observer-me.com Open in urlscan Pro
13.249.85.86 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://observer-me.com/
Submission: On April 17 via manual (April 17th 2023, 9:15:20 pm UTC) from US — Scanned from US

Summary HTTP 139 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 33 domains to perform 139 HTTP transactions. The main IP is 13.249.85.86, located in United States and belongs to AMAZON-02, US. The main domain is observer-me.com.

This is the only time observer-me.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	13.249.85.86 13.249.85.86	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
1	184.29.133.80 184.29.133.80	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:303... 2606:4700:3032::ac43:cb69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	52.216.56.185 52.216.56.185	16509 (AMAZON-02) (AMAZON-02)
2	199.232.36.157 199.232.36.157	54113 (FASTLY) (FASTLY)
1	2600:9000:21b... 2600:9000:21b8:5a00:e:3706:bd00:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1	52.4.121.231 52.4.121.231	14618 (AMAZON-AES) (AMAZON-AES)
1 4	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
1	2001:470:6e0a... 2001:470:6e0a::1b:243	6939 (HURRICANE) (HURRICANE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
12	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
2 4	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:210b:4c00:13:a391:88c0:21	16509 (AMAZON-02) (AMAZON-02)
3	18.164.124.67 18.164.124.67	16509 (AMAZON-02) (AMAZON-02)
1	23.54.68.197 23.54.68.197	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::ac40:99f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:220a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.166.1.15 69.166.1.15	27630 (AS-XFERNET) (AS-XFERNET)
2	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	199.127.204.162 199.127.204.162	26120 (RHYTHMONE) (RHYTHMONE)
1	51.222.39.187 51.222.39.187	16276 (OVH) (OVH)
1	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c002... 2602:803:c002:300::98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	147.28.129.37 147.28.129.37	54825 (PACKET) (PACKET)
1	63.251.114.182 63.251.114.182	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 2	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
139	40

14 13.249.85.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-85-86.ord52.r.cloudfront.net

observer-me.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.29.133.80 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-133-80.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)

analyticssystems.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.216.56.185 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

bdn-ss-po.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21b8:5a00:e:3706:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cc.cdn.civiccomputing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.121.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-121-231.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:804::2002 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:470:6e0a::1b:243 (United States)

ASN6939 (HURRICANE, US)

apikeys.civiccomputing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

26e643a429f686e3a720d396001c4c75.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eafc80e25c8420ae37ee435a25488828.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81d::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2004 (New York, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80c::2001 (New York, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:4c00:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3plfjw9uod7ab.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.124.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-67.jfk50.r.cloudfront.net

cdn1.opstag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2002 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:220a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

os4m-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.182 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.204.162 (United States)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.187 (Canada)

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:300::98 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.114.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8344:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com 26e643a429f686e3a720d396001c4c75.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138 eafc80e25c8420ae37ee435a25488828.safeframe.googlesyndication.com	271 KB
24	amazonaws.com bdn-ss-po.s3.amazonaws.com	464 KB
14	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 pubads.g.doubleclick.net — Cisco Umbrella Rank: 464	275 KB
14	observer-me.com observer-me.com	554 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	218 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	4 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	3 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2685	1 KB
4	googletagservices.com 1 redirects www.googletagservices.com — Cisco Umbrella Rank: 192	100 KB
3	opstag.com cdn1.opstag.com — Cisco Umbrella Rank: 32324	114 KB
3	gstatic.com fonts.gstatic.com	92 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 812 syndication.twitter.com — Cisco Umbrella Rank: 1117	131 KB
2	33across.com 1 redirects lexicon.33across.com — Cisco Umbrella Rank: 1349	575 B
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 227	2 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1358	93 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 510 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 498	62 KB
2	civiccomputing.com cc.cdn.civiccomputing.com — Cisco Umbrella Rank: 15635 apikeys.civiccomputing.com — Cisco Umbrella Rank: 15339	10 KB
2	analyticssystems.net analyticssystems.net — Cisco Umbrella Rank: 10740	864 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 443	1 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 623	524 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1024	861 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 478	834 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 527	566 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 778	362 B
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 2199	162 B
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1550	1 KB
1	openx.net os4m-d.openx.net — Cisco Umbrella Rank: 36204	591 B
1	cloudfront.net d3plfjw9uod7ab.cloudfront.net	20 KB
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1205	651 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3499	156 KB
1	fastly.net includemodal.global.ssl.fastly.net — Cisco Umbrella Rank: 66142	25 KB
0	adsrvr.org Failed match.adsrvr.org Failed
0	rlcdn.com Failed api.rlcdn.com Failed
139	33

