www.newsobserver.com Open in urlscan Pro
104.80.197.53 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newsobserver.com/
Submission: On September 13 via manual (September 13th 2023, 2:01:05 am UTC) from US — Scanned from US

Summary HTTP 192 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 58 domains to perform 192 HTTP transactions. The main IP is 104.80.197.53, located in Billerica, United States and belongs to AKAMAI-AS, US. The main domain is www.newsobserver.com. The Cisco Umbrella rank of the primary domain is 139676.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 1st 2023. Valid for: a year.

This is the only time www.newsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	104.80.197.53 104.80.197.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
1	52.217.47.140 52.217.47.140	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	52.13.143.161 52.13.143.161	16509 (AMAZON-02) (AMAZON-02)
4	44.235.130.162 44.235.130.162	16509 (AMAZON-02) (AMAZON-02)
10	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	2600:1901:0:7... 2600:1901:0:7416::1	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
2 15	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.162.3.111 3.162.3.111	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:25c... 2600:9000:25c8:2000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.117.170.208 34.117.170.208	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
4	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.162.3.20 3.162.3.20	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	3.162.3.62 3.162.3.62	16509 (AMAZON-02) (AMAZON-02)
16	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.67.147 23.35.67.147	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2b5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.192.51.111 54.192.51.111	16509 (AMAZON-02) (AMAZON-02)
2	3.162.1.135 3.162.1.135	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.72.216.167 52.72.216.167	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.214.210.206 35.214.210.206	15169 (GOOGLE) (GOOGLE)
1 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	207.198.113.204 207.198.113.204	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	44.196.115.10 44.196.115.10	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.23.241.81 107.23.241.81	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:612... 2600:1f18:612b:4232:333c:fbab:e531:2e93	14618 (AMAZON-AES) (AMAZON-AES)
1 1	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	18.160.46.100 18.160.46.100	16509 (AMAZON-02) (AMAZON-02)
1 1	172.240.155.116 172.240.155.116	7979 (SERVERS-COM) (SERVERS-COM)
2 2	3.214.161.20 3.214.161.20	14618 (AMAZON-AES) (AMAZON-AES)
1 1	143.244.220.80 143.244.220.80	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	142.234.204.77 142.234.204.77	396362 (LEASEWEB-...) (LEASEWEB-USA-NYC)
1 1	69.166.1.67 69.166.1.67	27630 (AS-XFERNET) (AS-XFERNET)
1 1	52.73.197.123 52.73.197.123	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	2600:1901:0:d... 2600:1901:0:d733::1	15169 (GOOGLE) (GOOGLE)
1	141.226.124.48 141.226.124.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	3.217.186.3 3.217.186.3	14618 (AMAZON-AES) (AMAZON-AES)
192	34

48 104.80.197.53 (Billerica, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-197-53.deploy.static.akamaitechnologies.com

www.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sunherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-wires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-partners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.47.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mcclatchy-next-apps-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:161 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.pw.adn.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logging.pw.adn.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.13.143.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-143-161.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.235.130.162 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-130-162.us-west-2.compute.amazonaws.com

profile-api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

flowerstreatment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.64.146.152 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cks.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.3.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-111.yul62.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:2000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.170.208 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.170.117.34.bc.googleusercontent.com

api.t3be3280.pw.adn.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nr-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-20.yul62.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-62.yul62.r.cloudfront.net

tags.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cks.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.67.147 (Billerica, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-67-147.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.51.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-111.yul62.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.1.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-1-135.yul62.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.39.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.216.167 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-216-167.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.182 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.210.206 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 206.210.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.204 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.196.115.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-115-10.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.241.81 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-241-81.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:333c:fbab:e531:2e93 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

connatix-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (Secaucus, United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.155.116 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.161.20 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-161-20.compute-1.amazonaws.com

vop.sundaysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.220.80 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.resetdigital.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.234.204.77 (Edison, United States) 1 redirects

ASN396362 (LEASEWEB-USA-NYC, US)

xsync.iqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.67 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.197.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-197-123.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

scissorsstatement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.186.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-186-3.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	newsobserver.com www.newsobserver.com — Cisco Umbrella Rank: 139676	2 MB
31	connatix.com 2 redirects cd.connatix.com — Cisco Umbrella Rank: 3513 cds.connatix.com — Cisco Umbrella Rank: 3779 img.connatix.com — Cisco Umbrella Rank: 4399 capi.connatix.com — Cisco Umbrella Rank: 1758 ins.connatix.com Failed vid.connatix.com Failed lit.connatix.com Failed assets.connatix.com — Cisco Umbrella Rank: 9265 cks.connatix.com — Cisco Umbrella Rank: 7066 pl.connatix.com Failed	495 KB
22	amplitude.com api2.amplitude.com — Cisco Umbrella Rank: 1204 profile-api.amplitude.com — Cisco Umbrella Rank: 53154 api.lab.amplitude.com — Cisco Umbrella Rank: 3304	4 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1069 c2.taboola.com — Cisco Umbrella Rank: 8331 nr-events.taboola.com — Cisco Umbrella Rank: 10357 hp.taboola.com — Cisco Umbrella Rank: 26772 trc-events.taboola.com — Cisco Umbrella Rank: 2183	319 KB
4	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 971 tags.crwdcntrl.net — Cisco Umbrella Rank: 946 bcp.crwdcntrl.net — Cisco Umbrella Rank: 963	13 KB
4	adn.cloud tags.pw.adn.cloud — Cisco Umbrella Rank: 37990 api.t3be3280.pw.adn.cloud — Cisco Umbrella Rank: 40001 logging.pw.adn.cloud — Cisco Umbrella Rank: 40070	40 KB
4	mcclatchy.com media.mcclatchy.com — Cisco Umbrella Rank: 62344	9 KB
3	gstatic.com fonts.gstatic.com	71 KB
2	scissorsstatement.com scissorsstatement.com — Cisco Umbrella Rank: 64653	866 B
2	sundaysky.com 2 redirects vop.sundaysky.com — Cisco Umbrella Rank: 2957	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 522	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 873	1 KB
2	rlcdn.com 1 redirects id.rlcdn.com — Cisco Umbrella Rank: 929	783 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 519	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 433	825 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 406	913 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 628	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1438	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 337	64 KB
2	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 12264 www.i.matheranalytics.com Failed	43 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 11063	137 KB
2	heraldsun.com www.heraldsun.com — Cisco Umbrella Rank: 331407	5 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450	288 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1100	522 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1109	682 B
1	iqzone.com 1 redirects xsync.iqzone.com — Cisco Umbrella Rank: 6365	511 B
1	resetdigital.co 1 redirects sync.resetdigital.co — Cisco Umbrella Rank: 2807	418 B
1	colossusssp.com 1 redirects sync.colossusssp.com — Cisco Umbrella Rank: 1732	697 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 582	568 B
1	tremorhub.com 1 redirects connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 11445	426 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 753	532 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1104	279 B
1	ctnsnet.com 1 redirects i.ctnsnet.com — Cisco Umbrella Rank: 5875	452 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 620	859 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1045	459 B
1	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3580	2 KB
1	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1463	34 KB
1	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	29 KB
1	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2394	1 KB
1	ml314.com vi.ml314.com — Cisco Umbrella Rank: 8528	388 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 4020	163 KB
1	fullcontact.com tags.fullcontact.com — Cisco Umbrella Rank: 39819	12 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 177	2 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4507	6 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 635	482 B
1	mcclatchy-partners.com www.mcclatchy-partners.com — Cisco Umbrella Rank: 185557	876 KB
1	mcclatchy-wires.com www.mcclatchy-wires.com — Cisco Umbrella Rank: 127165	29 KB
1	sunherald.com www.sunherald.com — Cisco Umbrella Rank: 326375	24 KB
1	flowerstreatment.com flowerstreatment.com — Cisco Umbrella Rank: 65274	24 KB
1	amazonaws.com mcclatchy-next-apps-prod.s3.amazonaws.com — Cisco Umbrella Rank: 68730	665 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 imasdk.googleapis.com Failed	1 KB
0	intentiq.com Failed sync.intentiq.com Failed
0	media.net Failed cs.media.net Failed
0	openx.net Failed us-u.openx.net Failed
0	yellowblue.io Failed cs-server-s2s.yellowblue.io Failed
0	pubmatic.com Failed ads.pubmatic.com Failed
0	33across.com Failed ssc-cms.33across.com Failed
0	rubiconproject.com Failed secure-assets.rubiconproject.com Failed
192	58

	Domain	Requested by
39	www.newsobserver.com	www.newsobserver.com
18	cks.connatix.com	blank
10	api.lab.amplitude.com	www.newsobserver.com
8	api2.amplitude.com	www.newsobserver.com
6	capi.connatix.com	1 redirects www.newsobserver.com cd.connatix.com blank
4	profile-api.amplitude.com	www.newsobserver.com
4	media.mcclatchy.com	www.newsobserver.com
3	cdn.taboola.com	www.newsobserver.com cdn.taboola.com
3	cds.connatix.com	www.newsobserver.com cd.connatix.com
3	fonts.gstatic.com	fonts.googleapis.com
2	scissorsstatement.com	flowerstreatment.com
2	vop.sundaysky.com	2 redirects
2	pixel.tapad.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	id.rlcdn.com	1 redirects blank
2	secure.adnxs.com	2 redirects
2	eb2.3lift.com	2 redirects
2	match.adsrvr.org	2 redirects
2	match.prod.bidr.io	2 redirects
2	ssum.casalemedia.com	2 redirects
2	assets.connatix.com	www.newsobserver.com
2	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
2	nr-events.taboola.com	c2.taboola.com www.newsobserver.com
2	js.matheranalytics.com	1 redirects www.newsobserver.com
2	api.t3be3280.pw.adn.cloud	tags.pw.adn.cloud
2	htlbid.com	www.newsobserver.com
2	www.heraldsun.com	www.newsobserver.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	trc-events.taboola.com	blank
1	hp.taboola.com	cdn.taboola.com
1	gum.criteo.com	cdn.taboola.com
1	sync.ipredictive.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	xsync.iqzone.com	1 redirects
1	sync.resetdigital.co	1 redirects
1	sync.colossusssp.com	1 redirects
1	tags.crwdcntrl.net	cd.connatix.com
1	ads.stickyadstv.com	1 redirects
1	connatix-supply-partners.tremorhub.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	csync.loopme.me	1 redirects
1	i.ctnsnet.com	1 redirects
1	bh.contextweb.com	1 redirects
1	ad.turn.com	1 redirects
1	launchpad-wrapper.privacymanager.io	htlbid.com
1	cdn.confiant-integrations.net	htlbid.com
1	securepubads.g.doubleclick.net	htlbid.com
1	assets.bounceexchange.com	tag.wknd.ai
1	vi.ml314.com	www.newsobserver.com
1	s.ntv.io	www.newsobserver.com
1	logging.pw.adn.cloud	tags.pw.adn.cloud
1	tags.fullcontact.com	www.newsobserver.com
1	sb.scorecardresearch.com	www.newsobserver.com
1	tag.wknd.ai	www.newsobserver.com
1	c2.taboola.com	www.newsobserver.com
1	static.adsafeprotected.com	www.newsobserver.com
1	img.connatix.com	www.newsobserver.com
1	www.mcclatchy-partners.com	www.newsobserver.com
1	www.mcclatchy-wires.com	www.newsobserver.com
1	www.sunherald.com	www.newsobserver.com
1	cd.connatix.com	1 redirects
1	flowerstreatment.com	www.newsobserver.com
1	tags.pw.adn.cloud	www.newsobserver.com
1	mcclatchy-next-apps-prod.s3.amazonaws.com	www.newsobserver.com
1	fonts.googleapis.com	www.newsobserver.com
0	pl.connatix.com Failed	cd.connatix.com
0	www.i.matheranalytics.com Failed	www.newsobserver.com
0	sync.intentiq.com Failed	www.newsobserver.com
0	cs.media.net Failed	www.newsobserver.com
0	us-u.openx.net Failed	www.newsobserver.com
0	cs-server-s2s.yellowblue.io Failed	cd.connatix.com
0	ads.pubmatic.com Failed	cd.connatix.com
0	ssc-cms.33across.com Failed	cd.connatix.com
0	secure-assets.rubiconproject.com Failed	cd.connatix.com
0	imasdk.googleapis.com Failed	cd.connatix.com
0	lit.connatix.com Failed	cd.connatix.com
0	vid.connatix.com Failed	cd.connatix.com
0	ins.connatix.com Failed	cd.connatix.com
192	79

This site contains no links.

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
adn.cloud Cloudflare Inc ECC CA-3	`2023-04-30` - `2024-04-29`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-25` - `2024-03-28`	a year	crt.sh
flowerstreatment.com R3	`2023-09-05` - `2023-12-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
connatix.com GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-02-21` - `2023-11-19`	9 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
api.t3be3280.pw.adn.cloud GTS CA 1D4	`2023-09-05` - `2023-12-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
tag.wknd.ai R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.fullcontact.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-19`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
vi.ml314.com GTS CA 1D4	`2023-08-09` - `2023-11-07`	3 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-07-24` - `2023-10-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
scissorsstatement.com R3	`2023-09-02` - `2023-12-01`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.newsobserver.com/
Frame ID: 3DA1E4A6A33C1A62122BE344DFABB178
Requests: 138 HTTP requests in this frame

Frame: https://cds.connatix.com/p/335382/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Frame ID: 032E50C309F2E21A3EAB08B86ABE1C47
Requests: 32 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/a35edda2-a77d-4be4-a643-6677e438824e
Frame ID: BB429A5E492AF948F65C63FFD7AB0157
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/aec668c6-a528-4eb3-aecd-f1511e2a9138
Frame ID: 3FF8FAE76AF607AC04CA22AC3D579907
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/a77748c2-bd1c-480e-afdb-c0d2f4e32ea7
Frame ID: EB43C0003468825EB46FB3AF84F414B6
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/06f0d484-2c4f-4b11-8537-0754af7f7b06
Frame ID: 4F336FE40982E8673A55343A0140E156
Requests: 2 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: 26AC908686FDB0766E2DD975A7A60359
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfbd6601a93824dc38f29106f5272d964%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
Frame ID: F1A51FE7F99A1545BA58080ABC238F24
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Frame ID: 235448270FFEA7EFAE3110E052BBE407
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

192
Requests

60 %
HTTPS

20 %
IPv6

58
Domains

79
Subdomains

34
IPs

3
Countries

4498 kB
Transfer

10168 kB
Size

45
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a HTTP 302
https://cds.connatix.com/p/335382/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a

Request Chain 98

https://js.matheranalytics.com/s/ma12095/74930332/all/ml.js?cb=1634 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js

Request Chain 100

https://capi.connatix.com/core/sync?v=335382 HTTP 302
https://capi.connatix.com/core/sync?v=335382&tier=1&final=true&ImplementationType=0

Request Chain 147

https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dIndex%26api-tier%3d1%26uid%3d&gdpr=0 HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3Dfbd6601a93824dc38f29106f5272d964%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0&s=190549&C=1 HTTP 302
https://cks.connatix.com/cks?pid=17&ev=fbd6601a93824dc38f29106f5272d964&pname=Index&api-tier=1&uid=ZQEXxV.JcBacAlt0Lo9g1QAA%265583

Request Chain 148

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid}&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Dfbd6601a93824dc38f29106f5272d964%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1 HTTP 303
https://cks.connatix.com/cks?pid=15&ev=fbd6601a93824dc38f29106f5272d964&pname=Beeswax&api-tier=1&uid=AACJbE7KAjAAACTRlgZClw&gdpr=0

Request Chain 149

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=19&uid=60981cbc-e2d5-4f7e-a360-eec1f7138930&ttl=1697162437

Request Chain 150

https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dAmobee%26api-tier%3d1%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=21&ev=fbd6601a93824dc38f29106f5272d964&pname=Amobee&api-tier=1&uid=8019409592230281175

Request Chain 151

https://eb2.3lift.com/getuid?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d25%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dTripleLift%26api-tier%3d1%26uid%3d%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3Dfbd6601a93824dc38f29106f5272d964%26pname%3DTripleLift%26api-tier%3D1%26uid%3D%24UID HTTP 302
https://cks.connatix.com/cks?pid=25&ev=fbd6601a93824dc38f29106f5272d964&pname=TripleLift&api-tier=1&uid=4004742018095862659349

Request Chain 152

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253dfbd6601a93824dc38f29106f5272d964%2526pname%253dAppNexus%2526api-tier%253d1%2526uid%253d%2524UID%26gdpr%3D0 HTTP 302
https://cks.connatix.com/cks?pid=6&ev=fbd6601a93824dc38f29106f5272d964&pname=AppNexus&api-tier=1&uid=8858985392543405863&gdpr=0

Request Chain 156

https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d13%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dPulsePoint%26api-tier%3d1%26uid%3d%25%25VGUID%25%25&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=13&ev=fbd6601a93824dc38f29106f5272d964&pname=PulsePoint&api-tier=1&uid=ypaOTlT65v6a

Request Chain 157

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dCrimtan%26api-tier%3d1%26uid%3d%5Buser_id%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=28&ev=fbd6601a93824dc38f29106f5272d964&pname=Crimtan&api-tier=1&uid=5439903d593e4dcfa721847a511b0979

Request Chain 158

https://csync.loopme.me/?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d18%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dLoopMe%26api-tier%3d1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
https://cks.connatix.com/cks?pid=18&ev=fbd6601a93824dc38f29106f5272d964&pname=LoopMe&api-tier=1&uid=47012459-485c-4809-997b-e8eeea09bb96&pubid=11186&gdpr=0

Request Chain 159

https://id.rlcdn.com/712202.gif?cparams=fbd6601a93824dc38f29106f5272d964&gdpr=0 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCMWvhKgGEgUI6AcQAEIASiBmYmQ2NjAxYTkzODI0ZGMzOGYyOTEwNmY1MjcyZDk2NA

