod.boltdns.net
URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/2579aef7-6852-43c8-983f-89fb4e8fe46a/c30a25aa-de41-4fb9-a491-213a2b679d7b/1280x720/match/image.jpg

Domain: cf-images.us-east-1.prod.boltdns.net
URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/909188f6-7914-4746-bf7e-b3c939ccd5fd/main/1280x720/35s491ms/match/image.jpg

Verdicts & Comments Add Verdict or Comment

303 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
amazonc.o.m-users-manage.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: 60949e36792069e8f6730fd199eadd15
.demdex.net/	1970-01-20 10:46:40	Name: demdex Value: 71150945207633381443669278850740175888
.everesttech.net/	1970-01-20 15:13:04	Name: everest_g_v2 Value: g_surferid~YzuUIwAAAHlFagMx
.doubleclick.net/	1970-01-20 15:49:04	Name: IDE Value: AHWqTUlYUnpvTuC-nBaz-ryzMovQfC1G4UY7XdUlcLwGZiiU_sZle3u58TRYUE-X7AE
.dpm.demdex.net/	1970-01-20 10:46:40	Name: dpm Value: 71150945207633381443669278850740175888
.thenewstribune.com/	1970-01-20 06:27:36	Name: ak_bmsc Value: 8DA441EF896B6A3D6567D080F06A8170~000000000000000000000000000000~YAAQJChDF+kL7p6DAQAAr666oBFUWZKRpX7LqHa+TApv921GUNMtYf1+s5cOt9as7+6rsluvfae2t0CM6sEucSW/kVWhcEubccODQkIoExTRDreANDgumlBDRT7O0Oz540oTbd6tcoC53vfNo1iB8biBjB+kMkwNeEo5RKWGY5PaaYhRcrD7XL3tgWdNwN0/LpKat1HNBxqTLpuKYvx1JWazHDWtDvtBNyeRDncEbs25lauy5mjK3O3VoZWQoG5b/yZD6qQAtHwReqTNLGeaezSalUpR3/KagxGgkirE5L7xjpHC4wXEesp5HgC6QpTSodnNZWTJ67kfEAevoY2W/gR3/nM9VMJo/+f6g+Z/yAhZP5KBFbH9xFE+m6UR8Bh0Jjdom63btvDWc+mCu5lJlMsS8xgEs3U52WMrCEcEI1aWV8IHV/3F/UcMNCOCM2jz9jtCvE/BhC7aqz2PBBh7fyeiUzphNTCnQEM3Nllplpn1fytPRq25J8DCzoJnEg==
.postrelease.com/	1970-01-20 15:13:04	Name: opt_out Value: 1
.thenewstribune.com/	1970-01-20 16:03:28	Name: adcloud Value: {%22_les_v%22:%22y%2Cthenewstribune.com%2C1664850734%22}
.thenewstribune.com/	1970-01-20 06:27:30	Name: _sp_ses.757a Value: *
.thenewstribune.com/	1970-01-20 08:37:04	Name: _gcl_au Value: 1.1.1231713560.1664848936
tags.srv.stackadapt.com/	1970-01-20 15:13:04	Name: sa-user-id Value: s%3A0-6be2c01e-4298-497a-53fe-fca050ff4716.0ajZRLoTkOhIHL2hSms9DiGKv5lLXVTcihysxk%2FgMnA
.srv.stackadapt.com/	1970-01-20 15:13:04	Name: sa-user-id-v2 Value: s%3Aa-LAHkKYSXpT_vygUP9HFiU6OQU.PJC8RuqhcBwIzbBfhDQtTV3Unh%2BLzd2jNwIdaiNzRrM
www.thenewstribune.com/	1970-01-20 15:13:04	Name: sa-user-id Value: s%253A0-6be2c01e-4298-497a-53fe-fca050ff4716.0ajZRLoTkOhIHL2hSms9DiGKv5lLXVTcihysxk%252FgMnA
www.thenewstribune.com/	1970-01-20 15:13:04	Name: sa-user-id-v2 Value: s%253A0-6be2c01e-4298-497a-53fe-fca050ff4716%2524ip%252437.58.57.5.pZk4HUjsRNh2QON4r%252BGJEqzKj7kYI21AXNxUTkC1Mdg
.thenewstribune.com/	1970-01-20 08:37:04	Name: _fbp Value: fb.1.1664848936136.113430807
www.thenewstribune.com/	1970-01-20 15:51:57	Name: qcSxc Value: 1664848936150
.thenewstribune.com/	1970-01-20 16:03:28	Name: _ga Value: GA1.2.587728357.1664848936
.thenewstribune.com/	1970-01-20 06:28:55	Name: _gid Value: GA1.2.1620512599.1664848936
.thenewstribune.com/	1970-01-20 06:27:28	Name: _gat_gtag_UA_48278079_1 Value: 1
.quantserve.com/	1970-01-20 15:57:43	Name: mc Value: 633b9428-7254c-d9fde-31817
.thenewstribune.com/	1970-01-20 15:51:57	Name: __qca Value: P0-294253934-1664848936142
.thenewstribune.com/	1970-01-20 16:03:28	Name: _sp_id.757a Value: 9c99ecfc8e63c3da.1664848934.1.1664848937.1664848934