	Domain	Requested by
24	bdn-ss-po.s3.amazonaws.com	observer-me.com
14	observer-me.com	observer-me.com
12	tpc.googlesyndication.com	includemodal.global.ssl.fastly.net observer-me.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
10	securepubads.g.doubleclick.net	includemodal.global.ssl.fastly.net www.googletagservices.com securepubads.g.doubleclick.net observer-me.com
8	fonts.googleapis.com	observer-me.com
4	www.google.com	2 redirects includemodal.global.ssl.fastly.net tpc.googlesyndication.com
4	www.googletagservices.com	1 redirects observer-me.com securepubads.g.doubleclick.net
3	cdn1.opstag.com	securepubads.g.doubleclick.net cdn1.opstag.com
3	fonts.gstatic.com	fonts.googleapis.com
2	mug.criteo.com
2	lexicon.33across.com	1 redirects
2	gum.criteo.com	1 redirects
2	ib.adnxs.com	cdn1.opstag.com
2	pubads.g.doubleclick.net	1 redirects observer-me.com
2	cdn.confiant-integrations.net	cdn1.opstag.com cdn.confiant-integrations.net
2	googleads.g.doubleclick.net	observer-me.com
2	adservice.google.com	includemodal.global.ssl.fastly.net securepubads.g.doubleclick.net
2	platform.twitter.com	observer-me.com includemodal.global.ssl.fastly.net
2	analyticssystems.net	observer-me.com
1	eafc80e25c8420ae37ee435a25488828.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	id5-sync.com	ads.pubmatic.com
1	ap.lijit.com	cdn1.opstag.com
1	prebid.a-mo.net	cdn1.opstag.com
1	fastlane.rubiconproject.com	cdn1.opstag.com
1	htlb.casalemedia.com	cdn1.opstag.com
1	onetag-sys.com	cdn1.opstag.com
1	tag.1rx.io	cdn1.opstag.com
1	hbopenbid.pubmatic.com	cdn1.opstag.com
1	apex.go.sonobi.com	cdn1.opstag.com
1	os4m-d.openx.net	cdn1.opstag.com
1	ads.pubmatic.com	observer-me.com
1	d3plfjw9uod7ab.cloudfront.net	securepubads.g.doubleclick.net
1	26e643a429f686e3a720d396001c4c75.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	syndication.twitter.com	platform.twitter.com
1	apikeys.civiccomputing.com	cc.cdn.civiccomputing.com
1	jadserve.postrelease.com	includemodal.global.ssl.fastly.net
1	cc.cdn.civiccomputing.com	observer-me.com
1	s.ntv.io	observer-me.com
1	includemodal.global.ssl.fastly.net	observer-me.com
0	match.adsrvr.org Failed	ads.pubmatic.com
0	api.rlcdn.com Failed	ads.pubmatic.com
139	43

This site contains links to these domains. Also see Links.

Domain
hellohomestead.com
obituaries.observer-me.com
classifieds.observer-me.com
www.mainenotices.com

Subject Issuer	Validity	Valid
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
platform.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-25`	10 months	crt.sh
apikeys.civiccomputing.com R3	`2023-02-19` - `2023-05-20`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.opstag.com Amazon RSA 2048 M02	`2023-02-28` - `2023-10-27`	8 months	crt.sh
*.confiant-integrations.net GTS CA 1P5	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.a-mo.net R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://observer-me.com/
Frame ID: 9F4B5D136FEAD43C634F6FF709B16798
Requests: 64 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fobserver-me.com
Frame ID: 3AD5AEE52315CD902DC5EFD0F30F0910
Requests: 2 HTTP requests in this frame

Frame: https://26e643a429f686e3a720d396001c4c75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CDBFA99D596B7A12F2FB454FF8F16930
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F326AF6B6474A29B274F65E07277B6D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FEC828D8ADD1C16CC4ED0F26FA739ACF
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: 72C39F6C56DC2F91C73D9727469A3E2C
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: 259BB6335A7341CC646DFB7F9EBCB9E4
Requests: 12 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/e3bf52b8-991a-41fe-9bb4-1acf24a22d27.js
Frame ID: 27EFCEF36F8A182A042C50D65999E384
Requests: 9 HTTP requests in this frame