Request Chain 160

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId}&gdpr=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId}&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253Dfbd6601a93824dc38f29106f5272d964%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553%2526gdpr%253D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253Dfbd6601a93824dc38f29106f5272d964%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553%2526gdpr%253D0&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Dfbd6601a93824dc38f29106f5272d964%26pname%3DCentro%26api-tier%3D1%26uid%3D0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553%26gdpr%3D0 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Dfbd6601a93824dc38f29106f5272d964%26pname%3DCentro%26api-tier%3D1%26uid%3D0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553%26gdpr%3D0 HTTP 302
https://cks.connatix.com/cks?pid=9&ev=fbd6601a93824dc38f29106f5272d964&pname=Centro&api-tier=1&uid=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&gdpr=0

Request Chain 161

https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d39%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dYieldMo%26api-tier%3d1%26uid%3D%24UID&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=39&ev=fbd6601a93824dc38f29106f5272d964&pname=YieldMo&api-tier=1&uid=3RZJdzzTTJz6v3p7Oaod&gdpr=0

Request Chain 162

https://connatix-supply-partners.tremorhub.com/sync?UISCX=fbd6601a93824dc38f29106f5272d964&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dTelaria%26api-tier%3d1%26uid%3d%5bTVUSER_ID%5d&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=5&ev=fbd6601a93824dc38f29106f5272d964&pname=Telaria&api-tier=1&uid=072b6fd453e74730aa3331dfb26096a6

Request Chain 163

https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=454c9f1e29ba1fd40c75385a9c1a2d7&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0

Request Chain 166

https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=fbd6601a93824dc38f29106f5272d964&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d34%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dColossus%26api-tier%3d1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=34&ev=fbd6601a93824dc38f29106f5272d964&pname=Colossus&api-tier=1&uid=dfa7fe22-184a-4102-b8e1-bbf809753209

Request Chain 167

https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0 HTTP 302
https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0&_cvt=t HTTP 302
https://cks.connatix.com/cks?pid=1&ev=fbd6601a93824dc38f29106f5272d964&pname=SundaySky&api-tier=1&uid=d6.33127b8ae5bc46c4bbee3493ecb262f1

Request Chain 168

https://sync.resetdigital.co/csync?pid=connatix&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d35%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dResetDigital%26api-tier%3d1%26uid%3D%24USER_ID&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=35&ev=fbd6601a93824dc38f29106f5272d964&pname=ResetDigital&api-tier=1&uid=0000010FCC86E433

Request Chain 169

https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d42%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dIqZone%26api-tier%3d1%26uid%3D%25USER_ID%25&gdpr=0 HTTP 307
https://cks.connatix.com/cks?pid=42&ev=fbd6601a93824dc38f29106f5272d964&pname=IqZone&api-tier=1&uid=c59a9a66-ee5a-43d5-9e15-a7efccc4e47e

Request Chain 170

https://sync.go.sonobi.com/us?loc=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d43%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dSonobi%26api-tier%3d1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=43&ev=fbd6601a93824dc38f29106f5272d964&pname=Sonobi&api-tier=1&uid=89aa8fc7-00cf-424e-addd-3ed2f784dbdb

Request Chain 171

https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d29%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dAdelphic%26api-tier%3d1%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=29&ev=fbd6601a93824dc38f29106f5272d964&pname=Adelphic&api-tier=1&uid=f18be08b-110d-4f6a-9122-05c3fe603696

192 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.newsobserver.com/ 209 KB
23 KB 573ms
294ms Document
text/html 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f0d3f50da2244d1978df8ba2409c74843d82ea00c3fef77797a0e38bd106b099

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 22262
content-type: text/html;charset=utf-8
date: Wed, 13 Sep 2023 02:00:35 GMT
etag: W/"341bd-5iSc9412mjmTVJikjAdeAM9NNhM"
expires: Wed, 13 Sep 2023 02:00:35 GMT
last-modified: Wed, 13 Sep 2023 02:00:09 GMT
mi-api: WPS
mi-cache: HIT
mi-cache-age: 25
pragma: no-cache
server: MI
server-timing: ak_p; desc="1694570435024_398720014_131755827_21279_10509_66_139_255";dur=1
surrogate-control: varnish=ESI/2.1
vary: Accept-Encoding
x-akamai-transformed: 9 22065 0 pmb=mTOE,4
x-mi-in-market: 1
x-proxy-forwarding-type: BlackList
x-varnish: 10881820, 626035182 590221197

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 178ms
65ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6282e4725d4ddff0bf3a61e2333e3652cde8272d7c25d3e9a419f3196071d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 01:43:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 02:00:35 GMT

GET
H2 200 mi-styles.97859630064280ce2a1e.css
www.newsobserver.com/wps/build/webpack/css/ 217 KB
46 KB 146ms
145ms Stylesheet
text/css 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.97859630064280ce2a1e.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fa6c4c3cb178ef6b0773fb16810e64f29702b761079265c977f2f79afd4fb9d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 8930
server-timing: ak_p; desc="1694570435493_398720014_131756246_28_8525_67_0_255";dur=1
content-length: 46767
last-modified: Wed, 30 Aug 2023 14:28:52 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"3652e-18a46d8dca0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 729875940, 34212416 1057292911
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=521574
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 newsobservercore.js Show response
www.newsobserver.com/lzoiyns-bo/ 318 KB
87 KB 208ms
206ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4d3c5fbcaa6c398ac7d6426cf7fd48bfa3ed6cce13e7910bbed354e3b9d4f5ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 245
server-timing: ak_p; desc="1694570435494_398720014_131756247_797_7828_67_0_219";dur=1
content-length: 88988
last-modified: Tue, 12 Sep 2023 11:02:12 GMT
server: MI
etag: W/"4f65b-605275ff4b500"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 820027724, 199918687 193987122
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=183
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 vendor.bundle-e8bf89b42a8198ff411c.js Show response
www.newsobserver.com/wps/build/webpack/ 99 KB
34 KB 107ms
106ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-e8bf89b42a8198ff411c.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 431988
server-timing: ak_p; desc="1694570435494_398720014_131756248_164_7089_67_0_219";dur=1
content-length: 34371
last-modified: Wed, 30 Aug 2023 14:28:43 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"18ca4-18a46d8b978"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 704870207, 355467834 473923603
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=349420
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-325cb502abf5181a4183.js Show response
www.newsobserver.com/wps/build/webpack/ 8 KB
3 KB 254ms
253ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-header.bundle-325cb502abf5181a4183.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2713c7f23a5c9ecc5665c7d755c559d9be4104bf57fb273c1019511ddedd3588

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 494056
server-timing: ak_p; desc="1694570435502_398720014_131756249_896_8641_67_0_219";dur=1
content-length: 2841
last-modified: Wed, 30 Aug 2023 14:28:43 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2147-18a46d8b978"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 704698789, 165839772 927171976
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=334658
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1 200
OK style.css
mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/ 272 B
665 B 191ms
75ms Stylesheet
text/css 52.217.47.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/style.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 02:00:36 GMT
Last-Modified: Wed, 10 May 2023 23:40:01 GMT
Server: AmazonS3
x-amz-request-id: QQ4MRW0STGZJFNSM
ETag: "2d39810a5e64f8448f15544f86081077"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 272
x-amz-id-2: qymF4ne++T8THsZVaAWzqlBhzaES9AFCCr9NGyC7lJPXb59on02AXjd7iFDEmGcotQbF0zhxKmg=

GET
H2 200 225727d3 Show response
www.newsobserver.com/akam/13/ 26 KB
10 KB 70ms
70ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/13/225727d3
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 578165ad54a40d4e65c3999a57d742be878f7379510eee029bf675b3bc12c58c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
server-timing: ak_p; desc="1694570435743_398720014_131756544_52_4493_64_0_146";dur=1
content-length: 8785
pragma: no-cache
last-modified: Wed, 09 Feb 2022 15:08:19 GMT
etag: "ccf1f77af75ad6be284dbe34314787aa686985762c4268e3edc24d55e75990f9"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Wed, 13 Sep 2023 02:00:35 GMT

GET
H2 200 logo.svg
www.newsobserver.com/wps/build/images/newsobserver/ 4 KB
3 KB 77ms
77ms Image
image/svg+xml 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/build/images/newsobserver/logo.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3081cd5942a29f59f16b662f9487cdb95dc4473722804097a0d697bd72fb1693

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 499586
server-timing: ak_p; desc="1694570435849_398720014_131756699_24_9659_69_0_146";dur=1
content-length: 1605
last-modified: Wed, 30 Aug 2023 14:28:43 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"10fe-18a46d8b978"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 900377262, 375358669 130155040
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=435098
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 favicon-96.png
www.newsobserver.com/wps/build/images/newsobserver/ 2 KB
3 KB 75ms
75ms Image
image/png 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/build/images/newsobserver/favicon-96.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b3fade7f40077dbf91f4dafb3cb005a98b14eb081e557321e7a567cb794b35c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 335330
server-timing: ak_p; desc="1694570435887_398720014_131756790_51_8239_66_0_146";dur=1
content-length: 2093
last-modified: Wed, 30 Aug 2023 14:28:43 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"82d-18a46d8b978"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 892258533, 326173248 393314440
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=243805
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 logo-tab.svg
www.heraldsun.com/wps/build/images/heraldsun/ 7 KB
4 KB 125ms
87ms Image
image/svg+xml 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/wps/build/images/heraldsun/logo-tab.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 93644
server-timing: ak_p; desc="1694570436008_398720014_131756941_229_9178_66_0_146";dur=1
content-length: 3240
last-modified: Wed, 30 Aug 2023 14:28:43 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"1c45-18a46d8b978"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 690300606, 128942451 573473869
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=435123
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 square-icon.svg
www.heraldsun.com/wps/build/images/heraldsun/ 2 KB
2 KB 115ms
87ms Image
image/svg+xml 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/wps/build/images/heraldsun/square-icon.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 583365753b0cc7d65fa510a1d9bbe90bb50647ad28a11e45891f1e6d793dbcc0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 346381
server-timing: ak_p; desc="1694570436007_398720014_131756942_64_10749_66_0_146";dur=1
content-length: 1072
last-modified: Wed, 30 Aug 2023 14:28:43 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"868-18a46d8b978"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 714252777, 692651896 166299705
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=243050
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 detour_big.svg
media.mcclatchy.com/static/images/logos/ 2 KB
2 KB 205ms
194ms Image
image/svg+xml 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.mcclatchy.com/static/images/logos/detour_big.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f9c549fc57357c93bbf758349c395e5df9068e1f626abd391db497063caf29ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
last-modified: Thu, 27 Apr 2023 16:53:03 GMT
server: Apache
etag: "6f3-5fa543098e5bb"
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1779

GET
H2 200 detour_small.svg
media.mcclatchy.com/static/images/logos/ 1 KB
2 KB 210ms
198ms Image
image/svg+xml 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.mcclatchy.com/static/images/logos/detour_small.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 152783f220baee042f0774a97e7c317c0faefc2f80e9fda83341bca78a689c0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
last-modified: Thu, 27 Apr 2023 16:52:56 GMT
server: Apache
etag: "5ca-5fa5430320fb4"
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1482

GET
H2 200 badge-rb.svg
media.mcclatchy.com/static/images/logos/ 4 KB
4 KB 216ms
205ms Image
image/svg+xml 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.mcclatchy.com/static/images/logos/badge-rb.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 02e1948e54c1b23b0d5e5a5ed4cdac9a923a50af0d6f0cc459201ec903ca76c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
last-modified: Fri, 27 Jan 2023 19:41:07 GMT
server: Apache
etag: "ff3-5f3440bf65e58"
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4083

GET
H2 200 icon-rb.svg
media.mcclatchy.com/static/images/logos/ 1012 B
1 KB 374ms
363ms Image
image/svg+xml 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.mcclatchy.com/static/images/logos/icon-rb.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ad027b5063a7e692442a0ac1728160f7e6f8a2723e844235ed73527a9efbf2b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
last-modified: Fri, 27 Jan 2023 19:41:07 GMT
server: Apache
etag: "3f4-5f3440bf73b5c"
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1012

GET
H2 200 mastheadPage.bundle-d623a76df8c9cdb24801.js Show response
www.newsobserver.com/wps/build/webpack/ 91 KB
32 KB 72ms
72ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mastheadPage.bundle-d623a76df8c9cdb24801.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d31896a4f28704aadce2969b1ed5aa2c81312561d9ca525249a6f48c1c15d3d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 328952
server-timing: ak_p; desc="1694570435730_398720014_131756526_22_6477_64_0_182";dur=1
content-length: 32697
last-modified: Wed, 30 Aug 2023 14:28:47 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"16d10-18a46d8c918"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 877291665, 381191303 152079946
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=149225
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 featured-carousel.js Show response
www.newsobserver.com/static/hi/cards/featured-carousel/ 13 KB
5 KB 256ms
255ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/hi/cards/featured-carousel/featured-carousel.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 807488431c413217a2a20b15368114b92c6f615287478aa275a7856fd9375738

Request headers

Referer: https://www.newsobserver.com/
Origin: https://www.newsobserver.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 172
server-timing: ak_p; desc="1694570435494_398720014_131756250_6264_7031_67_0_219";dur=1
content-length: 4375
last-modified: Thu, 10 Aug 2023 21:52:52 GMT
server: MI
etag: "33c2-602989e309320"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 574390491, 332562874 345342402
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=294
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoLoader.bundle-b908a496ae00b3b2fb2a.js Show response
www.newsobserver.com/wps/build/webpack/ 221 KB
72 KB 79ms
78ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videoLoader.bundle-b908a496ae00b3b2fb2a.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4d498cdf5bd9f4e2d15966f91956778e7527b3cb94cd83c2d20a5bb14575da55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 290875
server-timing: ak_p; desc="1694570435986_398720014_131756905_38_8826_66_0_146";dur=1
content-length: 73611
last-modified: Wed, 30 Aug 2023 14:29:17 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"37499-18a46d93e48"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 903420027, 404947577 360710220
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=211824
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK e3652424-f6b8-48a7-8cc1-3126208d7ea4 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/e3652424-f6b8-48a7-8cc1-3126208d7ea4
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89d1218352ea0e27b725a0d4fa061b6cba84e2fe10757a61104b89a13742b60b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 vendorBundle.f4a78a4cca8f2d4456b5.js Show response
www.newsobserver.com/lzoiyns-bo/ 87 KB
31 KB 74ms
73ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/vendorBundle.f4a78a4cca8f2d4456b5.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 391c4569b3bb16802eb27c378b48b0aa7c96d0c0b97bb5eded74bc363a9efcb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 4002
server-timing: ak_p; desc="1694570435803_398720014_131756634_22_7536_65_0_219";dur=1
content-length: 31170
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"15bf5-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 158270590, 923599195 890700153
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555348
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 084b5d64-679b-4a80-8617-905952f0509a Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/084b5d64-679b-4a80-8617-905952f0509a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 807612c861cfc9bd98a10f3305db056fd5f374c8b466022f759cd967d512b7df

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK dc98995c-d029-4a6b-8bdb-fb8432249135 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/dc98995c-d029-4a6b-8bdb-fb8432249135
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b53260bfc61c1ac5995b99b4995942d011f173577a62a07bc129b9ecc8ac2abd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 4de471e2-21d4-407a-bf5c-943af621dc89 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/4de471e2-21d4-407a-bf5c-943af621dc89
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7e95916b45c93d4783bd2cc8a0df301eaf29eccb5ef12ef516c2406907753ed

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 danelei.c4b37a2ce1596ac9a84b.js Show response
www.newsobserver.com/lzoiyns-bo/ 10 KB
3 KB 104ms
103ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/danelei.c4b37a2ce1596ac9a84b.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/e3652424-f6b8-48a7-8cc1-3126208d7ea4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 92b6f1add6ceef144d78255116b3d21755b15c5b8df9ac90d6e77049d4007d07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 4003
server-timing: ak_p; desc="1694570435992_398720014_131756906_616_8265_66_0_146";dur=1
content-length: 2956
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"2915-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1048379663, 336036516 264702567
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555375
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 netdale.e3c7045892eb496c7272.js Show response
www.newsobserver.com/lzoiyns-bo/ 96 KB
28 KB 79ms
78ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/netdale.e3c7045892eb496c7272.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/084b5d64-679b-4a80-8617-905952f0509a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d8a6cbd650026eebdf5bf37b431c2dae247b1c4fe585df49d7e5905de4925690

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 4003
server-timing: ak_p; desc="1694570435986_398720014_131756907_40_8801_66_0_146";dur=1
content-length: 28556
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"1819e-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 316211563, 1067189054 1023902843
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555550
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 activation.js Show response
tags.pw.adn.cloud/2NYPOH/ 144 KB
39 KB 475ms
49ms Script
text/javascript 2606:4700::6812:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.pw.adn.cloud/2NYPOH/activation.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/dc98995c-d029-4a6b-8bdb-fb8432249135
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 464933a549044b1d2671d61197b0658b68a527854533d8b7d1f3e439f63873dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
via: 1.1 24b9ed9aa2f44f71ea012f05fe255326.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: MIA3-C5
age: 9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 09 Aug 2023 16:00:24 GMT
server: cloudflare
etag: W/"48af3b4b34848926b3aca7a61ead030d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, s-maxage=30, max-age=300
cf-ray: 805ccc2b7d5725a6-MIA
x-amz-cf-id: 9Fk2b_D9MGgqs8NM-kzwfNY29PCMa19kjjEO_oHikQ5hqhDsgvOTWg==

GET
H2 200 nextCustom.ecee64f10a6354a11b7e.js Show response
www.newsobserver.com/lzoiyns-bo/ 11 KB
5 KB 80ms
79ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/nextCustom.ecee64f10a6354a11b7e.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/4de471e2-21d4-407a-bf5c-943af621dc89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 01e3731629ec636a71800fe6c79dbc3d6c73dd915752c7178d38282d57caf6bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3969
server-timing: ak_p; desc="1694570435986_398720014_131756908_39_8784_66_0_146";dur=1
content-length: 4463
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"2d54-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 170886769 108696541
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555350
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
286 B 115ms
114ms Fetch
application/json 52.13.143.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.143.161 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-143-161.us-west-2.compute.amazonaws.com

Software

Resource Hash

a916106a50a7f57a2900d7fb70be1ef27cfdab2ed019d10d576ab0157a47e70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.newsobserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 13 Sep 2023 02:00:36 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-650117c4-6042c32a53eff6c459f21a3f
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 664ms
110ms Preflight 52.13.143.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.143.161 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-143-161.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 13 Sep 2023 02:00:36 GMT
strict-transport-security: max-age=15768000