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
accdn.lpsnmedia.net
adobedc.demdex.net
ads.celtra.com
adservice.google.com
adservice.google.de
amazonc.o.m-users-manage.online
ams-pageview-public.s3.amazonaws.com
api.bounceexchange.com
api.ipify.org
app.securiti.ai
assets.bounceexchange.com
ats.rlcdn.com
c.amazon-adsystem.com
cache-ssl.celtra.com
cdn-prod.securiti.ai
cdn.confiant-integrations.net
cdn.keywee.co
cdn.p-n.io
cdn.parsely.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d15kdpgjg3unno.cloudfront.net
data.cdnbasket.net
dpm.demdex.net
dyv1bugovvq1g.cloudfront.net
e.cdnwidget.com
e00b5897e2207ddf4122b3250c4838bb.safeframe.googlesyndication.com
edge.adobedc.net
edge.api.brightcove.com
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlbid.com
ids.cdnwidget.com
imasdk.googleapis.com
jadserve.postrelease.com
js.matheranalytics.com
k.p-n.io
lasteventf-tm.everesttech.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
media.thenewstribune.com
ml314.com
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
pixel.quantserve.com
protected-by.clarium.io
pubads.g.doubleclick.net
publicapi.misitemgr.com
pxl.qccerttest.com
rules.quantcount.com
s.ntv.io
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
tag.wknd.ai
tags.srv.stackadapt.com
thenewstribune.com
tpc.googlesyndication.com
track.celtra.com
va.idp.liveperson.net
va.v.liveperson.net
view.cdnbasket.net
www.bellinghamherald.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.idahostatesman.com
www.mcclatchy-wires.com
www.thenewstribune.com
www.theolympian.com
cf-images.us-east-1.prod.boltdns.net
104.18.16.107
104.18.41.98
107.178.250.234
108.138.2.19
108.138.7.53
13.32.121.108
13.32.121.51
13.32.99.105
13.32.99.35
13.32.99.95
142.250.180.227
142.250.180.228
142.250.184.194
142.250.185.106
142.250.185.98
142.250.186.104
142.250.186.161
142.250.186.162
142.250.186.35
142.250.186.98
142.251.36.10
142.251.39.2
142.251.39.3
142.251.39.38
143.204.89.56
15.188.95.229
15.236.176.210
151.101.130.27
151.101.66.49
166.108.36.240
166.108.36.245
172.217.18.14
172.217.19.112
172.217.19.97
172.217.19.98
173.194.76.155
178.249.101.23
178.249.101.98
178.249.101.99
18.143.183.144
18.64.108.220
18.64.83.82
18.66.100.58
18.66.112.15
18.66.112.48
18.66.112.76
18.66.23.210
18.66.97.52
185.60.216.19
185.60.216.35
2.18.169.60
208.89.12.87
208.89.15.170
216.58.212.162
23.75.234.119
3.124.27.64
3.217.212.221
3.239.232.73
3.64.188.198
34.102.193.48
34.107.191.194
34.111.234.236
34.111.8.32
34.117.124.38
34.120.253.250
34.217.7.19
34.251.26.3
34.95.76.208
34.98.72.95
35.201.92.233
52.17.99.225
52.216.226.0
52.29.201.209
52.30.254.53
52.44.206.121
54.208.179.247
54.231.170.80
54.235.97.224
54.76.210.146
54.91.59.199
91.228.74.206
96.16.147.243
0025b4565edf4c7cfc56348ffbe82d06aad15d8950c48e32e7aada9668cac068
0036a0fd6aad3469f1c465e6ce22f44a35c999ac0f553a9d0c38ef31c231b77b
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0220aa940451c8343ce72cea556f0987a1bb0e6ee88e202afb223876e3cd8681
04763f567754fa13c29c6ca95d8f0182db2a77e8667d37d731c37e32aa89c2c2
04814dba80c269e2ab732f9f3f1989cc7ed4c143bfeeac1ec66bee1892ddba34
04ad75bb75fb9bd7ccfc6ced51ab98904f932b3737be7e03ca4dd2a01eb2ec88
051bc401da542c03c1addebfe9b686e83a9c04f56250e41bf28dce0fd6b6edd1
05946407fea8f855f22d5cb6dd76d4992da19352a68dbec50b8a6c24bc2e6231
0676db1b4ed58d66f40b8475abd367dc036fd23f2f62471a312ef5428618e293