Frame: https://cdn1.opstag.com/13546/prebid.js
Frame ID: 0EFAE815FBEE808289C17C1F288B75F5
Requests: 29 HTTP requests in this frame

Frame: https://eafc80e25c8420ae37ee435a25488828.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: B96F8433CCFF86D0B0ECE3F5EA633881
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 180345DA5841FCF9F62C5314E078AFA8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E4EFC0A31DFCE629A021CC821917442E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Piscataquis Observer

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

CIVIC (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cc\.cdn\.civiccomputing\.com

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

139
Requests

81 %
HTTPS

49 %
IPv6

33
Domains

43
Subdomains

40
IPs

4
Countries

2600 kB
Transfer

5680 kB
Size

26
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://hellohomestead.com/
Title: Hello Homestead

Search URL Search Domain Scan URL

URL: https://obituaries.observer-me.com/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://classifieds.observer-me.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://www.mainenotices.com/
Title: Public Notices

Search URL Search Domain Scan URL

URL: http://obituaries.observer-me.com/
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://classifieds.observer-me.com/
Title: Classifieds

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

http://www.googletagservices.com/tag/js/gpt.js HTTP 302
https://www.googletagservices.com/tag/js/gpt.js

Request Chain 95

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 96

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21682974628/Bangordailynews/bangordailynews-13546-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5510689438 HTTP 302
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21682974628/Bangordailynews/bangordailynews-13546-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5510689438&pre=1

Request Chain 124

https://lexicon.33across.com/v1/envelope?pid=0010b00001si6JdAAI&gdpr=0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0010b00001si6JdAAI&gdpr=0&b=1&g=WVi04RQf3B58KmBgtuB3lOh%2FkALJZSvlCUVOsmRmK5o%3D

Request Chain 125

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fobserver-me.com%2F&domain=observer-me.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=q5Hzv3wxSmlIbnRrUE5OUW1PZ3d1dUhNNWxybTVid3VMYVlhOXB1aFhyUWwxNTVDSFkxQS94UTBHcmFsVFlKZXlJVktXSk50cG1BYkJSNmNRN29CUnFGSk8vcjhjWXRDR2ZpQ1RXcGNqQ3RCRzJJaHpYQVZNR0JIbi8vZ2ozNVhnbWhKLzNQNzVNcVIweTlSdSszWmRCaHF2ZmV4U3lXd2R1Vk9sTTdleWpjMjlleHJ3a0NGczY2N1RBTVk4YXdyaFNQN3ZCUWVMeDJhOFlKRkN3akk4Y0dsbzU0RzdXdE9mdDZmUFJnQzVabmNuMVhxWEpXUlh6Slp1K2NJVVhDOXRIQTNpfA&cppv=2

139 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
observer-me.com/ 64 KB
65 KB 1302ms
1159ms Document
text/html 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 / PHP/5.6.40
Resource Hash: b52fb8d6e31262ca135e3f13f6bbd4cbe47e6adc73d4469d1ddbb47b88538d3e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 17 Apr 2023 21:15:13 GMT
Link: <http://observer-me.com/wp-json/>; rel="https://api.w.org/"
Server: nginx/1.18.0
Transfer-Encoding: chunked
Via: 1.1 9fdb94d31cea383ee9cfa1b9714dc610.cloudfront.net (CloudFront)
X-Amz-Cf-Id: -u7XYt8op2IIfJKeeuRUOD9g9pjzO6y5XJ419I5BKyAd4TQqAxlZjA==
X-Amz-Cf-Pop: ORD52-C1
X-Cache: Miss from cloudfront
X-Location-PHP: true
X-Powered-By: PHP/5.6.40

GET
H/1.1 200
OK sp.js Show response
includemodal.global.ssl.fastly.net/ 96 KB
25 KB 19ms
3ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://includemodal.global.ssl.fastly.net/sp.js
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a368dc7c7d015928ad937103b85f2e91240171531b3de1af6c61798e1246c8a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: ebiU.FmjAuZu3skIolCieO1syV4u9iF0
Content-Encoding: gzip
Via: 1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront), 1.1 varnish
Date: Mon, 17 Apr 2023 21:15:13 GMT
X-Amz-Cf-Pop: JFK50-P6
Age: 384
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Length: 25161
X-Served-By: cache-ewr18168-EWR
Last-Modified: Thu, 06 Apr 2023 19:58:57 GMT
Server: AmazonS3
X-Timer: S1681766114.885947,VS0,VE0
ETag: W/"fd2c13ab2bcce4a2b3c5a0f01cc86b37"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public
Accept-Ranges: bytes
X-Amz-Cf-Id: HMtd4-pJrGhbAfFUoVvtSxZODkcFBUTsvaxcYAOR5zodUphy4jpnaA==
X-Cache-Hits: 2