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 663ms
111ms Preflight 44.235.130.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=26afd5d7-154a-4d29-983b-a3fd658bd9c2&user_id=&comp_id=apflrqef

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.235.130.162 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-130-162.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 1800
date: Wed, 13 Sep 2023 02:00:36 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-650117c4-44c7658f714048b342cd14a7
x-content-type-options: nosniff

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 172ms
111ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 1800
cache-control: no-store
date: Wed, 13 Sep 2023 02:00:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-650117c3-039cfb78774f38d0638af13c
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570436.899254,VS0,VE80

GET
H2 400 userprofile Show response
profile-api.amplitude.com/v1/ 331 B
598 B 3615ms
3615ms Fetch
application/json 44.235.130.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=26afd5d7-154a-4d29-983b-a3fd658bd9c2&user_id=&comp_id=apflrqef

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.235.130.162 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-130-162.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

681da56537fac9e5ea52bda5de83450abfae3c82b9d9d018ce94fb01a0b7b715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
accept-language: en-US,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:40 GMT
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-650117c4-5a4ac0b155fd9e8c21119c88
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
content-length: 331

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 350 B
409 B 144ms
144ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

528f2cb5b7c7429c34ca49f413aa9721b204a5e0cffe64018236da1e356b361c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
X-Amp-Exp-Flag-Keys: WyJzb3BoaS1ncm91cCJd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjQiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTYiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IiIsImRldmljZV9pZCI6IjI2YWZkNWQ3LTE1NGEtNGQyOS05ODNiLWEzZmQ2NThiZDljMiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiTkFPIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3Lm5ld3NvYnNlcnZlci5jb20vIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzA0MSIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3Lm5ld3NvYnNlcnZlci5jb20vIiwiaGFzX2ZvY3VzIjoieWVzIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJOZXdzIGFuZCBPYnNlcnZlciIsInJlZmVycmluZ19ob3N0Ijoibm9fcmVmZXJyZXIiLCJzZGtfaW5pdF9zdGF0dXMiOiJzdG9yYWdlIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3Lm5ld3NvYnNlcnZlci5jb20iLCJ0YXhvbm9teSI6Il9Ib21lUGFnZXx8fHwiLCJ1cmwiOiJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tLyIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xODcgU2FmYXJpLzUzNy4zNiIsImZsYWdfa2V5Ijoic29waGktZ3JvdXAiLCJkYXRlIjoiMjAyMy0wOS0xMiJ9fQ

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 250
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570436.009903,VS0,VE115
x-amzn-trace-id: Root=1-650117c4-538bfe9a7b9fdc9c21065fd9
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 modal-v3.0.2.js Show response
www.newsobserver.com/lzoiyns-bo/js/ 7 KB
3 KB 77ms
77ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/js/modal-v3.0.2.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:35 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 334305
server-timing: ak_p; desc="1694570435897_398720014_131756796_65_8168_66_0_219";dur=1
content-length: 2103
last-modified: Thu, 07 Sep 2023 21:08:27 GMT
server: MI
etag: W/"1b3d-604cb42de48c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 476810257, 298682939 197886219
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=244062
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk Show response
flowerstreatment.com/ 67 KB
24 KB 475ms
49ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3f8ca4221d2df6bc8bbd875eab4309bd6c9bfcbd6e7ebac137bdc5c025b949ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Wed, 13 Sep 2023 02:00:36 GMT
x-datacenter: gce-us-east1
etag: "466f9de9234c8f45708cfca797d9d90d08ae6f3ba1827ddef992eeb6b01c3a49"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-us-east1-spot-s9bs
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 998028631
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 wxicons-blk-7.svg
www.newsobserver.com/wps/source/images/widgets/weather/wxicons-blk/ 956 B
979 B 110ms
109ms Image
image/svg+xml 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/source/images/widgets/weather/wxicons-blk/wxicons-blk-7.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4bebeadc347808ade083c9eece87f0da0b0702d4aaf189a99de64e155578d18f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 362239
server-timing: ak_p; desc="1694570436054_398720014_131756992_36_8424_65_0_219";dur=1
content-length: 504
last-modified: Wed, 30 Aug 2023 14:12:47 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"3bc-18a46ca2318"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 895392194, 708117858 947454447
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=89221
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v30/ 14 KB
14 KB 442ms
55ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v30/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 16:15:05 GMT
x-content-type-options: nosniff
age: 380731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14100
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:02:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 16:15:05 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v22/ 42 KB
42 KB 452ms
68ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v22/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fba21cadf406469bf9bf6a18ed755edbd245f48efaaeb8a19ff6dff655aefdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:56:34 GMT
x-content-type-options: nosniff
age: 381842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43380
x-xss-protection: 0
last-modified: Tue, 30 May 2023 21:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 15:56:34 GMT

GET
H2

200

connatix.player.js Show response
cds.connatix.com/p/335382/ Frame 032E
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
https://cds.connatix.com/p/335382/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a

1 MB
295 KB

65ms
58ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/335382/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7be49e3690cfa2a261991f1823f3dcbe0d2183cad3bc5027d20c6f51110b4469

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-amz-version-id: R5E.ZG.GJTh7Fqpy23lcYx4LzhsT4NsK
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Sep 2023 12:16:55 GMT
server: cloudflare
etag: W/"21e9d49cde74254699f63cc367b408d9"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 805ccc2cdf3ab3c1-MIA
access-control-allow-headers: range
expires: Thu, 12 Sep 2024 02:00:36 GMT

Redirect headers

date: Wed, 13 Sep 2023 02:00:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/335382/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 805ccc2b7befb3c1-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v30/ 14 KB
14 KB 505ms
148ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v30/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 16:32:32 GMT
x-content-type-options: nosniff
age: 379684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14256
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:02:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 16:32:32 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 content Show response
www.newsobserver.com/webapi-public/v2/sections/97101/ 189 KB
48 KB 1621ms
1621ms Fetch
application/json 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/webapi-public/v2/sections/97101/content
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/hi/cards/featured-carousel/featured-carousel.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b60a7e2f6833ae37444ac4b6f595585761f910b11db3369b1c0d49292300ceb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
server-timing: ak_p; desc="1694570436423_398720014_131757512_154275_10240_70_0_219";dur=1
content-length: 48617
mi-api: true
last-modified: Wed, 13 Sep 2023 02:00:37 GMT
x-proxy-forwarding-type: WebAPI
server: MI
etag: W/"3116d897-d5d5-4ea0-93b1-d5862b0ea73b"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 602968352, 294749166
content-type: application/json;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: private, max-age=900, s-maxage=0
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 19a61678-c125-4cbc-973b-5bb0f5f35546 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/19a61678-c125-4cbc-973b-5bb0f5f35546
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa2389fa0c250fb820fc2bb6cad458757aca921f97f49246d818adb7c51f4017

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK dde1f8a1-7ce0-4f9e-9ae8-318bf8fea667 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/dde1f8a1-7ce0-4f9e-9ae8-318bf8fea667
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18236715d0779de72c0f8ccf0c1b502545566e70fa28e0e2b5d82985f81d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 5eb10e51-89f6-48f6-9019-34e5db355f7d Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/5eb10e51-89f6-48f6-9019-34e5db355f7d
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a7e6bc37827937d4b4be74bc26632f47788fb882fcc8f44f943350d0dbb3b31

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK c99cef48-2f0a-41e3-a9c3-7a849e0ca6eb Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/c99cef48-2f0a-41e3-a9c3-7a849e0ca6eb
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49137b00c9003671dffd4b69d550e8c35d2638f5af5dbec03b4f2b94793ddf1f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK ff6abc6b-605a-493c-84f9-8004f36bae77 Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/ff6abc6b-605a-493c-84f9-8004f36bae77
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a65d8c3e54d068804cc868837bc4547bbdb6c9bb599bdb8496981819ad5284a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK f6d39a2a-c57c-45f2-8adf-1c41b8351027 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/f6d39a2a-c57c-45f2-8adf-1c41b8351027
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 909bdec0d3db231b370402df6af23f50885052384ccd6e76c7b04fe5912fadf9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 NCSENATE02-042023-edh.jpg
www.newsobserver.com/latest-news/wqrmi6/picture274580881/alternates/LANDSCAPE_768/ 19 KB
19 KB 97ms
93ms Image
image/jpeg 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/wqrmi6/picture274580881/alternates/LANDSCAPE_768/NCSENATE02-042023-edh.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9e88120d1cbe765f3e5b9574f9e9890fc1fe7850d1946839c7b01c2146ee03cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38
server-timing: ak_p; desc="1694570436475_398720014_131757589_35_8622_67_0_146";dur=1
content-length: 18950
last-modified: Tue, 12 Sep 2023 20:29:55 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "48c0acf08bf0eeb32b8f14c54f940a55"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 412387346, 89948404 81134165
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=585117
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Nash%20Co%20crash%203-12
www.sunherald.com/latest-news/l2y6n0/picture259346289/alternates/LANDSCAPE_768/ 23 KB
24 KB 213ms
200ms Image
image/jpeg 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunherald.com/latest-news/l2y6n0/picture259346289/alternates/LANDSCAPE_768/Nash%20Co%20crash%203-12
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 346e366ed993f6013a48840aee53c8239a54010ac70273aca0a2cf770d6c01d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1794
server-timing: ak_p; desc="1694570436531_398720014_131757637_103_9609_67_0_219";dur=1
content-length: 24008
last-modified: Sat, 12 Mar 2022 22:21:16 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "2d3ae3f40b4b4c78d82de9e162dd552e"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 146015452, 515997949 491062118
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=593939
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 N%26O%20Breaking%20News-crash%205-3-2023.png
www.newsobserver.com/latest-news/x7zpuu/picture279248864/alternates/LANDSCAPE_768/ 485 KB
486 KB 176ms
172ms Image
image/png 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/x7zpuu/picture279248864/alternates/LANDSCAPE_768/N%26O%20Breaking%20News-crash%205-3-2023.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9b05c41591be2fefb06c29bf60d230fbe8354f457656453d2e3b5c3767436000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 175
server-timing: ak_p; desc="1694570436488_398720014_131757590_1400_9027_67_0_146";dur=1
content-length: 496450
last-modified: Tue, 12 Sep 2023 16:19:18 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "f238a1c61d823337f6dda5e46f56f9ff"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1071843278, 352256074 334922461
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=574429
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 091223-CHAPELHILL-POLICE-KLM-01.jpg
www.newsobserver.com/latest-news/y35oj0/picture279246984/alternates/LANDSCAPE_768/ 74 KB
74 KB 96ms
92ms Image
image/jpeg 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/y35oj0/picture279246984/alternates/LANDSCAPE_768/091223-CHAPELHILL-POLICE-KLM-01.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a8273af8d7ee1c1e5bc6250c0c9f529f004c0a4542c825350426e2e8ff35d616

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 105
server-timing: ak_p; desc="1694570436475_398720014_131757591_45_8562_67_0_146";dur=1
content-length: 75510
last-modified: Tue, 12 Sep 2023 15:49:04 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "c78b9f721911c9a91f40008768dde66c"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 244645927, 570458255 562987019
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=578125
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 MichaelMorgan.jpg
www.newsobserver.com/latest-news/eijjtw/picture279220434/alternates/LANDSCAPE_768/ 34 KB
35 KB 152ms
149ms Image
image/jpeg 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/eijjtw/picture279220434/alternates/LANDSCAPE_768/MichaelMorgan.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 53ecbe32d6f225e79cda0a314a25fdd613697756568cdf595e7d47f4c12ac523

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 160
server-timing: ak_p; desc="1694570436477_398720014_131757592_290_7864_67_0_146";dur=1
content-length: 35188
last-modified: Tue, 12 Sep 2023 13:42:20 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "7c0e23a108f4dfc2048dceb60199f6bd"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 67436578 45321743
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=561601
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 RAL_UNCUSC01-090223-EDH.JPG
www.newsobserver.com/latest-news/sel5rj/picture278912629/alternates/LANDSCAPE_768/ 39 KB
40 KB 168ms
165ms Image
image/jpeg 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/sel5rj/picture278912629/alternates/LANDSCAPE_768/RAL_UNCUSC01-090223-EDH.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 613d2e2e80767b7315bee58b28d390387a44ad24a19874f9f33f155a2d60da36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 180
server-timing: ak_p; desc="1694570436484_398720014_131757593_947_11415_67_0_146";dur=1
content-length: 40322
last-modified: Sat, 02 Sep 2023 22:54:22 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "6de71223da5359c55e04154f6a9136f9"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 307077852 368542340
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=579151
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 RAL_KIDVACCINE05-110421-EDH.JPG
www.newsobserver.com/latest-news/nbzfxn/picture255547801/alternates/LANDSCAPE_768/ 28 KB
28 KB 146ms
142ms Image
image/jpeg 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/nbzfxn/picture255547801/alternates/LANDSCAPE_768/RAL_KIDVACCINE05-110421-EDH.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aaa537c9df835d91a7176efea18d495cdb8d08c280ddcb5fa2da5b81d30c95de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 233
server-timing: ak_p; desc="1694570436475_398720014_131757594_41_8670_67_0_146";dur=1
content-length: 28633
last-modified: Tue, 09 Nov 2021 16:39:25 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "b594b9f11eb1f8e85108a2cb01565373"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1064208389, 310350431 343935046
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=575320
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 BBQ%20Tray%20Shot_2.jpg
www.newsobserver.com/latest-news/pg6odd/picture210842789/alternates/LANDSCAPE_768/ 67 KB
68 KB 132ms
129ms Image
image/jpeg 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/pg6odd/picture210842789/alternates/LANDSCAPE_768/BBQ%20Tray%20Shot_2.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e5a71735be4f00fd7f2923968a4795a2be2540bb55688808e26eaf8c2509f129

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 246
server-timing: ak_p; desc="1694570436475_398720014_131757595_45_8607_67_0_146";dur=1
content-length: 68937
last-modified: Thu, 10 May 2018 16:32:22 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "66d7e4b395a1b0c681eb329836093e44"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 199755046, 534675928 532677004
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=574923
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 85f06403-863d-41fd-8123-d085c999cb8a
www.mcclatchy-wires.com/incoming/riwf80/picture273449065/alternates/LANDSCAPE_768/ 28 KB
29 KB 246ms
146ms Image
image/jpeg 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/riwf80/picture273449065/alternates/LANDSCAPE_768/85f06403-863d-41fd-8123-d085c999cb8a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 16b250f20ae18ca12ff67620fa17ada83e5c4afa5e9d06c9db7f24e511efe3e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38
server-timing: ak_p; desc="1694570436571_398720014_131757689_148_10477_67_0_146";dur=1
content-length: 28885
last-modified: Wed, 13 Sep 2023 00:19:19 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "671d2d7f198949304795feefa2c0e6c6"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 802653483 772344912
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=598751
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 3%20kids%20makedo.png
www.mcclatchy-partners.com/incoming/pd91k8/picture278743464/alternates/LANDSCAPE_768/ 875 KB
876 KB 215ms
170ms Image
image/png 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-partners.com/incoming/pd91k8/picture278743464/alternates/LANDSCAPE_768/3%20kids%20makedo.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 78c86a8d5db341d6a521360e4f989179c44f770af05e5487a67f04e787fe8f53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 29558
server-timing: ak_p; desc="1694570436531_398720014_131757638_141_9297_67_0_146";dur=1
content-length: 896167
last-modified: Tue, 29 Aug 2023 21:05:17 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "6d9d58c4d2abcd9cbd55d44a6d8eab1f"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1042945866 913539246
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=415938
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Pp6.png
www.newsobserver.com/latest-news/m1iklg/picture279211414/alternates/LANDSCAPE_768/ 767 KB
768 KB 111ms
109ms Image
image/png 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/m1iklg/picture279211414/alternates/LANDSCAPE_768/Pp6.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bc90c76c1965cc26c661c970618c0976ceaa3e44664d5a5e20765b73d8fe491b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 421
server-timing: ak_p; desc="1694570436475_398720014_131757596_47_8492_67_0_146";dur=1
content-length: 785191
last-modified: Mon, 11 Sep 2023 17:45:07 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "20f2010d5b6ea879d9a8f6611d1f5618"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 530383031, 157911178 194740441
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=573233
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1_th.jpg
img.connatix.com/20849ad8-a9ae-425c-9f54-4dc9bd866e05/ 77 KB
78 KB 61ms
50ms Image
image/webp 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/20849ad8-a9ae-425c-9f54-4dc9bd866e05/1_th.jpg

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5775d2a2bfad29dddd9ea7038cf5e7db4888ff381110a363581209f2f373b8d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 79084
cf-resized: internal=ok/h q=0 n=25+0 c=5+243 v=2023.8.1 l=79084
last-modified: Tue, 12 Sep 2023 16:48:59 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfP-oxPdoWNA4TMeyYkwRWtoIlsZ7-Tzt04sSdBa-5DQ:9d9dc6d376d8a90e89c82ef336d15da4"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 805ccc2bed60b3c1-MIA
access-control-allow-headers: range

GET
H2 200 RAL_090523-MEDICAID-EXPANSION-TEL-02.JPG
www.newsobserver.com/latest-news/4p5guw/picture278990229/alternates/LANDSCAPE_768/ 52 KB
52 KB 111ms
109ms Image
image/jpeg 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/4p5guw/picture278990229/alternates/LANDSCAPE_768/RAL_090523-MEDICAID-EXPANSION-TEL-02.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7c2c3a4f9cd79de99d70eca8abb699e08a169c4c23626e5f4a2a85db49af5c12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 8859
server-timing: ak_p; desc="1694570436475_398720014_131757597_41_8566_67_0_146";dur=1
content-length: 52948
last-modified: Wed, 06 Sep 2023 21:17:08 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "8d79559e9bcaa2e5c7ad36c0a5c6e227"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 70682714, 634620175 595133443
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=124115
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 cnx.2cd1c2b89612d4cdb61d.js Show response
www.newsobserver.com/lzoiyns-bo/ 5 KB
2 KB 156ms
155ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/cnx.2cd1c2b89612d4cdb61d.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/19a61678-c125-4cbc-973b-5bb0f5f35546
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5fb1acbc982f33c7b2a10c7622577ba16a8a26e882aa3603a4f2c29f6f2f5f54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3998
server-timing: ak_p; desc="1694570436531_398720014_131757639_36_9211_67_0_146";dur=1
content-length: 1674
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"145c-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 191824025 160236072
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555328
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 suggestedContent.932aecee3ee0912445fb.js Show response
www.newsobserver.com/lzoiyns-bo/ 9 KB
3 KB 161ms
161ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/suggestedContent.932aecee3ee0912445fb.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/dde1f8a1-7ce0-4f9e-9ae8-318bf8fea667
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bb10de70e793de78b5fc9ad6d645686e31d562283c03c8200c312fc90d34b2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3947
server-timing: ak_p; desc="1694570436531_398720014_131757640_150_9162_67_0_146";dur=1
content-length: 3056
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"23a4-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 165218853 167313940
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555235
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 performance.adbf3d501b36b85b551f.js Show response
www.newsobserver.com/lzoiyns-bo/ 7 KB
3 KB 156ms
156ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/performance.adbf3d501b36b85b551f.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/5eb10e51-89f6-48f6-9019-34e5db355f7d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dd1cc949a306c2dcd64c3dad435255b90563a6bdd0ab2dd3921553ed5c30a734