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ec315383aed307022eb39089b8905f308699beb33503d359c32caf51810da5
07c9f195b802b98c0a702dd5f26467c81db912f5b272a407f7c4dea462ad4637
0a3207ed6ac144bb58e9ea8a9a44d3e121e1ffb5444e72256017e2d5e7266873
0ab61b75b73adf91a9f91da1d5c9f8fff7b53a39991e5bf6d1f2f7a390021978
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0cfe55df715f0074c0d7b064bd5e6f492e11a8ea9ba55966ffd5a151b87c7a17
0e14234e09f553020ebe23b247cd621d365a71e356760edd909cea483ec395cf
0e1b23e83e1d1c69f9775a2ce1029383114d0827b56e621a7f3430c094a6ce17
0f7bb922403a0dde555b8ff2724b25b64f0d42045117f311697d1d10c459d61c
11545d74a2da2ad36c4bc054de486b19549257010a49cea35bb59086d9c7d9e2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
14c4aa65456d3dac54a31a405d4551023bc6d8c41ebc1f506620e07f43417687
18a3e127ec532e4b0aca483580c20e8e797891e9f611afd250ffec18fff8608b
18e07d2e805871c64b625eb03c950fc77cbbdb707a26493fce307d39f4571524
1add57ee1ca3481a226f33de0ae643ce3e3e454e717bed135649ec1455232046
1fef013c1c2efb6a9abf8510ff88054861f60b56b50d276fd3925ec7fff2047b
20ea6f07a1e9f755bdc500d50d302b60a4c677590d5cc4256f0a2df87dc11b7b
23ecf2ccf46f40cfd5b83f0cfc4f4449bee7ac235ea03725df263f32bd176bd8
242013aa9859153b059201f37aa2f3ee54042ebdcd50b6ed96aa4a9d2ae5e4d7
247aba09e01c114ffb72425ddc4625410d7a871c98e84866f6065cf93b96933c
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
274839257a926075bf2f9afbb4acaff17175e3c8beff332fac10e846cdd2bbc1
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
28997777275ee4741feb19e27a7b628db71161cbe7017ee17484508bb73c5cd2
29250cc2ed9a89b4f5c3665913db772f7ce3da6ac0a837604ff27e6ceb318f85
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
2af4c0132ae3dc8139b4aa7d82b82bd4be5bfba0441ea7b7cf34a6a022cdfcf1
2bf517104f255123ba18c57e1de2f672c0271712d716ff844a26ea8162453b45
2c2d839942cb9548ad7447ed4fe2bd45e0c84b4eef108fd5c6ec085b0e2405da
2d5b8a3910283f62c4e916b4ac27e52820b74fca5bc47cb3a9faa16f30b278f2
2e8e0c08bc924e2737c15a18ec7522068e91cac78826b0f53f4f6e327a22ea5b
30a0db93353ae367619db114f53600dfaa9db283eb6010bff276c950ec7ac40b
31463f7196625e2a74f34f94d8d9908c5a94a0e8809c8ba494c2ccd4f5c87aa0
340bfc086e6b3ce466428c97fd5bc71f1adb766fbfeca9e25a604d6cb5f2d59d
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
359ca6d9de759ae6cc10299b0952d454830da1b9f1109146dc4626685b898258
372f23dfd7b225c2d12abb8e7c4b14de6ba4b17cbe52160c9b4d2bf50829858d
38c6a2d5b4a654ad9062ea9e6ba8632e6396ebeaa2943020a0897b9f7e038519
3a7d144b71246ddb90a2e1e5632c0b4062039d55c819508ba6a7e33700c488c6
3b9fdf22e5006fe739274ae36f752b95b937b7fac38d7107cf0aaf26adafa88b
3c29b36437287cf07d0b290ba0521e3ce3d71587632641586b7d216bb849879c
3c38a5cc98e720502ab74fabe548caec516a4a92b8aa4ff8d90329038158934c
3caec09d4d3de6d05deb20d3744dca95f71663e840649e58a3e6269159a65985
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3ee3fd4422e68e94b09e937a007aedf344569f7a749aa0da571c191715e97167
40bd715f039fc3a10bee6d57043e4ffc5ede47c39789313e15873ca467777d0b
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
44da744510338f9526948a489814d2384d9c98f5ce15114ebe33bcebe5888dbb
45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4bebeadc347808ade083c9eece87f0da0b0702d4aaf189a99de64e155578d18f
4bfac80126acaa331e92a0ce7506c790489fc39ab408bfc1105d7353a95d1774
4d7a61d537d5d760873c8a3382cd94843074a083d1dee675df4921aa876d3f35