GET
H/1.1 200
OK style.min.css
observer-me.com/wp-includes/css/dist/block-library/ 29 KB
6 KB 342ms
225ms Stylesheet
text/css 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.2
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
Via: 1.1 a6df9d2a49d38e15439d97b097858240.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:45 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: W/"5ef37b05-726f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Miss from cloudfront
X-Config-Version: 0.0.2
Connection: keep-alive
X-Amz-Cf-Id: WQK7pzgEbw01OYEAokOMbEYVcjc_n6APXJ4sAPmbPvhzv2rtyRgPwA==

GET
H/1.1 200
OK email-css.css
observer-me.com/wp-content/plugins/wp-email/ 590 B
1 KB 296ms
179ms Stylesheet
text/css 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-content/plugins/wp-email/email-css.css?ver=2.67.5
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 0d935e9a0486996a88e5a9f1dffcc004989be37ae295a5093530f77ffca0d713

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Via: 1.1 3b3cb210495e4d1678591271d0921206.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:45 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: "5ef37b05-24e"
X-Cache: Miss from cloudfront
Content-Type: text/css
X-Config-Version: 0.0.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 590
X-Amz-Cf-Id: EWJ4xHuyJess2t957PW8DUX3ZWNdDUASBzrki6g2rTc4Yw_ULrjOwg==

GET
H/1.1 200
OK style-PO.css
observer-me.com/wp-content/themes/bpc-weekly/ 46 KB
10 KB 294ms
178ms Stylesheet
text/css 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 2822df76b60b986d449729846039a8ea05b32225117be4bca40477c2b33b535b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
Via: 1.1 8542aaf5305e0e6e067cca1e9561db6e.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:45 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: W/"5ef37b05-b7f6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Miss from cloudfront
X-Config-Version: 0.0.2
Connection: keep-alive
X-Amz-Cf-Id: W5nrCvGsZhjfgKkTFpYrP81C6R2RGLB7nk_8YOijSUqDBB_QzsfPfQ==

GET
H/1.1 200
OK font-awesome.css
observer-me.com/wp-content/themes/bpc-weekly/font-awesome/scss/ 34 KB
8 KB 310ms
194ms Stylesheet
text/css 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-content/themes/bpc-weekly/font-awesome/scss/font-awesome.css?ver=2016.07.22.01
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 03daf7cc54ecee16ceda5b6e209c8f62c719151aa1b336a28001d5947db0fbb6

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
Via: 1.1 16b6be5a931c8f1a8986fa25ce120864.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:45 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: W/"5ef37b05-8673"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Miss from cloudfront
X-Config-Version: 0.0.2
Connection: keep-alive
X-Amz-Cf-Id: GeVrQV_BsKkxxGvcm-fb7qNG9jiKGlWBA55mpyalrbHrzz14m7lu6A==

GET
H/1.1 200
OK jquery.js Show response
observer-me.com/wp-includes/js/jquery/ 95 KB
34 KB 309ms
192ms Script
application/javascript 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
Via: 1.1 3b3cb210495e4d1678591271d0921206.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:46 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: W/"5ef37b06-17a69"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Miss from cloudfront
X-Config-Version: 0.0.2
Connection: keep-alive
X-Amz-Cf-Id: VtGtLMt6rg7recrtgizgGl5_QxkYfwQq4NU_2Rh2HhRwvRTDHBOykg==

GET
H/1.1 200
OK jquery-migrate.min.js Show response
observer-me.com/wp-includes/js/jquery/ 10 KB
5 KB 326ms
181ms Script
application/javascript 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
Via: 1.1 9fdb94d31cea383ee9cfa1b9714dc610.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:46 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: W/"5ef37b06-2748"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Miss from cloudfront
X-Config-Version: 0.0.2
Connection: keep-alive
X-Amz-Cf-Id: q9yXCII-Hsmr_44r_B7EVqA7Aa58C8r4snSbrqcFa1rSk2ecMu5mvQ==