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3998
server-timing: ak_p; desc="1694570436531_398720014_131757641_44_9116_67_0_146";dur=1
content-length: 2597
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"1da5-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 902596531 891519279
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555286
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.cab02ea48999fadef3d1.js Show response
www.newsobserver.com/lzoiyns-bo/ 29 KB
11 KB 171ms
170ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/quarantine.cab02ea48999fadef3d1.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/c99cef48-2f0a-41e3-a9c3-7a849e0ca6eb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c435c67947d6fe0729d399265a282c547864501c08ae0eed4324bf69af770266

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3964
server-timing: ak_p; desc="1694570436535_398720014_131757642_522_7843_67_0_146";dur=1
content-length: 10610
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"75fd-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 165218855 168395279
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555338
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 footerBundle.2807a40ec72e4fa0ed72.js Show response
www.newsobserver.com/lzoiyns-bo/ 2 KB
1 KB 154ms
154ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/footerBundle.2807a40ec72e4fa0ed72.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/ff6abc6b-605a-493c-84f9-8004f36bae77
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bed1c436701aec68045c81db5ec9eb7b21f43a60e49846d807ffbfb126d5a694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3998
server-timing: ak_p; desc="1694570436532_398720014_131757643_152_8024_67_0_146";dur=1
content-length: 805
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"9c5-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 186975517 155321997
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555391
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 miFooter.4e7b52fc871afd0c0ae4.js Show response
www.newsobserver.com/lzoiyns-bo/ 7 KB
3 KB 155ms
154ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/miFooter.4e7b52fc871afd0c0ae4.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/f6d39a2a-c57c-45f2-8adf-1c41b8351027
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 320cc8f350405c87e595be87ffc5cb7bf9e738036d96ea9a1f6e0698d5fc69c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3998
server-timing: ak_p; desc="1694570436531_398720014_131757644_45_9094_67_0_146";dur=1
content-length: 2402
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"1dba-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 198312287 166494650
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555280
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 44f15d61-ed43-44bc-9ed0-356dc06f0276 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/44f15d61-ed43-44bc-9ed0-356dc06f0276
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52502970083718cbe7725a1ca09bdc9c0594618d7ce6927ded6cf5753a011570

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 homepage.json Show response
www.newsobserver.com/static/hi/zones/ 819 B
1 KB 156ms
155ms Fetch
application/json 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/static/hi/zones/homepage.json
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/netdale.e3c7045892eb496c7272.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fb1c6f69f72b2dfa67e91c1013f05aebadfc84ea4daf05c2251f1c136bda7122

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 267
server-timing: ak_p; desc="1694570436542_398720014_131757650_803_8795_67_0_219";dur=1
content-length: 267
last-modified: Thu, 31 Aug 2023 21:23:21 GMT
server: MI
etag: "333-6043ea7440440"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1070597446, 422446046 419103412
content-type: application/json
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=32
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 htlbid.css
htlbid.com/v3/newsobserver.com/ 3 KB
673 B 424ms
254ms Stylesheet
text/css 3.162.3.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/newsobserver.com/htlbid.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/netdale.e3c7045892eb496c7272.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-111.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: br
via: 1.1 07e5e07e8e5ea126f260c9aec11f0d3a.cloudfront.net (CloudFront)
last-modified: Fri, 08 Sep 2023 15:50:00 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
age: 495
x-amz-server-side-encryption: AES256
etag: W/"6079441ba3e393b1ed99fc06f4fd2fea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: HI0bgQ3Hb5EAn5ez_zgbnzZuq3HwdMoMWlTKGAYlslRs6k53Nk42ig==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/newsobserver.com/ 510 KB
137 KB 272ms
103ms Script
application/javascript 3.162.3.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/newsobserver.com/htlbid.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/netdale.e3c7045892eb496c7272.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-111.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7232602786be1eeb3cbe5a5f0a099570e7ea8e634c884fa7136c618a36bbf16f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: br
via: 1.1 07e5e07e8e5ea126f260c9aec11f0d3a.cloudfront.net (CloudFront)
last-modified: Mon, 11 Sep 2023 17:10:56 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
age: 587
x-amz-server-side-encryption: AES256
etag: W/"c650c414a20aaf75cffe5e12153b82d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: POQjp2Xv6nB59okAsBjJDXuygmzsmIg53uGPBOtImUWrMT3dWgxrhg==

GET
BLOB 200
OK 4ec34654-4127-4c8f-8283-87d084a2c331 Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/4ec34654-4127-4c8f-8283-87d084a2c331
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f382b6753e59000526b1314c7510dac6205bf5a7ccf463a1c119cc9fa09cd8d9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
438 B 126ms
126ms Fetch
application/json 44.235.130.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=26afd5d7-154a-4d29-983b-a3fd658bd9c2&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.235.130.162 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-130-162.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

be8f6d28fd02e30f67684fd578ed40698cb60c9cec6920e67f1d2fb5aa814c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
accept-language: en-US,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-650117c4-0450dfa91ea2185907a79dfe
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 110ms
110ms Preflight 44.235.130.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=26afd5d7-154a-4d29-983b-a3fd658bd9c2&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.235.130.162 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-130-162.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 1800
date: Wed, 13 Sep 2023 02:00:36 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-650117c4-3e2112f274b4df0540da82e2
x-content-type-options: nosniff

GET
H2 200 si
capi.connatix.com/tr/ 0
76 B 121ms
120ms Image
application/json 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=45fdac0d-132d-416d-9337-6dc76d9a7ac7&cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc2c8ea5b3c1-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 214ms
61ms Image
image/gif 2600:9000:25c8:2000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=saqdig_728x90_
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:2000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 08:00:59 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 be2c2de1ae578e4915f9466876d9de46.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 4471178
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: rnwvX8i87Q_436UwvLN4afBSQTaYqpNN1TYuVSoXQS9R6lyovOfekg==

OPTIONS
H2 200 /
api.t3be3280.pw.adn.cloud/ Frame 0
0 141ms
69ms Preflight 34.117.170.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.t3be3280.pw.adn.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.170.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.170.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 13 Sep 2023 02:00:36 GMT
via: 1.1 google

POST
H2 200 / Show response
api.t3be3280.pw.adn.cloud/ 751 B
493 B 69ms
67ms Fetch
application/json 34.117.170.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.t3be3280.pw.adn.cloud/
Requested by: Host: tags.pw.adn.cloud
URL: https://tags.pw.adn.cloud/2NYPOH/activation.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.170.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.170.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f3d242b1c526da86024529eb741f4702ee746606c6de3c1e6a040854e86c45d

Request headers

Referer: https://www.newsobserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 402

GET
H2 200 fontawesome-webfont.woff2
www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 130ms
129ms Font
font/woff2 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.97859630064280ce2a1e.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Referer: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.97859630064280ce2a1e.css
Origin: https://www.newsobserver.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 236
server-timing: ak_p; desc="1694570436602_398720014_131757721_645_9592_67_0_255";dur=1
content-length: 56780
last-modified: Wed, 30 Aug 2023 14:12:47 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"ddcc-18a46ca2318"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 614009790, 607914720 599559835
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=97
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 116ms
114ms Fetch
application/json 52.13.143.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.143.161 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-143-161.us-west-2.compute.amazonaws.com

Software

Resource Hash

915df1a53de893037707b3f9c207d88b6ddccd8cdc800ea661a9ac10474a29d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.newsobserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 13 Sep 2023 02:00:36 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-650117c4-49ca5d5b76ede35879d37753
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 110ms
109ms Preflight 52.13.143.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.143.161 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-143-161.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 13 Sep 2023 02:00:36 GMT
strict-transport-security: max-age=15768000

GET
H2 200 naeliya.c05ccf6f8440735a9caa.js Show response
www.newsobserver.com/lzoiyns-bo/ 2 KB
1 KB 119ms
119ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/naeliya.c05ccf6f8440735a9caa.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/44f15d61-ed43-44bc-9ed0-356dc06f0276
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aa7f189ab199f7068500bfe69e951ae456dfd1c7b50ec0c9c39a89ad477b8c6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3970
server-timing: ak_p; desc="1694570436647_398720014_131757775_104_10683_68_0_146";dur=1
content-length: 876
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"8c7-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 6554335 1048379745
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555286
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 sponsored.b5054571a3f21233dd47.js Show response
www.newsobserver.com/lzoiyns-bo/ 1 KB
948 B 122ms
121ms Script
application/javascript 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/lzoiyns-bo/sponsored.b5054571a3f21233dd47.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/4ec34654-4127-4c8f-8283-87d084a2c331
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 87f264a43620e415cabb527b8ec13a713093ddf8fa36549ff59c108ee22b70dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3998
server-timing: ak_p; desc="1694570436661_398720014_131757787_123_11446_69_0_146";dur=1
content-length: 516
last-modified: Tue, 12 Sep 2023 11:02:06 GMT
server: MI
etag: W/"481-605275f992780"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 914621217 891519277
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555414
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 117ms
115ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 1800
cache-control: no-store
date: Wed, 13 Sep 2023 02:00:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-650117c4-3e7c75e2143effd5386afb80
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570437.671280,VS0,VE81

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
137 B 137ms
136ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjQiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTYiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IiIsImRldmljZV9pZCI6IjI2YWZkNWQ3LTE1NGEtNGQyOS05ODNiLWEzZmQ2NThiZDljMiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiTkFPIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3Lm5ld3NvYnNlcnZlci5jb20vIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzA0MSIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3Lm5ld3NvYnNlcnZlci5jb20vIiwiaGFzX2ZvY3VzIjoieWVzIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJOZXdzIGFuZCBPYnNlcnZlciIsInJlZmVycmluZ19ob3N0Ijoibm9fcmVmZXJyZXIiLCJzZGtfaW5pdF9zdGF0dXMiOiJzdG9yYWdlIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3Lm5ld3NvYnNlcnZlci5jb20iLCJ0YXhvbm9teSI6Il9Ib21lUGFnZXx8fHwiLCJ1cmwiOiJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tLyIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xODcgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3QzX2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImZsYWdfa2V5IjoidXNhZ2UiLCJkYXRlIjoiMjAyMy0wOS0xMiJ9fQ

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 42
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570437.785287,VS0,VE105
x-amzn-trace-id: Root=1-650117c4-4a053d0550541a871683bb18
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
BLOB 200
OK b88078f4-ac63-4211-8eed-0e5f0c25ecb8 Show response
https://www.newsobserver.com/ 380 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/b88078f4-ac63-4211-8eed-0e5f0c25ecb8
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ced6aa5208cc9dd8322ce78616ce10397d14aeb825f2543e531c18eb657bab8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 380
Content-Type: [object object]

GET
H2 200 pdp.gif
www.newsobserver.com/lzoiyns-bo/ 42 B
451 B 141ms
140ms Image
image/gif 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/lzoiyns-bo/pdp.gif?k=eyJpZCI6Im1pX3RpX25hb18yNmFmZDVkNy0xNTRhLTRkMjktOTgzYi1hM2ZkNjU4YmQ5YzJfMTY5NDU3MDQzNjU4Ml8xNjk0NTcwNDM1NzkzIiwiZG9tSW50ZXJhY3RpdmUiOjExNjEsInJlcXVlc3RTdGFydCI6MjgwfQ==
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-mi-in-market: 1
surrogate-control: varnish=ESI/2.1
mi-cache-age: 556043
server-timing: ak_p; desc="1694570436693_398720014_131757821_5821_11915_68_0_146";dur=1
content-length: 42
last-modified: Wed, 06 Sep 2023 11:22:45 GMT
server: MI
etag: "2a-604aef6668b40"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 523670398, 292718267 136544267
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604777
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
BLOB 200
OK 40a8d738-2be0-4f41-b807-970fc8268820 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/40a8d738-2be0-4f41-b807-970fc8268820
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9188db967991c50f7a0e26c9418eb8c27554edd094b7c90069233eb705112a4a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK b22ea3d2-07a5-4640-9636-a810190def6a Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/b22ea3d2-07a5-4640-9636-a810190def6a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 014061b31ebec9bea48be8a70e75b42ca0368a5fd5f62a5be06951903200d20b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/mcclatchyinteractive-network/ 550 KB
64 KB 104ms
30ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/mcclatchyinteractive-network/loader.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/40a8d738-2be0-4f41-b807-970fc8268820
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66d62af5626c85a26bdd2c2ae2a32fae8c454d84cf855a06acad313039727c42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: xTIFDyUi1UsRwiZpnBiridrctlQtncsk
content-encoding: gzip
via: 1.1 varnish
date: Wed, 13 Sep 2023 02:00:36 GMT
x-amz-request-id: 677VPA78GVM3AJMV
age: 7185
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 64691
x-amz-id-2: b1C4CiVcoe7ZCkPGG/1O1a5f8u0iYmZWlxlaNcCqGB2VRjVyKw/kme0BYh6SW8ij2qtsaZ+qh5U=
x-served-by: cache-mia-kmia1760039-MIA
last-modified: Wed, 13 Sep 2023 00:00:49 GMT
server: AmazonS3
x-timer: S1694570437.749523,VS0,VE0
etag: "4d120c07ad8a5be66a3f59bdc1729243"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 65
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 199

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/mcclatchyinteractive-thenewsandobserver/ 65 KB
18 KB 168ms
94ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/mcclatchyinteractive-thenewsandobserver/newsroom.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/b22ea3d2-07a5-4640-9636-a810190def6a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c7d5b9e26f3ada8447c5885bd17b623b94bd8e35f569d81df161247ef011f1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Wed, 13 Sep 2023 02:00:36 GMT
x-amz-request-id: 449VWVRESWXJB2SR
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17863
x-amz-id-2: SxY8v/rOCdp8MBshVS76GEpGlODbR7pcnHl+ml27ukUvf6ihVbkBTQNi4+cOdfITyWmUypOe0W4=
x-served-by: cache-mia-kmia1760070-MIA
last-modified: Thu, 03 Aug 2023 20:35:01 GMT
server: AmazonS3
x-timer: S1694570437.749758,VS0,VE63
etag: "c0f2661cec8ea81eb402537e6db82736"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
BLOB 200
OK a35edda2-a77d-4be4-a643-6677e438824e Show response
https://www.newsobserver.com/ Frame BB42 449 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/a35edda2-a77d-4be4-a643-6677e438824e
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b39aac6e708b01212d5d90f030c9418ad131c46ea6f845e46c1652de5ad3fe86

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 449
Content-Type: text/javascript

GET
BLOB 200
OK aec668c6-a528-4eb3-aecd-f1511e2a9138 Show response
https://www.newsobserver.com/ Frame 3FF8 466 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/aec668c6-a528-4eb3-aecd-f1511e2a9138
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 466
Content-Type: text/javascript

GET
BLOB 200
OK a77748c2-bd1c-480e-afdb-c0d2f4e32ea7 Show response
https://www.newsobserver.com/ Frame EB43 555 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/a77748c2-bd1c-480e-afdb-c0d2f4e32ea7
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c8c947a68522e11e22d26cfa17354fa98089668530f6215849ced631a6aac3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 555
Content-Type: text/javascript

GET
BLOB 200
OK 06f0d484-2c4f-4b11-8537-0754af7f7b06 Show response
https://www.newsobserver.com/ Frame 4F33 590 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/06f0d484-2c4f-4b11-8537-0754af7f7b06
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 590
Content-Type: text/javascript

GET
H2 200 i.js Show response
tag.wknd.ai/3581/ 19 KB
6 KB 106ms
30ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3581/i.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/a35edda2-a77d-4be4-a643-6677e438824e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: a3a3e00036709562d5e7ea7797c964151379279911f6a70bc561e08885e56cf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 01:57:48 GMT
content-encoding: gzip
via: 1.1 google
age: 168
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5627
server: istio-envoy
etag: 0f12425e6122db
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 3FF8 4 KB
2 KB 219ms
71ms Script
application/javascript 3.162.3.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/aec668c6-a528-4eb3-aecd-f1511e2a9138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-20.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 14:16:42 GMT
content-encoding: gzip
via: 1.1 764453ad26f42978656c5c159a3b32ce.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
age: 83322
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: AoCsiz0OfBvF2vTt9xy5x7GSoUzurhixIrCVgdULd_gKIV1LNqFjnQ==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/10/ Frame EB43
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930332/all/ml.js?cb=1634
https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js

147 KB
43 KB

32ms
31ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 292ca9e09a900cde3c17a06720d49db893fc24582958ff8ebad02b22b1a5cbcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:11:07 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Nov 2022 21:50:54 GMT
server: nginx
age: 31769
etag: "df0f26567e618c28df8235fe9b93c4ef"
vary: Accept-Encoding
x-cache: HIT Sun, 18 Dec 2022 05:14:24 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43649

Redirect headers

date: Wed, 13 Sep 2023 02:00:36 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 5-gc-useast1-22ng1016