4e55a068b7d1bae86ae048025e8fc3c1a9f9296e268037c136886f7b424f0c2f
4e73afee09520bd500d0b4be8e29d9a7d48a00faa0faf333608479c8b2573956
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c1d3050160688ab650b0d73e6c21a45efe68acf4d566f1dccdb3b6a8271ff5
525efeb6315110c3ba4b37840accb46e1992875e5a434aeda15e9576f7745ba6
527a100fe206c1c3272f8f02a5e402925dbc6291cbb0ed73ab081ebb61f33476
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
580e98c046a917971bcea078968423ca8962e921795d7f47cafb2377a7573880
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a6a1024807e3504d93d0fc26e07281450105e97e36169a178243b9856dad356
5b8a4248e101485352d17aa7418d3df32777b8dc20652f3d19f645d6152a3351
5b8b604f23852bd0617e4bb6dab249f02ed3cfe14f82b5e8663330dab323bdd2
5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2
5f7029e3b47ec6f691e64d2b0d9907f8deb170b53cb6a851516e365cd8581970
60c67b61c036e739d02f7ede3743012003c6bf06788c9fba601b65983c0a0ab3
61922484f36678d206073f40a2edea61772d851cde2cd0a72c8dd0233848b2cf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6345619c4e5b468d0f4cb64006632869688a99dc8557cfc1c9c4a1f27087081b
638dd2b7dcbf1ed5c418c0ffa6c0d6e5d9072c841caf90b1222016be9313f1b1
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
650587719d00d216eff81b7a8feade391863ace124e282d62018b1df5fd75f92
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
685d875825ac52a0ef19f065f10878fbfadbbc15e33f48af6a82a5ff5a08f450
68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d
6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6967c4beb25051a0c11891b36c53678be622889460ffd3d5d44d92e08fc20b4f
697a410186a8355c10719ac5515b9a771a04d753bf618ee43d24e1d7789c5fd2
6aa807a90524c0f03f878d1c916e874aaaa3898eef8a624f5edcf259da7dcf29
6b8f4d612667a070c2399282cdb5aca327da4e3a70bb3671758f0dac380e3efe
6bdddaab69d5f8dac4ec5ce26ca83039962be1618cf1deb0d6777fd182cae395
6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1
73371376d8952af1a7631f72439bbb8e42fbecb8283959a83dda1ce06a5a8ba8
73e0ab1ded0297d2e168e06b00e2dc924d5443519b83743f74354a6fae4bdbf8
74440cf06b520cd22e90ecf3ae9855e247a77a6aaf9bd8365af78bedeb88eb73
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74ca5dbb3b67ee695f5d7ce026543faf1e3f1a5e244933d01070032a1627ec7c
764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df
78f38392da957f060243f3c7b65e5e8b26dfeb572199a08ddefe4370f9bf2e39
798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903
7a1ac5462b7c0e961906468e369d14f6e0ea4b0488375086769e215d33fc39cb
7b23034edf1bbf42b80ffdea1afd4e50fe3640fc7eaf2651712bebae39a55124
7b444f096bf7f18c6ca3a139e2478f3d70897f7d70998baf2158ea9ad3e7c71e
7e024c71c4826be10da52af72cf5f981fcdf85b49e764658c674d0bdedc324ba
7e44dc6e44e1e7eefeb15a0f0735b5c657f5a117799077460d379c26a628dea3
7e9d6400e5a858108676b34ac562bf223b7ffbe15c5cfa992486203ca17ec5ff
7f6d09718a572ddf37710e3656717527ac3e24083cdf23bce76586d9ff29aa07
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8173a43d8c2abc694b678f38ee1dabab5acd6d456e87a9fad9e66b28dd67d488
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
830cac2a8908afc16e114cd8393040e1cf11977a968af0c0dd052d592868ea16
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8341c09064b5ba9bbf17d2d98e34e43a06302b469d38a66f4e228e6a38ea7a03
844ed6bed8b1ab643b3fe111633c53abc5a96a9dc28368334f513c0cff884eef
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855b336540e9460f01d5d358d35d24748cbd20db695e0d41f6945cdbef07b7e8
856e1fa655a0f69c95931b037b11d2d8634ac79837ff3fc483ebfbaa6ce690b8
859cf6cffa16b1891c8af215fb81a92de69cc75481bde57ebc9827c502d5db73
86965529bea18e7f50351d8e35cffa3a4f4d930b76226f6e8e0211b9b2aadc80
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
893a55c2e7c07712792fcde5c0dd5933fc4ec023bf63f15635d89d07b5077c44
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a577093679d5f34fe9d64d2b8647d0d14edc443c836a3391c43990aabd15eb1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
9180d8914b61c83d1df3b38049eec5a3c31faa7e5a0e45ada585c3e00500bc63
933ccc2479173ac153e5d4d51e2b6a27d8339b478fa89afc9f28a2558bbe113e
949b0b9bf6768359f6f85d4b5c112de352e47a7f476f0f47c1574a1e26f3f8e7
962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7
9655253b7d5a8c206ab1a7f8379d4083ffb375e0455a1c88e578458166738a78
9931197ba16483006740a0041fb1bd36fb02741f3b6ee7588cad8754abae6254
99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386
9a3b0bfa12d811192b83c90de77d01b7cf811dfc4f4bb6764c2f931c59659055
9ec872d58a5c69122782bdc67523a5483d766169686b83bed86a73d36691ae5b
a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a344d4c39d7f2c3be22d25f42778f132f3b154494dc03de8ca404f2d8ecc771c
a4561da777935fa07b41fbb1e3ade995d20c92560e803303f6f7e0d8fec27ff6
a483819b1f4d37775acef9f4220efe3d1abdc3d673fd3e66ed1ff25d1095d0d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a555b48099144f632899715b397711a2efb83bd9279e39cf14bf201408ee96de
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8f221f028cab6d2619c4c624a1be0044cdea534580268ef8e26eced08d61f27
aaa9a417fb29481253415983b89bb002a7314565e1a1234e8051b48adc15362f
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
abbe8b4006e0a71090cb3b2c49e49668bfb4c0cb28d3fd0e66f4f083649cae7b
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
aeedf9763ed3dcd3e02fec462abc6e44600999c7408123fe158190b834aa1b2e
af21d2c66c628b377d0f35571b4983804e1388f6e38c2ed8c65eb2233889e051
afb3a807724f8ffe110901a26ffecd191e852ed9466f506950550eff10ce213f
afe47171747a2bd220313a3b7ef68648cbda2191f3c4767e4e1d2af32495ac09
b11acb5530c22abb01c75e567dda951903805366acbb8205118e63e23c48a02c
b21477b09777a8444a6ec61ee4d70ac815a00625c0cd724d488328040e6e2e06
b3f951924d27c9b4860a43bd5726a513e6cc606bf43809bc6fac4da2e394e2e5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b46c6b15a028032be0ef428550942a5084c3e76e966cf2f8df3ce2f6fdaf17b7
b4e8ce318f935b3a426d31961c37589ee76626ff62b65e6be06764a3ca6862ed
b6d282cc23647db267a1cff61c755a04a2e9f44da633d02afd769c92d2e86854
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b80c553ea97c894037cafeaf9c818eb3975f04b7126d35379fa2e4b252690121
b9f65b633a49a499a034c954707d726a90d5571ec8fc571eb7c5e4e59e9b3108
bc6030c3bb263834c497174f7bbf56f772f6e4c68f98403aec59021bf6e14098
bccdaeff95efbd6865f096373aed67124dbb2546b36310525ecc973f87590907
bd17bcf79f3ec09a5cdac00b3b199ae3a853ac23d0d69d646a16b710510ffd69
bd24c662d59b09dc2750610bca4aa94d397a00dd217f9590ad8fc6c0ac93a389
becd124e0894570d928778df3677413aa7c44cb86e63e4592ccb117d3f2a5b21
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c27f0e1e15464ee2b0061907912c52136996b93a4dd0f242b0d75494e1374703
c281e65a91ee0ee836aff677027641b3f72eac21679771e291d9e42cd794e1dd
c297ee6020627db680d8ebcebd65f1cac37332a1cdb57865ae6adb04aac9379b
c3860a941087d9792921f4ede5472f5fc3e8aeb4aafb328c78e19a10a1e30e63