GET
H/1.1 200
OK fullcontact.js Show response
tags.fullcontact.com/anon/ Frame 4F33 35 KB
12 KB 246ms
77ms Script
application/javascript 3.162.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fullcontact.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/06f0d484-2c4f-4b11-8537-0754af7f7b06
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-62.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 987d5da0ab9202a9c0f62852a6939b618a0c3eb38db24e4d1afb947bbcd98bc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 02:54:15 GMT
Content-Encoding: gzip
Via: 1.1 3c503941ffd955a9223590c80d8af4c2.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Nov 2022 20:34:05 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P2
Age: 83182
x-amz-server-side-encryption: AES256
ETag: W/"ed70c713adb9b703a7bd3db8cae895d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: gboZlKQ-ptYAH98mksp-xKZObdP6aL8TOjIWsszhqdBXMvUfueJgLw==

GET
H3

200

sync Show response
capi.connatix.com/core/ Frame 032E
Redirect Chain

https://capi.connatix.com/core/sync?v=335382
https://capi.connatix.com/core/sync?v=335382&tier=1&final=true&ImplementationType=0

5 KB
2 KB

100ms
100ms

XHR
application/json

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?v=335382&tier=1&final=true&ImplementationType=0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45b0063084f4c6c19682632693f8e391e70b286d4369a5d20d5727922c9e8e1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc2ec8af4c0f-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 13 Sep 2023 02:00:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
location: https://capi.connatix.com:443/core/sync?v=335382&tier=1&final=true&ImplementationType=0
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc2e19f2b3c1-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 ucl Show response
capi.connatix.com/tr/ Frame 032E 0
96 B 87ms
87ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ucl?v=335382
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc2e29fcb3c1-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame 032E 177 KB
25 KB 182ms
182ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=335382&cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3f9d64a9ff519c0dd00a9a4e95588ae836ded5824178b0c44823a9f9d8d9be

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc2e2a0cb3c1-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 hls.1.3.4.js Show response
cds.connatix.com/a/ 263 KB
78 KB 50ms
49ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/a/hls.1.3.4.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-amz-version-id: 08mQY6.qD2K9uG9Q090ZpTuzVoe6eKbG
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 May 2023 13:03:31 GMT
server: cloudflare
etag: W/"2065fde20cf0becb2eb29a9fa8b9936f"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 805ccc2e2a16b3c1-MIA
access-control-allow-headers: range
expires: Thu, 12 Sep 2024 02:00:36 GMT

GET
H2 200 player.css
cds.connatix.com/p/335382/ 68 KB
12 KB 48ms
47ms Stylesheet
text/css 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/335382/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f41a5cdab97125db80a2b6fd5dd8da8fc63a42736d9867b769e5fe58a9931e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
x-amz-version-id: 62HRg3lY7DMdFRaVHgekpwVPmbxqLaXO
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Sep 2023 12:16:56 GMT
server: cloudflare
etag: W/"7b624eb55c0d06f78a24178f3f2e0d12"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 805ccc2e2a17b3c1-MIA
access-control-allow-headers: range
expires: Thu, 12 Sep 2024 02:00:36 GMT

GET
BLOB 200
OK 4153cf54-b58c-4130-9ae7-c0784be26c47 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/4153cf54-b58c-4130-9ae7-c0784be26c47
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03bf41bbb52555b5f05776fd40f8eab91d13ea0c9cd3d9e70cfb3ad105ba9d4e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 112ms
111ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 1800
cache-control: no-store
date: Wed, 13 Sep 2023 02:00:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-650117c4-5caa6e317a3a8b8f4ff09262
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570437.867836,VS0,VE83

GET
BLOB 200
OK 39c812cc-b9f6-43a7-ae25-3630c8ead0f7 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/39c812cc-b9f6-43a7-ae25-3630c8ead0f7
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 213f1fa30ed010641c5044a44f05bc33d66026e7e051cc7c02671b2208e264c8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 29 B
167 B 134ms
133ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
X-Amp-Exp-Flag-Keys: WyJ6b25lLWNvbnRlbnQiXQ
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjQiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTYiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IiIsImRldmljZV9pZCI6IjI2YWZkNWQ3LTE1NGEtNGQyOS05ODNiLWEzZmQ2NThiZDljMiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiTkFPIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3Lm5ld3NvYnNlcnZlci5jb20vIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzA0MSIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3Lm5ld3NvYnNlcnZlci5jb20vIiwiaGFzX2ZvY3VzIjoieWVzIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJOZXdzIGFuZCBPYnNlcnZlciIsInJlZmVycmluZ19ob3N0Ijoibm9fcmVmZXJyZXIiLCJzZGtfaW5pdF9zdGF0dXMiOiJzdG9yYWdlIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3Lm5ld3NvYnNlcnZlci5jb20iLCJ0YXhvbm9teSI6Il9Ib21lUGFnZXx8fHwiLCJ1cmwiOiJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tLyIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xODcgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3QzX2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImZsYWdfa2V5Ijoiem9uZS1jb250ZW50IiwiZGF0ZSI6IjIwMjMtMDktMTIifX0

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 49
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570437.983756,VS0,VE101
x-amzn-trace-id: Root=1-650117c5-03edfe2a334354dd7d1fbb56
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 collect
logging.pw.adn.cloud/ 0
0 203ms
131ms Fetch
application/json 2606:4700::6812:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.pw.adn.cloud/collect
Requested by: Host: tags.pw.adn.cloud
URL: https://tags.pw.adn.cloud/2NYPOH/activation.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 impl.20230912-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ 809 KB
168 KB 31ms
30ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230912-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mcclatchyinteractive-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ed9afdf43a0056c59023d00bab1de18189dbe138e6bccf7ce470c4034f60aaf3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: EZDagwX9e32yPysweL4IbwCpYH9.1rXO
content-encoding: br
via: 1.1 varnish
date: Wed, 13 Sep 2023 02:00:36 GMT
x-amz-request-id: R8SBAC2500AP0ZP9
age: 25463
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 171452
x-amz-id-2: ZFPcqs9UMjI+y/63fSThwyKyxRRlK2S2ZF+2Y8LhrXsGm0ygqfwJbQ58RdwWB7Y1+XNjtLIS3Ew=
x-served-by: cache-mia-kmia1760039-MIA
last-modified: Tue, 12 Sep 2023 10:53:27 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694570437.905903,VS0,VE0
etag: "c732ad12f884f07779b78cd6f75cf5d5"
vary: Accept-Encoding
content-type: application/javascript
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 48

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 613 KB
163 KB 280ms
82ms Script
application/x-javascript 23.35.67.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/4153cf54-b58c-4130-9ae7-c0784be26c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.67.147 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-67-147.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 87bfcdc6b3c61567aed26c9f0687c830cf5d948a81b5df9acf75163ecee402be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 02:00:37 GMT
Content-Encoding: gzip
x-amz-request-id: 8VQJBRBPPC8A0KGA
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: HlrvcDbzNUHSz7/ARY3dR3PfR+SCyokDLhWXW4YnoMVPvDwQ6NUe7uZDog5jz+l2Xoj10v104uo=
Last-Modified: Mon, 28 Aug 2023 18:19:02 GMT
Server: AmazonS3
ETag: "f247c1f111b2fe4795867bebc1cc8d8f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 get Show response
vi.ml314.com/ 264 B
388 B 155ms
64ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=88280&tk=Sd8Lhw2fKivbawYXOa0sKaCgKxoI2fc6Kjw9Z4GOBSB2s3d&fp=

Requested by

Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/39c812cc-b9f6-43a7-ae25-3630c8ead0f7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Wed, 13 Sep 2023 02:00:37 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 runtime_3516cc0eb0a0aed04b039f190c3ab852.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 904 B
1 KB 103ms
31ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_3516cc0eb0a0aed04b039f190c3ab852.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3581/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 14889037c408344181eda4cdba85ffc30fdabf994d8f898031c4cb4cacecd212

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:32:47 GMT
content-encoding: br
age: 44869
x-guploader-uploadid: ADPycdt3IqaGmUvj6Wt9YMEK2fE8Mx6SFXyZmZc4xY1zIYEyhb98BrVAgsm4IFGLoU7t5_XcL-EBDCqYOxmruuSym8Bt6xAcvsFJ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 506
last-modified: Tue, 12 Sep 2023 13:32:40 GMT
server: UploadServer
etag: "97d3a638dbe318aca71328c00ae13495"
x-goog-generation: 1694525560630528
x-goog-hash: crc32c=yoTlCg==, md5=l9OmONvjGKynEyjACuE0lQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 506
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 get-action Show response
nr-events.taboola.com/newsroom/1.0/mcclatchyinteractive-thenewsandobserver/ 132 B
323 B 73ms
70ms Script
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nr-events.taboola.com/newsroom/1.0/mcclatchyinteractive-thenewsandobserver/get-action?page.url=https%3A%2F%2Fwww.newsobserver.com%2F&view.id=204839741880412920&page.template=Home&page.dashboard=Home
Requested by: Host: c2.taboola.com
URL: https://c2.taboola.com/nr/mcclatchyinteractive-thenewsandobserver/newsroom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fe799b60c6735ced3514e40e5f290a390881a56d0594c393192faf49db8d6b19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-served-by: cache-mia-kmia1760070-MIA
tbl-x-upstream: 10.14.66.173:80
date: Wed, 13 Sep 2023 02:00:36 GMT
via: 1.1 varnish
server: nginx
x-timer: S1694570437.939567,VS0,VE38
x-cache: MISS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 132
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 228 B
332 B 130ms
130ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8663c23fe8ab1965cc05d9ef0341eb9a5b64addff4f3c735c3c32084d906062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
X-Amp-Exp-Flag-Keys: WyJ0YWJvb2xhLWhvbWVwYWdlIl0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjQiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTYiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IiIsImRldmljZV9pZCI6IjI2YWZkNWQ3LTE1NGEtNGQyOS05ODNiLWEzZmQ2NThiZDljMiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiTkFPIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3Lm5ld3NvYnNlcnZlci5jb20vIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzA0MSIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3Lm5ld3NvYnNlcnZlci5jb20vIiwiaGFzX2ZvY3VzIjoieWVzIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJOZXdzIGFuZCBPYnNlcnZlciIsInJlZmVycmluZ19ob3N0Ijoibm9fcmVmZXJyZXIiLCJzZGtfaW5pdF9zdGF0dXMiOiJzdG9yYWdlIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3Lm5ld3NvYnNlcnZlci5jb20iLCJ0YXhvbm9teSI6Il9Ib21lUGFnZXx8fHwiLCJ1cmwiOiJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tLyIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xODcgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3QzX2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImZsYWdfa2V5IjoidGFib29sYS1ob21lcGFnZSIsImRhdGUiOiIyMDIzLTA5LTEyIn19

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 188
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570437.299479,VS0,VE101
x-amzn-trace-id: Root=1-650117c5-0eedb9676ce28b9c4ae8fd41
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 357ms
357ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 1800
cache-control: no-store
date: Wed, 13 Sep 2023 02:00:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-650117c5-27f371a50057b9be0446ed1c
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570437.940189,VS0,VE329

GET
H2 204 notify-impression
nr-events.taboola.com/newsroom/1.0/mcclatchyinteractive-thenewsandobserver/ 0
89 B 67ms
67ms Image
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr-events.taboola.com/newsroom/1.0/mcclatchyinteractive-thenewsandobserver/notify-impression?page.url=https%3A%2F%2Fwww.newsobserver.com%2F&view.id=204839741880412920&page.template=Home&page.dashboard=Home
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-served-by: cache-mia-kmia1760070-MIA
tbl-x-upstream: 10.14.22.54:80
date: Wed, 13 Sep 2023 02:00:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1694570437.983734,VS0,VE38
x-cache: MISS
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
accept-ranges: bytes
x-application-context: front-page-event-server:production
x-cache-hits: 0

POST
H2 200 pixel_225727d3 Show response
www.newsobserver.com/akam/13/ 0
851 B 77ms
77ms XHR
text/html 104.80.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/13/pixel_225727d3
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/akam/13/225727d3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.197.53 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-197-53.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 02:00:37 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
server-timing: ak_p; desc="1694570437003_398720014_131758205_502_4214_70_0_219";dur=1
access-control-allow-headers: *
content-length: 0
expires: Wed, 13 Sep 2023 02:00:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
29 KB 307ms
192ms Script
text/javascript 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/newsobserver.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e2b2c75f27d47b9d67d099ed8c0517334e2dc625414b0c871a4e8307c2f9a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29474
x-xss-protection: 0
server: cafe
etag: 200 / 19613 / 31077785 / config-hash: 16843757859347006962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 02:00:37 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 166 KB
34 KB 126ms
58ms Script
text/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/newsobserver.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddbaa146f88a50d1c8338013a0fcd11917156612a4643c40550ff9cda5c3e72f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 00:55:12 GMT
server: cloudflare
x-amz-request-id: VB268M1MY27CNTSR
age: 398
etag: W/"0874092c454131902ffaef2f0f78881b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 805ccc2fffdd4c01-MIA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4ac+HXnKfz2CSYNY4/PSEI/zPjUw1l5Rjl1Qic2dRrG8alCy5VBNuDJcVhMZFsdRG+oh4WXCSSI3A679Xrmr7rGakKMXGxgYLD3WEJ5RBBw=

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/ 7 KB
2 KB 237ms
70ms Script
text/javascript 54.192.51.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/newsobserver.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-111.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 551af58c2ce33c58ebc151a61b8d1d28e54ab9ce177d4fac749f0ebc50054cb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: twZfULaLCuSu6sSf4IfyYxlioNp6VjIQ
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
date: Tue, 12 Sep 2023 08:20:15 GMT
x-amz-cf-pop: YUL62-C2
age: 63796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 07 Aug 2023 19:00:29 GMT
server: AmazonS3
etag: W/"61173248aacab39adcbf53d6edf6a13d"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: Bviarco3laYyGKugPWaR5MXDNHvxJnRK4nGw-plKP-hD0XAv0BqvAg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 249 KB
61 KB 247ms
81ms Script
application/javascript 3.162.1.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/newsobserver.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.1.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-1-135.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28a07ea9153aaa450bfa669a2fdac73af62cdbaf8ce6707818c83d3bffcbacd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 01:40:21 GMT
content-encoding: gzip
via: 1.1 f7a968b55c3516da72549b98f99704a4.cloudfront.net (CloudFront), 1.1 327dc9ff74acc5a845efbe2daefaec7a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Sep 2023 20:56:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, YUL62-P2
age: 1217
x-amz-server-side-encryption: AES256
etag: W/"dbe99cd7da3b62fd2eb4471b4e2a636c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: mf8Vb1-8_8rLbq6GtFriKPQe1dbC3f_1d8u02Muz9oOaOCiWEIVzcw==

GET insights.bin
ins.connatix.com/89ae7356-5780-4dda-aaad-ed90453c924b/5/ Frame 032E 0
0

GET insights.bin
ins.connatix.com/52e4c74d-0881-43f5-af81-585a952747d7/24/ Frame 032E 0
0

GET insights.bin
ins.connatix.com/b620e89e-207d-4f8c-bc4b-19e82be876b4/21/ Frame 032E 0
0

GET insights.bin
ins.connatix.com/d43bd69e-16ca-4916-b3d8-55f21b023f30/6/ Frame 032E 0
0

GET insights.bin
ins.connatix.com/895dfc21-e1c7-4cc6-967c-5f00fe5b0e40/12/ Frame 032E 0
0

GET insights.bin
ins.connatix.com/c86b8860-40e9-4212-ac1a-4f781a349241/7/ Frame 032E 0
0

GET insights.bin
ins.connatix.com/bdb3ebf1-3786-4f0d-860f-55633ed486f3/6/ Frame 032E 0
0

GET insights.bin
ins.connatix.com/fdd1c7bc-e954-46f0-8b33-2d7d50c23e19/5/ Frame 032E 0
0

GET 5_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/89ae7356-5780-4dda-aaad-ed90453c924b/ Frame 032E 0
0

GET blockedDomains_8.bin
lit.connatix.com/08d7c5ed-194d-4552-8a9b-750201d79e22/ Frame 032E 0
0

POST ucl
capi.connatix.com/tr/ Frame 032E 0
0

GET
H2 200 wps-custom-js.js Show response
assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/ 1 KB
871 B 50ms
41ms Script
application/x-javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/wps-custom-js.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fba77aa733c49e480958aa2de564f8fac93c88f092d3c8f288a2e1d33aa59014

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Feb 2023 17:54:25 GMT
server: cloudflare
etag: W/"21fb96e555a9803c998521ed721d0b5f"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
vary: Origin, Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 805ccc2ffe26b3c1-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 12 Sep 2024 02:00:37 GMT

GET
H2 200 wps-custom-css.css
assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/ 210 B
365 B 49ms
39ms Stylesheet
text/css 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/wps-custom-css.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7ad52f6852de9481a13b90a5fe61d694f8403bf3154547b8f0b07a44686973d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 17:02:09 GMT
server: cloudflare
etag: W/"02e4633b767f1fbff5c21b6ce2b99233"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 805ccc2ffe25b3c1-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 12 Sep 2024 02:00:37 GMT

GET 24_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/52e4c74d-0881-43f5-af81-585a952747d7/ Frame 032E 0
0

GET 21_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/b620e89e-207d-4f8c-bc4b-19e82be876b4/ Frame 032E 0
0

GET 6_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/d43bd69e-16ca-4916-b3d8-55f21b023f30/ Frame 032E 0
0

GET 12_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/895dfc21-e1c7-4cc6-967c-5f00fe5b0e40/ Frame 032E 0
0

GET 7_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/c86b8860-40e9-4212-ac1a-4f781a349241/ Frame 032E 0
0

GET 9_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/6fa49679-a7b2-4cbf-b01b-4df0152f1b13/ Frame 032E 0
0

GET 3_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/5029f984-da06-441e-90f2-328b8dd8bd99/ Frame 032E 0
0

GET 6_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/bdb3ebf1-3786-4f0d-860f-55633ed486f3/ Frame 032E 0
0

GET 5_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/fdd1c7bc-e954-46f0-8b33-2d7d50c23e19/ Frame 032E 0
0

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 032E 0
0

GET elements.ui.a549d09b26e367bbc8b9.js
cds.connatix.com/p/335382/ Frame 032E 0
0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dIndex%26api-tier%3d1%26uid%3d&gdpr=0
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3Dfbd6601a93824dc38f29106f5272d964%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0&s=190549&C=1
https://cks.connatix.com/cks?pid=17&ev=fbd6601a93824dc38f29106f5272d964&pname=Index&api-tier=1&uid=ZQEXxV.JcBacAlt0Lo9g1QAA%265583