c58668c37693fc91dc876f7f94512c385d37a16b2ce913cad9d17539d5f91f3f
c75ef674607c29835e4ce97cd7dabff32f1ca04798c1d7b443e77f27ac94d7db
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
c910e625a98b8bddec3ed1c8c88a0396caadfd418c33872286a6e56a8d50ae91
c923828f2515a367ee171e361f88c604ef8291c1a01a0ffbefc40370b89afac5
cd128af4214da3af47b577b5178867896a3fd099acf3644d32bef4e24733e5f7
ce4f517240bd5934346fb0891d1eda77fb7c4f6f3ca14524023f07c595c0c037
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1c46e4ec59dd157a5d6e18adc55c08814a820074720757c34fd3266b8c49237
d249b361a6ae00ae9f7fb9c92123796a721f94653283d830bb78b0ebc3a29329
d2535815833746fe6683a50cac72e5025b099db7b21e6a5b3896e01973c91050
d25d8dfe1e47e153bca5d69a06a0c18ec984e2b70ae043c37c114c674cbb9929
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d2a09ca2002504ba3d599f59279718a75cd3bb14c3fa1299659c1b855e2a7c76
d358e50ebf07a83172682ad2226ca8d9f2ecac1aab0a5b2009dc73b139c8dd2b
d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8
d3ed130473bf81b6bed2f55cf0f19b02119361fae839ab494443c70f2b1b2318
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43
d677217d2dfcfa63faa54310178c8037a021eccded47ba88d34071b620dbc86b
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d8167a9aa3ac0cf221fa0534ce2092e8d1020c467412efdcf61efa7199d6539a
d89fcffc0f013b852144e04aa7a737bb546d07b34e548d8a4921ab04df726082
daca9194d6092b3f68991624fe113944cd46fe7934fae7e6b8d4e89f1b33976a
dc23f0b941f100ab048b7ad426f8f0a3baa64f0214128f35c215eec65d79eb44
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e226b4538fe26361bdef2ceebf7cd5b5eb411d2ab752905fe4fa788043d6748c
e2f603f1c3d380a4e66add278127064b269dcf63c203aea18eb166d3e54113bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0acf28df68e69811737a86c2f287b6fa0fcfd6e8480de208c8de9bb81bd19
e7e696f3b5ef25c97cde87bfbe910d446dc98e85192c814c4c3a540d1ac857ed
e8b3d709b2d9b43a3543702eda0d72c2f429eac72694c895fb87ac2a80abbd86
eb0c0421ff1b9a9fbf727eed3e1b059e781c8e28351c2a156d7534bbcd572c6a
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd82ae470bd59c1535d2a920e8b481a861bcd5a3ed62bf2515a6a50003b8232
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
f2c84cabd8a36cbea2035808805b210e03147ad717c31904b957ad0346dcecfb
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f32f53fed8fcdb278b87841e00df7045b5cbb0e2a5babb6bc74a4a77eb542a7e
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f42d544d48e695c6284a667346fdfe56e921ba4c09704554e6e55f0207f9dccc
f7d79ab400b0c86b3f24b2e097b6a782f70b2a6d93ce8d0c274f94afbab7b86f
f91a7a5baacde1a440359f91663eede5cff90eb02b6dbfc76792d83e5779667b
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
ff1357227ca09ffdb1908cbf8184f8561f0319dd8aa0ad4bccc96bf15b85431e
ff76a1876dc76090734244b2e5f2c695f1fa68a2ec9a0a29b410d3d38da9f576

www.thenewstribune.com Open in urlscan Pro 23.75.234.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

323 Requests

82 %HTTPS

0 %IPv6

57 Domains

92 Subdomains

80 IPs

8 Countries

10764 kBTransfer

20301 kBSize

22 Cookies

39 Outgoing links

Page URL History

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thenewstribune.com Open in urlscan Pro
23.75.234.119 Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

82 %
HTTPS

0 %
IPv6

57
Domains

92
Subdomains

80
IPs

8
Countries

10764 kB
Transfer

20301 kB
Size

22
Cookies

323 HTTP transactions
6 data transactions