139 B
158 B

42ms
42ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=17&ev=fbd6601a93824dc38f29106f5272d964&pname=Index&api-tier=1&uid=ZQEXxV.JcBacAlt0Lo9g1QAA%265583
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81e4764a0c6c5f5d0cf33b28e038b45fb5e94d9e175b3f04e590f8ae097cbc69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc31c9deb3c1-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 02:00:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mp%2BDBa8obbJlVe4pPn6CVoW5uUOZ2q9PFuDmsvWT%2Bogn7mBHRERfTzorPlBeobKbMjSJX1Lyzf5WhCOxhJuYfJb%2Fi%2FOaJfb1PhKylwBd53TC%2B5gwwsZ%2BjcxG9oVNFEiE8JvtlyRf"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cks.connatix.com/cks?pid=17&ev=fbd6601a93824dc38f29106f5272d964&pname=Index&api-tier=1&uid=ZQEXxV.JcBacAlt0Lo9g1QAA%265583
cache-control: no-cache
cf-ray: 805ccc3148cc02dc-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid}&gdpr=0
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Dfbd6601a93824dc38f29106f5272d964%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&g...
https://cks.connatix.com/cks?pid=15&ev=fbd6601a93824dc38f29106f5272d964&pname=Beeswax&api-tier=1&uid=AACJbE7KAjAAACTRlgZClw&gdpr=0

132 B
284 B

42ms
42ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=15&ev=fbd6601a93824dc38f29106f5272d964&pname=Beeswax&api-tier=1&uid=AACJbE7KAjAAACTRlgZClw&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a715a99667cd62b75d64a3d47c90c2885526fffb3592445ac1a8045a48ecd3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc320f58228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=15&ev=fbd6601a93824dc38f29106f5272d964&pname=Beeswax&api-tier=1&uid=AACJbE7KAjAAACTRlgZClw&gdpr=0
Date: Wed, 13 Sep 2023 02:00:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
https://cks.connatix.com/cks?pid=19&uid=60981cbc-e2d5-4f7e-a360-eec1f7138930&ttl=1697162437

146 B
160 B

44ms
43ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=19&uid=60981cbc-e2d5-4f7e-a360-eec1f7138930&ttl=1697162437
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3734d5ee688ec0a9e91967d8c6c5d8b41db8c8bc96a76c830b66ca87b8465170

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc31b9afb3c1-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 02:00:37 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cks.connatix.com/cks?pid=19&uid=60981cbc-e2d5-4f7e-a360-eec1f7138930&ttl=1697162437
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 213

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dAmobee%26api-tier%3d1%26uid%3D%23USER_ID%23&gdpr=0
https://cks.connatix.com/cks?pid=21&ev=fbd6601a93824dc38f29106f5272d964&pname=Amobee&api-tier=1&uid=8019409592230281175

129 B
151 B

62ms
52ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=21&ev=fbd6601a93824dc38f29106f5272d964&pname=Amobee&api-tier=1&uid=8019409592230281175
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 058be5ed39140f60ee84c4a70fb3501878c4cefed17b4ea8115d387ad07d8592

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc3158f2b3c1-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=21&ev=fbd6601a93824dc38f29106f5272d964&pname=Amobee&api-tier=1&uid=8019409592230281175
pragma: no-cache
date: Wed, 13 Sep 2023 02:00:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d25%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dTripleLift%26api-tier%3d1%26uid%3d%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3Dfbd6601a93824dc38f29106f5272d964%26pname%3DTripleLift%26api-tier%3D1%26uid%...
https://cks.connatix.com/cks?pid=25&ev=fbd6601a93824dc38f29106f5272d964&pname=TripleLift&api-tier=1&uid=4004742018095862659349

132 B
148 B

40ms
40ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=25&ev=fbd6601a93824dc38f29106f5272d964&pname=TripleLift&api-tier=1&uid=4004742018095862659349
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550645f8a5e7ea7aa8d246b52b0dc7a52ad0e5bc344502f36a76eb496d09cbea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc31a970b3c1-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=25&ev=fbd6601a93824dc38f29106f5272d964&pname=TripleLift&api-tier=1&uid=4004742018095862659349
date: Wed, 13 Sep 2023 02:00:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253dfbd6601a93824dc38f29106f5272d964%2526pname%253dAppNexus%2526api-tier%253d1%2526uid%...
https://cks.connatix.com/cks?pid=6&ev=fbd6601a93824dc38f29106f5272d964&pname=AppNexus&api-tier=1&uid=8858985392543405863&gdpr=0

128 B
240 B

41ms
40ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=6&ev=fbd6601a93824dc38f29106f5272d964&pname=AppNexus&api-tier=1&uid=8858985392543405863&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c92210a46595b46fcffd013d38068b9ec33c70a562304489127492fe2b22a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc321f77228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 02:00:37 GMT
an-x-request-uuid: ac38b3c2-6f52-4730-bc16-de4fb08c4e33
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cks.connatix.com/cks?pid=6&ev=fbd6601a93824dc38f29106f5272d964&pname=AppNexus&api-tier=1&uid=8858985392543405863&gdpr=0
x-proxy-origin: 38.132.118.70; 38.132.118.70; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 26AC 0
0

GET /
ssc-cms.33across.com/ps/ Frame F1A5 0
0

GET userSync.js
ads.pubmatic.com/AdServer/js/ Frame 032E 0
0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d13%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dPulsePoint%26api-tier%3d1%26uid%3d%...
https://cks.connatix.com/cks?pid=13&ev=fbd6601a93824dc38f29106f5272d964&pname=PulsePoint&api-tier=1&uid=ypaOTlT65v6a

122 B
237 B

38ms
38ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=13&ev=fbd6601a93824dc38f29106f5272d964&pname=PulsePoint&api-tier=1&uid=ypaOTlT65v6a
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e6105281e99ca5faed1e3e81464804ff8acbcc10e7eaf4891d6b8db9d3322a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc324fc0228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
location: https://cks.connatix.com/cks?pid=13&ev=fbd6601a93824dc38f29106f5272d964&pname=PulsePoint&api-tier=1&uid=ypaOTlT65v6a
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-cdb79dd64-9snr2
expires: -1

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dCrimtan%26api-tier%3d1%26uid%3d%5Buser_id%5D&gdpr=0
https://cks.connatix.com/cks?pid=28&ev=fbd6601a93824dc38f29106f5272d964&pname=Crimtan&api-tier=1&uid=5439903d593e4dcfa721847a511b0979

142 B
251 B

38ms
38ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=28&ev=fbd6601a93824dc38f29106f5272d964&pname=Crimtan&api-tier=1&uid=5439903d593e4dcfa721847a511b0979
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ddd4d4dac12abe5a8a4f97c38163f52efe95ce7b2d5121061cab3ec1ffb9167

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc326fe8228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 02:00:37 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cks.connatix.com/cks?pid=28&ev=fbd6601a93824dc38f29106f5272d964&pname=Crimtan&api-tier=1&uid=5439903d593e4dcfa721847a511b0979
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d18%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dLoopMe%26api-tier%3d1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
https://cks.connatix.com/cks?pid=18&ev=fbd6601a93824dc38f29106f5272d964&pname=LoopMe&api-tier=1&uid=47012459-485c-4809-997b-e8eeea09bb96&pubid=11186&gdpr=0

146 B
255 B

45ms
45ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=18&ev=fbd6601a93824dc38f29106f5272d964&pname=LoopMe&api-tier=1&uid=47012459-485c-4809-997b-e8eeea09bb96&pubid=11186&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9574e88bc02b8222fa95fb043d497fbdc043769c8d4e7c11dbf09fe72324f004

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc347b7d228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=18&ev=fbd6601a93824dc38f29106f5272d964&pname=LoopMe&api-tier=1&uid=47012459-485c-4809-997b-e8eeea09bb96&pubid=11186&gdpr=0
date: Wed, 13 Sep 2023 02:00:37 GMT
server: _
content-length: 0

GET
H2

200

1000.gif Show response
id.rlcdn.com/
Redirect Chain

https://id.rlcdn.com/712202.gif?cparams=fbd6601a93824dc38f29106f5272d964&gdpr=0
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCMWvhKgGEgUI6AcQAEIASiBmYmQ2NjAxYTkzODI0ZGMzOGYyOTEwNmY1MjcyZDk2NA

42 B
311 B

66ms
65ms

Script
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCMWvhKgGEgUI6AcQAEIASiBmYmQ2NjAxYTkzODI0ZGMzOGYyOTEwNmY1MjcyZDk2NA
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Wed, 13 Sep 2023 02:00:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCMWvhKgGEgUI6AcQAEIASiBmYmQ2NjAxYTkzODI0ZGMzOGYyOTEwNmY1MjcyZDk2NA
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId}&...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dCentro%26api-tier%3d1%26uid%3...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Dfbd6601...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Df...
https://cks.connatix.com/cks?pid=9&ev=fbd6601a93824dc38f29106f5272d964&pname=Centro&api-tier=1&uid=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&gdpr=0

159 B
263 B

39ms
38ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=9&ev=fbd6601a93824dc38f29106f5272d964&pname=Centro&api-tier=1&uid=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fed9f21094ee5e1140e65412ba30e8ac302a2e8ef6f0130c52c31d03c73902d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:38 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc368f7a228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 13 Sep 2023 02:00:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://cks.connatix.com/cks?pid=9&ev=fbd6601a93824dc38f29106f5272d964&pname=Centro&api-tier=1&uid=0f55ada4-38e6-4f9a-9597-f8acd5153d5d-650117c5-5553&gdpr=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d39%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dYieldMo%26api-tier%3d1%26uid%3D%24UID&gdpr=0
https://cks.connatix.com/cks?pid=39&ev=fbd6601a93824dc38f29106f5272d964&pname=YieldMo&api-tier=1&uid=3RZJdzzTTJz6v3p7Oaod&gdpr=0

130 B
245 B

37ms
37ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=39&ev=fbd6601a93824dc38f29106f5272d964&pname=YieldMo&api-tier=1&uid=3RZJdzzTTJz6v3p7Oaod&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a7cd2a87da7bc43df7f0a0393bbaebe689b05d19bb3a7ef8220d85a32c54f72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc335971228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 02:00:37 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cks.connatix.com/cks?pid=39&ev=fbd6601a93824dc38f29106f5272d964&pname=YieldMo&api-tier=1&uid=3RZJdzzTTJz6v3p7Oaod&gdpr=0
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://connatix-supply-partners.tremorhub.com/sync?UISCX=fbd6601a93824dc38f29106f5272d964&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dTel...
https://cks.connatix.com/cks?pid=5&ev=fbd6601a93824dc38f29106f5272d964&pname=Telaria&api-tier=1&uid=072b6fd453e74730aa3331dfb26096a6

141 B
250 B

37ms
37ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=5&ev=fbd6601a93824dc38f29106f5272d964&pname=Telaria&api-tier=1&uid=072b6fd453e74730aa3331dfb26096a6
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a35fd5f48480b801ed3b77e484362a37a3a4e7d3f285ed6663910237c4a957c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc32f8fa228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=5&ev=fbd6601a93824dc38f29106f5272d964&pname=Telaria&api-tier=1&uid=072b6fd453e74730aa3331dfb26096a6
date: Wed, 13 Sep 2023 02:00:37 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H3

200

us Show response
capi.connatix.com/core/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=454c9f1e29ba1fd40c75385a9c1a2d7&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0

0
231 B

89ms
88ms

Script
application/json

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=454c9f1e29ba1fd40c75385a9c1a2d7&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc33394f4c0f-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Wed, 13 Sep 2023 02:00:37 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=454c9f1e29ba1fd40c75385a9c1a2d7&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1694570437557097-322

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame 2354 0
0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/17331/ 39 KB
12 KB 157ms
52ms Script
text/javascript 18.160.46.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-100.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:15:11 GMT
content-encoding: gzip
via: 1.1 5443600a954c786f2e851cd6ea9e7e98.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 16:12:35 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 35127
etag: W/"24dc2bbea0cff17e96e133440043ddb8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: z_i1T7P8pH-HXNspCyjpgznwxmCvMB6Q2tGbfh9yiOrC9i5VDxmt6Q==

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=fbd6601a93824dc38f29106f5272d964&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d34%26ev%3dfbd6601a93824dc38f29106f5272d964...
https://cks.connatix.com/cks?pid=34&ev=fbd6601a93824dc38f29106f5272d964&pname=Colossus&api-tier=1&uid=dfa7fe22-184a-4102-b8e1-bbf809753209

146 B
254 B

38ms
38ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=34&ev=fbd6601a93824dc38f29106f5272d964&pname=Colossus&api-tier=1&uid=dfa7fe22-184a-4102-b8e1-bbf809753209
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea46729ab6052989263f6a6197bf14be4d6104b1467df59f79c6c67d0d7aac65

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc3379b7228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Wed, 13 Sep 2023 02:00:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: https://cks.connatix.com/cks?pid=34&ev=fbd6601a93824dc38f29106f5272d964&pname=Colossus&api-tier=1&uid=dfa7fe22-184a-4102-b8e1-bbf809753209
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0
https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0&_...
https://cks.connatix.com/cks?pid=1&ev=fbd6601a93824dc38f29106f5272d964&pname=SundaySky&api-tier=1&uid=d6.33127b8ae5bc46c4bbee3493ecb262f1

144 B
251 B

46ms
46ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=1&ev=fbd6601a93824dc38f29106f5272d964&pname=SundaySky&api-tier=1&uid=d6.33127b8ae5bc46c4bbee3493ecb262f1
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 052731a818d2de7a965ba93a18a061a5f20f6b6b94b6aa90354ebd9a10dd8dfa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc343af5228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=1&ev=fbd6601a93824dc38f29106f5272d964&pname=SundaySky&api-tier=1&uid=d6.33127b8ae5bc46c4bbee3493ecb262f1
date: Wed, 13 Sep 2023 02:00:37 GMT
x-content-type-options: nosniff
content-length: 0
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.resetdigital.co/csync?pid=connatix&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d35%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dResetDigital%26api-tier%3d1%26uid%3D%24USER_I...
https://cks.connatix.com/cks?pid=35&ev=fbd6601a93824dc38f29106f5272d964&pname=ResetDigital&api-tier=1&uid=0000010FCC86E433

126 B
240 B

37ms
37ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=35&ev=fbd6601a93824dc38f29106f5272d964&pname=ResetDigital&api-tier=1&uid=0000010FCC86E433
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa981c38a8cc92334978524e4e04d0e61b3a19febf3ac4f4885ac69634495cba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc33da38228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=35&ev=fbd6601a93824dc38f29106f5272d964&pname=ResetDigital&api-tier=1&uid=0000010FCC86E433
date: Wed, 13 Sep 2023 02:00:37 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
content-type: text/html

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d42%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dIqZone%26api-tier%3d1%26uid%3D%25USER_ID%25&gdpr=0
https://cks.connatix.com/cks?pid=42&ev=fbd6601a93824dc38f29106f5272d964&pname=IqZone&api-tier=1&uid=c59a9a66-ee5a-43d5-9e15-a7efccc4e47e

146 B
253 B

43ms
43ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=42&ev=fbd6601a93824dc38f29106f5272d964&pname=IqZone&api-tier=1&uid=c59a9a66-ee5a-43d5-9e15-a7efccc4e47e
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1712d556dc7cf7237e0432001711d8417a11486650264e787241f8cee0072ca6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc352cf3228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

Date: Wed, 13 Sep 2023 02:00:37 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://cks.connatix.com/cks?pid=42&ev=fbd6601a93824dc38f29106f5272d964&pname=IqZone&api-tier=1&uid=c59a9a66-ee5a-43d5-9e15-a7efccc4e47e
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d43%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dSonobi%26api-tier%3d1%26uid%3D%5BUID%5D&gdpr=0
https://cks.connatix.com/cks?pid=43&ev=fbd6601a93824dc38f29106f5272d964&pname=Sonobi&api-tier=1&uid=89aa8fc7-00cf-424e-addd-3ed2f784dbdb

146 B
254 B

38ms
38ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=43&ev=fbd6601a93824dc38f29106f5272d964&pname=Sonobi&api-tier=1&uid=89aa8fc7-00cf-424e-addd-3ed2f784dbdb
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea1e990340625b5e684915689c7c5ade821845334ff255c7c02fee825f4eb136

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc344b20228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 02:00:37 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-181
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cks.connatix.com/cks?pid=43&ev=fbd6601a93824dc38f29106f5272d964&pname=Sonobi&api-tier=1&uid=89aa8fc7-00cf-424e-addd-3ed2f784dbdb
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d29%26ev%3dfbd6601a93824dc38f2...
https://cks.connatix.com/cks?pid=29&ev=fbd6601a93824dc38f29106f5272d964&pname=Adelphic&api-tier=1&uid=f18be08b-110d-4f6a-9122-05c3fe603696

146 B
254 B

36ms
36ms

Script
application/javascript

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=29&ev=fbd6601a93824dc38f29106f5272d964&pname=Adelphic&api-tier=1&uid=f18be08b-110d-4f6a-9122-05c3fe603696
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc6f2e0ae8ab57dc47f6d6d302c1abab7c228e5e040fb508230713994f631b90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 805ccc34bc15228d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cks.connatix.com/cks?pid=29&ev=fbd6601a93824dc38f29106f5272d964&pname=Adelphic&api-tier=1&uid=f18be08b-110d-4f6a-9122-05c3fe603696
Date: Wed, 13 Sep 2023 02:00:37 GMT
Connection: keep-alive
X-CI-RTID: b410d1a0-b8f7-432f-ac77-64c91199e7e9
Content-Length: 177
Content-Type: text/html; charset=utf-8

GET cm
us-u.openx.net/w/1.0/ Frame 032E 0
0

GET cksync
cs.media.net/ Frame 032E 0
0

GET pixel
capi.connatix.com/us/google/ Frame 032E 0
0

GET ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 032E 0
0

GET b
sb.scorecardresearch.com/ Frame 3FF8 0
0

GET i
www.i.matheranalytics.com/ Frame EB43 0
0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 162ms
55ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230912-10-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 204164
expires: 60

GET
H2 200 json Show response
hp.taboola.com/mcclatchyinteractive-thenewsandobserver/trc/3/ 11 KB
6 KB 247ms
242ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://hp.taboola.com/mcclatchyinteractive-thenewsandobserver/trc/3/json?tim=16%3A00%3A37.219&lti=deflated&data=%7B%22id%22%3A261%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694563242483%2C%22vi%22%3A1694570437213%2C%22cv%22%3A%2220230912-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7239%2C%22nsid%22%3A%22mcclatchyinteractive-network%22%2C%22ad%22%3A%7B%22hp4uGetRegions%22%3Atrue%7D%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20Bigsix%20Bottom%22%2C%22orig_uip%22%3A%22HP%20Bigsix%20Bottom%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20Latest%22%2C%22orig_uip%22%3A%22HP%20Latest%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22ex%22%3A%5B%22%2Fnews%2Fpolitics-government%2Farticle279255609.html%22%2C%22%2Fnews%2Flocal%2Fcrime%2Farticle279255914.html%22%2C%22%2Fnews%2Fpolitics-government%2Farticle279252749.html%22%2C%22%2Fnews%2Fpolitics-government%2Farticle279255779.html%22%2C%22%2Fnews%2Fstate%2Fnorth-carolina%2Farticle279249294.html%22%2C%22%2Fnews%2Flocal%2Fcrime%2Farticle279255914.html%22%2C%22%2Fopinion%2Farticle279256989.html%22%2C%22%2Fsports%2Fcollege%2Facc%2Func%2Farticle279255759.html%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Bigsix%20Bottom%3Dorganic-hp-swap-mode%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%2C%2CHP%20Latest%3Dorganic-hp-swap-mode%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22trcDomain%22%3A%22hp.taboola.com%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230912-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: db6fcc37ce512e62139e33b95bbd5d63651b22529c72a9c062edb583a450960d

Request headers

Referer: https://www.newsobserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 213
date: Wed, 13 Sep 2023 02:00:37 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 2.0833333
x-fastly-to-nlb-rtt: 31483
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-mia-kmia1760070-MIA
x-log-content-encoding: gzip
server: nginx
x-timer: S1694570437.240597,VS0,VE213
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST /
pl.connatix.com/ Frame 032E 0
0

POST
H2 200 d2cf52cab96f5e023b1285489f2a0b585f1d79c3da Show response
scissorsstatement.com/create/42dc2ff016/ 280 B
793 B 152ms
55ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/create/42dc2ff016/d2cf52cab96f5e023b1285489f2a0b585f1d79c3da

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

152aa333c04a552f7e9f2bbb1b36656ad21e690ae1b3447589a448766f073033

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Wed, 13 Sep 2023 02:00:37 GMT
via: 1.1 google
x-buildnumber: 998028631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280
x-datacenter: gce-us-east1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
x-hostname: fen-hoothoot-us-east1-spot-s9bs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Wed, 13 Sep 2023 02:00:36 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 216ms
72ms XHR
application/javascript 3.162.1.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.1.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-1-135.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
date: Tue, 12 Sep 2023 22:53:11 GMT
x-amz-cf-pop: YUL62-P2
age: 11247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: t3BNsTV4mBkKUJqaBjHgNnzFsJ47XjUPzw8_TreFKjOFn-5PQ2KYtw==

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 111ms
111ms Fetch
application/json 52.13.143.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.143.161 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-143-161.us-west-2.compute.amazonaws.com

Software

Resource Hash

e9835a428e8a7b906910b1653e44fe129287204157a06f65394a937977218109

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 13 Sep 2023 02:00:37 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-650117c5-360417f7649ff0d21a3db9a8
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 107ms
107ms Preflight 52.13.143.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.143.161 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-143-161.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 13 Sep 2023 02:00:37 GMT
strict-transport-security: max-age=15768000

POST
H2 200 cb28e00903b5f1a35c76e30da8c22b47c549e Show response
scissorsstatement.com/834f8be0e463051/ 3 B
73 B 48ms
47ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/834f8be0e463051/cb28e00903b5f1a35c76e30da8c22b47c549e

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Wed, 13 Sep 2023 02:00:37 GMT
via: 1.1 google
x-buildnumber: 998028631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-us-east1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
x-hostname: fen-hoothoot-us-east1-spot-s9bs
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/mcclatchyinteractive-network/ 550 KB
64 KB 88ms
29ms Fetch
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/mcclatchyinteractive-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230912-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ee6ce5bf2833a73cde0f8192c886a10db2a7cda8e2715d30538242c98859cb2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: 3gQA5YaVJRVzBlZsPffSsKG_3D6TVjsU
content-encoding: gzip
via: 1.1 varnish
date: Wed, 13 Sep 2023 02:00:37 GMT
x-amz-request-id: ZJ0YCW9RJCD48MJ9
age: 6988
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 11
x-amz-replication-status: FAILED
content-length: 64955
x-amz-id-2: Ae8YO/4Z4xdfK5bnqXag2ohqmU51njSpa6+b85+62gLWqwFEghd4rn291YLV+StfJTPna58bQrM=
x-served-by: cache-mia-kmia1760084-MIA
last-modified: Tue, 12 Sep 2023 17:14:12 UTC
server: nginx
x-timer: S1694570438.548872,VS0,VE1
etag: "cc57f5dcfce6f1fcf9ea34588bee32c873cdd87e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 24
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 debug
trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/2/ 0
90 B 176ms
57ms Image
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/2/debug?tim=16%3A00%3A37.478&type=error&msg=Error%20in%20TRC.handleLoadResponse%20%3A%20%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27getElementsByTagName%27)&llvl=2&id=1575&cv=20230912-10-RELEASE&lt=deflated&pct=1
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 56745

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
619 B 183ms
73ms XHR
application/json 3.217.186.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.186.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-186-3.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a4167e35f2182164b908e86ad1b1a9785921ee0293e95d9df9b8d024583d5947

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 02:00:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache
x-server: 10.40.33.115
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 KB
1 KB 130ms
129ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4d1e7cc5165ae9d7faedcd6d24e3625cb0e7b832b9d81219382f2ff0b7dba8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjQiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTYiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IiIsImRldmljZV9pZCI6IjI2YWZkNWQ3LTE1NGEtNGQyOS05ODNiLWEzZmQ2NThiZDljMiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiTkFPIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzA0MSIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3Lm5ld3NvYnNlcnZlci5jb20vIiwiaGFzX2ZvY3VzIjoieWVzIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJOZXdzIGFuZCBPYnNlcnZlciIsInJlZmVycmluZ19ob3N0Ijoibm9fcmVmZXJyZXIiLCJzZGtfaW5pdF9zdGF0dXMiOiJzdG9yYWdlIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3Lm5ld3NvYnNlcnZlci5jb20iLCJ0YXhvbm9teSI6Il9Ib21lUGFnZXx8fHwiLCJ1cmwiOiJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tLyIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xODcgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3QzX2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImRhdGUiOiIyMDIzLTA5LTEyIn19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 02:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 1098
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570440.231760,VS0,VE101
x-amzn-trace-id: Root=1-650117c8-0c74d19b491e70570b3cd01b
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 111ms
111ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 1800
cache-control: no-store
date: Wed, 13 Sep 2023 02:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-650117c8-3b131567475fce8e6a1c0922
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1694570440.118616,VS0,VE82

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 111ms
110ms Fetch
application/json 52.13.143.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/lzoiyns-bo/newsobservercore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.143.161 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-143-161.us-west-2.compute.amazonaws.com

Software

Resource Hash

501a1070d860fadb3c97d2380361fb2fafb8b09047b7babac9ed442a32b2b274

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 13 Sep 2023 02:00:40 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-650117c8-0c437387000d37461a53d60f
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 109ms
109ms Preflight 52.13.143.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.143.161 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-143-161.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 13 Sep 2023 02:00:40 GMT
strict-transport-security: max-age=15768000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ins.connatix.com
URL: https://ins.connatix.com/89ae7356-5780-4dda-aaad-ed90453c924b/5/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/52e4c74d-0881-43f5-af81-585a952747d7/24/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/b620e89e-207d-4f8c-bc4b-19e82be876b4/21/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/d43bd69e-16ca-4916-b3d8-55f21b023f30/6/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/895dfc21-e1c7-4cc6-967c-5f00fe5b0e40/12/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/c86b8860-40e9-4212-ac1a-4f781a349241/7/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/bdb3ebf1-3786-4f0d-860f-55633ed486f3/6/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/fdd1c7bc-e954-46f0-8b33-2d7d50c23e19/5/insights.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/89ae7356-5780-4dda-aaad-ed90453c924b/5_media.bin

Domain: lit.connatix.com
URL: https://lit.connatix.com/08d7c5ed-194d-4552-8a9b-750201d79e22/blockedDomains_8.bin

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/ucl?v=335382

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/52e4c74d-0881-43f5-af81-585a952747d7/24_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/b620e89e-207d-4f8c-bc4b-19e82be876b4/21_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/d43bd69e-16ca-4916-b3d8-55f21b023f30/6_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/895dfc21-e1c7-4cc6-967c-5f00fe5b0e40/12_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/c86b8860-40e9-4212-ac1a-4f781a349241/7_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/6fa49679-a7b2-4cbf-b01b-4df0152f1b13/9_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/5029f984-da06-441e-90f2-328b8dd8bd99/3_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/bdb3ebf1-3786-4f0d-860f-55633ed486f3/6_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/fdd1c7bc-e954-46f0-8b33-2d7d50c23e19/5_media.bin

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: cds.connatix.com
URL: https://cds.connatix.com/p/335382/elements.ui.a549d09b26e367bbc8b9.js

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3dfbd6601a93824dc38f29106f5272d964%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dfbd6601a93824dc38f29106f5272d964%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3dfbd6601a93824dc38f29106f5272d964%26DemandPartnerName%3dOpenX%26tier%3d1%26DemandPartnerUserId%3d

Domain: cs.media.net
URL: https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d31%26UserId%3dfbd6601a93824dc38f29106f5272d964%26DemandPartnerName%3dMediaNet%26tier%3d1%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0

Domain: capi.connatix.com
URL: https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=fbd6601a93824dc38f29106f5272d964

Domain: sb.scorecardresearch.com
URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1694570437158&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c9=https%3A%2F%2Fwww.newsobserver.com%2F

Domain: www.i.matheranalytics.com
URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&hier=_HomePage&ptype=homepage&pubname=The%20News%20%26amp%3B%20Observer&sec=Homepage&tv=js-3.0.160&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=10&tvcfg=all&tid=4081cdc1-6451-443a-9433-8a7e68ee037a&pid=d8fdb921-c046-4751-bca3-1727773fba67&dtm=1694570437175&qnm=_matherq&visible=1&tabid=40a2c53d-69f5-42f9-ac0e-438c8f5b2f9b&refr=https%3A%2F%2Fwww.newsobserver.com%2F&url=https%3A%2F%2Fwww.newsobserver.com%2F&vrefr=https%3A%2F%2Fwww.newsobserver.com%2F&vp=0x0&ds=0x0&tofa=1694570437&vid=1&lvidt=1694570437&duid=254c1b6c-c0cb-4495-8944-c0aa97566502&fp=753463194&cid=ma12095&mrk=74930332&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5NDU3MDQzNDg0NyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMS4ybWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMTE2NyIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiI3NSIsImNvbm5TIjoiNzUiLCJjb25uRSI6IjI3OSIsInNzbFMiOiIxNDIiLCJyZXF1UyI6IjI3OSIsInJlc3BTIjoiNTczIiwicmVzcEUiOiI1OTMiLCJkb21Mb2FkIjoiNTc2IiwiZG9tSW50ZXIiOiIxMTYwIiwiZG9tTG9hZFMiOiIxNTQxIiwiZG9tTG9hZEUiOiIxNTgxIn19

Domain: pl.connatix.com
URL: https://pl.connatix.com/

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/mcclatchyinteractive-thenewsandobserver/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_6e2517097e64be80142134761a6b9c24_c5655b9e-1ace-4d3a-829d-d29ee22182f1-tuctbfa9d45_1694570437_1694570437_CIi3jgYQoNlWGN20k-KoMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGij7eXujsyB1C1wAQ
.connatix.com/	1970-01-20 15:26:02	Name: cnx_userId Value: fbd6601a93824dc38f29106f5272d964
.newsobserver.com/	1970-01-20 14:42:57	Name: ak_bmsc Value: C1C9478DBF00A75F6FDA65D7B60176CF~000000000000000000000000000000~YAAQDvzDF8D6VW2KAQAAlNlEjBVW+97TtBexjomFqXwPcaxlphhnrqDOooyncxG9BJRwPYqN5NKC4abcxha4h+/Tpy0xd5Cd0yovkth1dsUQRVEVkuCSN5t+7Wz4Wsvxxehbg6ml6DDUvohBv0i5N2zRxwM6l3r71HEMiGsI2TRr/7NCCb2+HeTMlmDJjHKOjmXOllHyQ4N9xn9775AtDVJ5TCP8ryapFVPzwD6fPhZScx2roVjewCs8f+6oGKQ+O9gTNR3yPkuaDIZZNrUOqy6QDvmUE2D2t4b9GQC/x9H5GjPsZy9GiF5y+Fs6bVdXsnQ/Tj9Fsp4oDhZUXYZF4qQ6a7vJ0gSvXj/imgxQCNImN0KA3k1+OaG6kiESODqGlPpUTFikXW8jy/50gBbTnY0Vyxsnqc1CkSmtW3kf7a6lvqJIjjUON6047rjtCSrKG2fp6ZbK+QcWto6NIydX38Q2NKeotODtOWjIy4PLbtgTUZJLUmkaUlGaiLTA8WUvoQeLbEYb
.scorecardresearch.com/	1970-01-21 00:18:50	Name: UID Value: 1ED85e05617a5e8c36127471694570437
.3lift.com/	1970-01-20 16:52:26	Name: tluid Value: 4004742018095862659349
.casalemedia.com/	1970-01-20 23:28:26	Name: CMID Value: ZQEXxV.JcBacAlt0Lo9g1QAA
.casalemedia.com/	1970-01-20 16:52:26	Name: CMPS Value: 5583
.casalemedia.com/	1970-01-20 16:52:26	Name: CMPRO Value: 5583
.turn.com/	1970-01-20 19:02:02	Name: uid Value: 8019409592230281175
.adsrvr.org/	1970-01-20 23:29:52	Name: TDID Value: 60981cbc-e2d5-4f7e-a360-eec1f7138930
.adnxs.com/	1970-01-20 16:52:26	Name: uuid2 Value: 8858985392543405863
.adsrvr.org/	1970-01-20 23:29:52	Name: TDCPM Value: CAEYBSABKAIyCwjAtOrG_oGaPBAFOAE.
.bidr.io/	1970-01-21 00:11:24	Name: bito Value: AACJbE7KAjAAACTRlgZClw
.bidr.io/	1970-01-21 00:11:24	Name: bitoIsSecure Value: ok
.newsobserver.com/	1970-01-21 00:11:38	Name: _awl Value: 2.1694570437.5-37215fe42552e441c8db69137e998789-6763652d75732d6561737431-0
.taboola.com/	1970-01-20 23:28:26	Name: t_gid Value: c5655b9e-1ace-4d3a-829d-d29ee22182f1-tuctbfa9d45
.taboola.com/	1970-01-20 23:28:26	Name: t_pt_gid Value: c5655b9e-1ace-4d3a-829d-d29ee22182f1-tuctbfa9d45
.contextweb.com/	1970-01-20 23:21:14	Name: V Value: ypaOTlT65v6a
.contextweb.com/	1970-01-20 23:28:26	Name: pb_rtb_ev Value: 3-1mtx\|7Xz.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: a8c6b1c49dde6ee3
.ctnsnet.com/	1970-01-20 23:28:26	Name: cid_5439903d593e4dcfa721847a511b0979 Value: 1
.rlcdn.com/	1970-01-20 23:28:26	Name: rlas3 Value: SYYWIEESPlwGIJ1AQoQ/hlgSI/5XgABM0MKBKfDOLOc=
.sitescout.com/	1970-01-20 23:28:26	Name: ssi Value: 0f55ada4-38e6-4f9a-9597-f8acd5153d5d#1694570437536
.rlcdn.com/	1970-01-20 16:09:14	Name: pxrc Value: CMWvhKgGEgUI6AcQAA==
.tremorhub.com/	1970-01-20 23:28:47	Name: tvid Value: 072b6fd453e74730aa3331dfb26096a6
.tremorhub.com/	1970-01-21 00:18:50	Name: tv_UISCX Value: fbd6601a93824dc38f29106f5272d964
.sitescout.com/	1970-01-20 15:26:02	Name: _ssuma Value: eyIzOSI6MTY5NDU3MDQzNzU5MCwiNyI6MTY5NDU3MDQzNzU5MH0
.yieldmo.com/	1970-01-20 23:28:26	Name: yieldmo_id Value: 3RZJdzzTTJz6v3p7Oaod%7C1694563200000%7C0
.colossusssp.com/	1970-01-20 23:28:26	Name: gtm_usr Value: dfa7fe22-184a-4102-b8e1-bbf809753209
.colossusssp.com/	1970-01-20 23:28:26	Name: lmg_r Value: 74
.sundaysky.com/	1970-01-21 00:18:50	Name: sskyu Value: d6.33127b8ae5bc46c4bbee3493ecb262f1
.sundaysky.com/	1970-01-21 00:18:50	Name: sskyCreationTime Value: 1694570437681
.resetdigital.co/	1970-01-20 16:52:26	Name: ckbk Value: 0000010FCC86E433
.sundaysky.com/	1970-01-20 14:52:55	Name: sskya Value: "e2N4Ont0czoiNDBuazkxIix0OiJuaSJ9fQ=="
.go.sonobi.com/	1970-01-20 15:26:02	Name: __uis Value: 89aa8fc7-00cf-424e-addd-3ed2f784dbdb
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85181\|ZQEXy
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.csync.loopme.me/	1970-01-20 16:53:52	Name: viewer_token Value: 47012459-485c-4809-997b-e8eeea09bb96
.crwdcntrl.net/	1970-01-20 21:11:38	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 21:11:38	Name: _cc_id Value: 9a91828dbbe8e902e2c22e3072859ecb
.ipredictive.com/	1970-01-20 23:28:26	Name: cu Value: f18be08b-110d-4f6a-9122-05c3fe603696\|1694570437836
.newsobserver.com/	1970-01-20 14:42:57	Name: bm_sv Value: 494D66F33AD396A4BDE947E8E9DCCACE~YAAQDvzDF8r6VW2KAQAAWd1EjBU9mXYAU7vXNj5VtjI9uDgK50nB7GxdiZK0IVuCCI9XJptn/3rMZb3nJCoCtxgQnyQA/d/R7Bil7J8ccFCIYew8LPPPbf0YMjUovi/17fTsn+08N4gbmmw7YwJJ92t+vpkhfFe9wJ3EjhztA1z05Sp4zRu5jiiFvP8mjXt1ux0s7qnWU8TNHq5Z5JqjTT1dkZUsJ7Cn9Pcd1pyOsOd42w2WY/YUgsfiU6COy9HWA3iCB4/1~1
.tapad.com/	1970-01-20 16:09:14	Name: TapAd_TS Value: 1694570438080
.tapad.com/	1970-01-20 16:09:14	Name: TapAd_DID Value: f21345c9-7ad7-4d5f-a6c5-c9c762ba0f64
.tapad.com/	1970-01-20 16:09:14	Name: TapAd_3WAY_SYNCS Value:

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.newsobserver.com/lzoiyns-bo/quarantine.cab02ea48999fadef3d1.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.newsobserver.com/lzoiyns-bo/quarantine.cab02ea48999fadef3d1.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.newsobserver.com/lzoiyns-bo/quarantine.cab02ea48999fadef3d1.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.newsobserver.com/lzoiyns-bo/quarantine.cab02ea48999fadef3d1.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: about:blank Message: Refused to execute script from 'https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCMWvhKgGEgUI6AcQAEIASiBmYmQ2NjAxYTkzODI0ZGMzOGYyOTEwNmY1MjcyZDk2NA' because its MIME type ('image/gif') is not executable.
network	error	URL: https://profile-api.amplitude.com/v1/userprofile?device_id=26afd5d7-154a-4d29-983b-a3fd658bd9c2&user_id=&comp_id=apflrqef Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
api.lab.amplitude.com
api.t3be3280.pw.adn.cloud
api2.amplitude.com
assets.bounceexchange.com
assets.connatix.com
bcp.crwdcntrl.net
bh.contextweb.com
c.amazon-adsystem.com
c2.taboola.com
capi.connatix.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.taboola.com
cds.connatix.com
cks.connatix.com
connatix-supply-partners.tremorhub.com
cs-server-s2s.yellowblue.io
cs.media.net
csync.loopme.me
eb2.3lift.com
flowerstreatment.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hp.taboola.com
htlbid.com
i.ctnsnet.com
id.rlcdn.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js.matheranalytics.com
launchpad-wrapper.privacymanager.io
lit.connatix.com
logging.pw.adn.cloud
match.adsrvr.org
match.prod.bidr.io
mcclatchy-next-apps-prod.s3.amazonaws.com
media.mcclatchy.com
nr-events.taboola.com
pixel-sync.sitescout.com
pixel.tapad.com
pl.connatix.com
profile-api.amplitude.com
s.ntv.io
sb.scorecardresearch.com
scissorsstatement.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssum.casalemedia.com
static.adsafeprotected.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.resetdigital.co
tag.wknd.ai
tags.crwdcntrl.net
tags.fullcontact.com
tags.pw.adn.cloud
trc-events.taboola.com
us-u.openx.net
vi.ml314.com
vid.connatix.com
vop.sundaysky.com
www.heraldsun.com
www.i.matheranalytics.com
www.mcclatchy-partners.com
www.mcclatchy-wires.com
www.newsobserver.com
www.sunherald.com
xsync.iqzone.com
ads.pubmatic.com
capi.connatix.com
cds.connatix.com
cs-server-s2s.yellowblue.io
cs.media.net
imasdk.googleapis.com
ins.connatix.com
lit.connatix.com
pl.connatix.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
ssc-cms.33across.com
sync.intentiq.com
us-u.openx.net
vid.connatix.com
www.i.matheranalytics.com
104.18.39.155
104.18.41.104
104.80.197.53
107.178.250.234
107.23.241.81
141.226.124.48
142.234.204.77
143.244.220.80
151.101.1.44
151.101.129.44
151.101.130.132
172.240.155.116
172.64.146.152
18.160.46.100
198.148.27.131
207.198.113.204
23.35.67.147
2600:1901:0:7416::1
2600:1901:0:d733::1
2600:1f18:612b:4232:333c:fbab:e531:2e93
2600:9000:25c8:2000:8:48e:53c0:93a1
2606:4700:4400::6812:2b5a
2606:4700::6812:161
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c1b::5f
2620:100:a001::c
2620:112:f002:bbbb::21
3.162.1.135
3.162.3.111
3.162.3.20
3.162.3.62
3.214.161.20
3.217.186.3
34.111.113.62
34.117.170.208
34.120.253.250
34.98.72.95
35.186.193.173
35.190.60.146
35.201.104.135
35.214.210.206
35.71.131.137
35.71.139.29
44.196.115.10
44.235.130.162
52.13.143.161
52.217.47.140
52.72.216.167
52.73.197.123
54.192.51.111
63.251.28.233
68.67.161.182
69.166.1.67
014061b31ebec9bea48be8a70e75b42ca0368a5fd5f62a5be06951903200d20b
01e3731629ec636a71800fe6c79dbc3d6c73dd915752c7178d38282d57caf6bb
02e1948e54c1b23b0d5e5a5ed4cdac9a923a50af0d6f0cc459201ec903ca76c1
03bf41bbb52555b5f05776fd40f8eab91d13ea0c9cd3d9e70cfb3ad105ba9d4e
052731a818d2de7a965ba93a18a061a5f20f6b6b94b6aa90354ebd9a10dd8dfa
058be5ed39140f60ee84c4a70fb3501878c4cefed17b4ea8115d387ad07d8592
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08c8c947a68522e11e22d26cfa17354fa98089668530f6215849ced631a6aac3
0a7cd2a87da7bc43df7f0a0393bbaebe689b05d19bb3a7ef8220d85a32c54f72
0c7d5b9e26f3ada8447c5885bd17b623b94bd8e35f569d81df161247ef011f1d
0ee6ce5bf2833a73cde0f8192c886a10db2a7cda8e2715d30538242c98859cb2
14889037c408344181eda4cdba85ffc30fdabf994d8f898031c4cb4cacecd212
152783f220baee042f0774a97e7c317c0faefc2f80e9fda83341bca78a689c0c
152aa333c04a552f7e9f2bbb1b36656ad21e690ae1b3447589a448766f073033
16b250f20ae18ca12ff67620fa17ada83e5c4afa5e9d06c9db7f24e511efe3e3
1712d556dc7cf7237e0432001711d8417a11486650264e787241f8cee0072ca6
18236715d0779de72c0f8ccf0c1b502545566e70fa28e0e2b5d82985f81d2c22
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a
18f41a5cdab97125db80a2b6fd5dd8da8fc63a42736d9867b769e5fe58a9931e
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1ced6aa5208cc9dd8322ce78616ce10397d14aeb825f2543e531c18eb657bab8
213f1fa30ed010641c5044a44f05bc33d66026e7e051cc7c02671b2208e264c8
2713c7f23a5c9ecc5665c7d755c559d9be4104bf57fb273c1019511ddedd3588
28a07ea9153aaa450bfa669a2fdac73af62cdbaf8ce6707818c83d3bffcbacd7
292ca9e09a900cde3c17a06720d49db893fc24582958ff8ebad02b22b1a5cbcb
2b3f9d64a9ff519c0dd00a9a4e95588ae836ded5824178b0c44823a9f9d8d9be
3081cd5942a29f59f16b662f9487cdb95dc4473722804097a0d697bd72fb1693
320cc8f350405c87e595be87ffc5cb7bf9e738036d96ea9a1f6e0698d5fc69c6
33c92210a46595b46fcffd013d38068b9ec33c70a562304489127492fe2b22a6
346e366ed993f6013a48840aee53c8239a54010ac70273aca0a2cf770d6c01d2
3734d5ee688ec0a9e91967d8c6c5d8b41db8c8bc96a76c830b66ca87b8465170
391c4569b3bb16802eb27c378b48b0aa7c96d0c0b97bb5eded74bc363a9efcb7
3f8ca4221d2df6bc8bbd875eab4309bd6c9bfcbd6e7ebac137bdc5c025b949ce
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
464933a549044b1d2671d61197b0658b68a527854533d8b7d1f3e439f63873dd
49137b00c9003671dffd4b69d550e8c35d2638f5af5dbec03b4f2b94793ddf1f
4bebeadc347808ade083c9eece87f0da0b0702d4aaf189a99de64e155578d18f
4d1e7cc5165ae9d7faedcd6d24e3625cb0e7b832b9d81219382f2ff0b7dba8cd
4d3c5fbcaa6c398ac7d6426cf7fd48bfa3ed6cce13e7910bbed354e3b9d4f5ac
4d498cdf5bd9f4e2d15966f91956778e7527b3cb94cd83c2d20a5bb14575da55
4f3d242b1c526da86024529eb741f4702ee746606c6de3c1e6a040854e86c45d
501a1070d860fadb3c97d2380361fb2fafb8b09047b7babac9ed442a32b2b274
52502970083718cbe7725a1ca09bdc9c0594618d7ce6927ded6cf5753a011570
528f2cb5b7c7429c34ca49f413aa9721b204a5e0cffe64018236da1e356b361c
53ecbe32d6f225e79cda0a314a25fdd613697756568cdf595e7d47f4c12ac523
550645f8a5e7ea7aa8d246b52b0dc7a52ad0e5bc344502f36a76eb496d09cbea
551af58c2ce33c58ebc151a61b8d1d28e54ab9ce177d4fac749f0ebc50054cb9
5775d2a2bfad29dddd9ea7038cf5e7db4888ff381110a363581209f2f373b8d1
578165ad54a40d4e65c3999a57d742be878f7379510eee029bf675b3bc12c58c
583365753b0cc7d65fa510a1d9bbe90bb50647ad28a11e45891f1e6d793dbcc0
5fb1acbc982f33c7b2a10c7622577ba16a8a26e882aa3603a4f2c29f6f2f5f54
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7
613d2e2e80767b7315bee58b28d390387a44ad24a19874f9f33f155a2d60da36
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
66d62af5626c85a26bdd2c2ae2a32fae8c454d84cf855a06acad313039727c42
681da56537fac9e5ea52bda5de83450abfae3c82b9d9d018ce94fb01a0b7b715
6a65d8c3e54d068804cc868837bc4547bbdb6c9bb599bdb8496981819ad5284a
6a7e6bc37827937d4b4be74bc26632f47788fb882fcc8f44f943350d0dbb3b31
6e2b2c75f27d47b9d67d099ed8c0517334e2dc625414b0c871a4e8307c2f9a20
7232602786be1eeb3cbe5a5f0a099570e7ea8e634c884fa7136c618a36bbf16f
74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d
78c86a8d5db341d6a521360e4f989179c44f770af05e5487a67f04e787fe8f53
798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903
7be49e3690cfa2a261991f1823f3dcbe0d2183cad3bc5027d20c6f51110b4469
7c2c3a4f9cd79de99d70eca8abb699e08a169c4c23626e5f4a2a85db49af5c12
807488431c413217a2a20b15368114b92c6f615287478aa275a7856fd9375738
807612c861cfc9bd98a10f3305db056fd5f374c8b466022f759cd967d512b7df
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81e4764a0c6c5f5d0cf33b28e038b45fb5e94d9e175b3f04e590f8ae097cbc69
87bfcdc6b3c61567aed26c9f0687c830cf5d948a81b5df9acf75163ecee402be
87f264a43620e415cabb527b8ec13a713093ddf8fa36549ff59c108ee22b70dd
89d1218352ea0e27b725a0d4fa061b6cba84e2fe10757a61104b89a13742b60b
8a35fd5f48480b801ed3b77e484362a37a3a4e7d3f285ed6663910237c4a957c
8ad027b5063a7e692442a0ac1728160f7e6f8a2723e844235ed73527a9efbf2b
8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200
8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7
8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e
8ddd4d4dac12abe5a8a4f97c38163f52efe95ce7b2d5121061cab3ec1ffb9167
909bdec0d3db231b370402df6af23f50885052384ccd6e76c7b04fe5912fadf9
915df1a53de893037707b3f9c207d88b6ddccd8cdc800ea661a9ac10474a29d7
9188db967991c50f7a0e26c9418eb8c27554edd094b7c90069233eb705112a4a
92b6f1add6ceef144d78255116b3d21755b15c5b8df9ac90d6e77049d4007d07
9574e88bc02b8222fa95fb043d497fbdc043769c8d4e7c11dbf09fe72324f004
987d5da0ab9202a9c0f62852a6939b618a0c3eb38db24e4d1afb947bbcd98bc7
9b05c41591be2fefb06c29bf60d230fbe8354f457656453d2e3b5c3767436000
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9e88120d1cbe765f3e5b9574f9e9890fc1fe7850d1946839c7b01c2146ee03cf
9fba21cadf406469bf9bf6a18ed755edbd245f48efaaeb8a19ff6dff655aefdb
a3a3e00036709562d5e7ea7797c964151379279911f6a70bc561e08885e56cf7
a4167e35f2182164b908e86ad1b1a9785921ee0293e95d9df9b8d024583d5947
a45b0063084f4c6c19682632693f8e391e70b286d4369a5d20d5727922c9e8e1
a715a99667cd62b75d64a3d47c90c2885526fffb3592445ac1a8045a48ecd3d0
a7e95916b45c93d4783bd2cc8a0df301eaf29eccb5ef12ef516c2406907753ed
a8273af8d7ee1c1e5bc6250c0c9f529f004c0a4542c825350426e2e8ff35d616
a916106a50a7f57a2900d7fb70be1ef27cfdab2ed019d10d576ab0157a47e70d
aa2389fa0c250fb820fc2bb6cad458757aca921f97f49246d818adb7c51f4017
aa7f189ab199f7068500bfe69e951ae456dfd1c7b50ec0c9c39a89ad477b8c6e
aa981c38a8cc92334978524e4e04d0e61b3a19febf3ac4f4885ac69634495cba
aaa537c9df835d91a7176efea18d495cdb8d08c280ddcb5fa2da5b81d30c95de
acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039
b1e6105281e99ca5faed1e3e81464804ff8acbcc10e7eaf4891d6b8db9d3322a
b39aac6e708b01212d5d90f030c9418ad131c46ea6f845e46c1652de5ad3fe86
b3fade7f40077dbf91f4dafb3cb005a98b14eb081e557321e7a567cb794b35c6
b53260bfc61c1ac5995b99b4995942d011f173577a62a07bc129b9ecc8ac2abd
b60a7e2f6833ae37444ac4b6f595585761f910b11db3369b1c0d49292300ceb8
bb10de70e793de78b5fc9ad6d645686e31d562283c03c8200c312fc90d34b2a4
bc90c76c1965cc26c661c970618c0976ceaa3e44664d5a5e20765b73d8fe491b
be8f6d28fd02e30f67684fd578ed40698cb60c9cec6920e67f1d2fb5aa814c21
bed1c436701aec68045c81db5ec9eb7b21f43a60e49846d807ffbfb126d5a694
c435c67947d6fe0729d399265a282c547864501c08ae0eed4324bf69af770266
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc6f2e0ae8ab57dc47f6d6d302c1abab7c228e5e040fb508230713994f631b90
d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a
d31896a4f28704aadce2969b1ed5aa2c81312561d9ca525249a6f48c1c15d3d9
d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83
d7ad52f6852de9481a13b90a5fe61d694f8403bf3154547b8f0b07a44686973d
d8a6cbd650026eebdf5bf37b431c2dae247b1c4fe585df49d7e5905de4925690
d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb
db6fcc37ce512e62139e33b95bbd5d63651b22529c72a9c062edb583a450960d
dd1cc949a306c2dcd64c3dad435255b90563a6bdd0ab2dd3921553ed5c30a734
ddbaa146f88a50d1c8338013a0fcd11917156612a4643c40550ff9cda5c3e72f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a71735be4f00fd7f2923968a4795a2be2540bb55688808e26eaf8c2509f129
e6282e4725d4ddff0bf3a61e2333e3652cde8272d7c25d3e9a419f3196071d1b
e9835a428e8a7b906910b1653e44fe129287204157a06f65394a937977218109
ea1e990340625b5e684915689c7c5ade821845334ff255c7c02fee825f4eb136
ea46729ab6052989263f6a6197bf14be4d6104b1467df59f79c6c67d0d7aac65
ed9afdf43a0056c59023d00bab1de18189dbe138e6bccf7ce470c4034f60aaf3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d3f50da2244d1978df8ba2409c74843d82ea00c3fef77797a0e38bd106b099
f382b6753e59000526b1314c7510dac6205bf5a7ccf463a1c119cc9fa09cd8d9
f8663c23fe8ab1965cc05d9ef0341eb9a5b64addff4f3c735c3c32084d906062
f9c549fc57357c93bbf758349c395e5df9068e1f626abd391db497063caf29ed
fa6c4c3cb178ef6b0773fb16810e64f29702b761079265c977f2f79afd4fb9d4
fb1c6f69f72b2dfa67e91c1013f05aebadfc84ea4daf05c2251f1c136bda7122
fba77aa733c49e480958aa2de564f8fac93c88f092d3c8f288a2e1d33aa59014
fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27
fe799b60c6735ced3514e40e5f290a390881a56d0594c393192faf49db8d6b19
fed9f21094ee5e1140e65412ba30e8ac302a2e8ef6f0130c52c31d03c73902d8

www.newsobserver.com Open in urlscan Pro 104.80.197.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

192 Requests

60 %HTTPS

20 %IPv6

58 Domains

79 Subdomains

34 IPs

3 Countries

4498 kBTransfer

10168 kBSize

45 Cookies

0 Outgoing links

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newsobserver.com Open in urlscan Pro
104.80.197.53 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

60 %
HTTPS

20 %
IPv6

58
Domains

79
Subdomains

34
IPs

3
Countries

4498 kB
Transfer

10168 kB
Size

45
Cookies

192 HTTP transactions
2 data transactions