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 559 KB
156 KB 64ms
16ms Script
application/x-javascript 184.29.133.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js?ver=2
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.133.80 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b97bd40ed81da00659daeff4bc998c4e1c28e4d54b63c4f22caa982dafbc0458

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
x-amz-request-id: C2A63J1XKB9B4K8G
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: BvzlGQFtggWbWo//RWO/PuuV5SgschqXVdSXbqbeO+CVd6olDqgnGxPHlE3G5WuKlD7qTI0NXRc=
Last-Modified: Thu, 13 Apr 2023 16:39:39 GMT
Server: AmazonS3
ETag: "6ad67918ea443c2cc0d1967f130562d8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 202 e3bf52b8-991a-41fe-9bb4-1acf24a22d27
analyticssystems.net/api/v2/client/impression/ 0
542 B 112ms
80ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/client/impression/e3bf52b8-991a-41fe-9bb4-1acf24a22d27?rand=616849
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UF6%2BQ6I7aM%2BpgXbdys5iZ1WKyUeksaqrdpB9SybTMSKn4lbwNSKONDk16PDlerckT7RYgYFpE2GUQz2TjSu33g76U1D%2Bm1ZNykpsX7WDwUSKbFkecFRSV66O38lc11EpYjrYigLun9Ix4kVIgmmnyKWwiA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b97aea6bd084285-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: F1bVXuNlTOM9zwMDkVMC

GET
H/1.1 200
OK GuilfordGradution060420-C-LCO-640x400.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 75 KB
75 KB 97ms
28ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/GuilfordGradution060420-C-LCO-640x400.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7448717677870520f378a821327774b08368dca7dac413a73d89bda49399c4f1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Mon, 17 Apr 2023 12:28:58 GMT
Server: AmazonS3
x-amz-request-id: D967SYQK37M5VKRY
ETag: "6e66b8a2bc801098064a6a88755ce190"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 76355
x-amz-id-2: UhECWmo5e+ds5NqlH9aAXst7NyhqVi3Pp3dIX7FkkL+07Q+GkgEZ73VawWGPLMzogI23Asy/Wkw=

GET
H/1.1 200
OK 340922734_599753885402070_6588683119791696474_n-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 5 KB
5 KB 92ms
23ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/340922734_599753885402070_6588683119791696474_n-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bd04ead36af44e993ecd77cb0cbcfa61ed402614a0826887e0223113ead7e230

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Mon, 17 Apr 2023 17:44:00 GMT
Server: AmazonS3
x-amz-request-id: D961Y2EPQ7M7K7WN
ETag: "186e227f910338b79bc50fb238f3d661"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4910
x-amz-id-2: LL0TaEbN2Hg1suHy/RTq5o6PiAahZG+1j1b7X7z4O896drT/nJY05RB0diYm4fHLVJQjwkTQpAc=

GET
H/1.1 200
OK 041914potshow_-004-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2022/05/ 10 KB
11 KB 117ms
73ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2022/05/041914potshow_-004-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3a8b7fd9fe106225100967c56092eccefff1f7ce0c5357fa2055064f262d443e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Wed, 25 May 2022 13:46:01 GMT
Server: AmazonS3
x-amz-request-id: D9618KZC8QVPHGMN
ETag: "c8925f0199c47bef5ccaf50e6502d4f3"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 10533
x-amz-id-2: epHQjh7g3U8ysx8MoxdQ3z/sykpRoUdL1GtdgIKi9ByDcIxyMDhNJQ3OKWSfQvSlV29qMoSxFYg=

GET
H/1.1 200
OK logo-skowhegan-2021-100x100.png
bdn-ss-po.s3.amazonaws.com/uploads/2022/11/ 5 KB
5 KB 55ms
53ms Image
image/png 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2022/11/logo-skowhegan-2021-100x100.png
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3d3f0f04b0c234eb052753f53167ed01dd68248144491615b450132fbffad437

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Fri, 18 Nov 2022 19:08:26 GMT
Server: AmazonS3
x-amz-request-id: D963XAQAH2AZ5ZBN
ETag: "30f349ae555d7914b4a89f614b3ac9a3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4741
x-amz-id-2: vOEt1l9HV7emALjcmuw/M683h/NrdJfIM03OlxQ49l6fnj618iykWnQ81VqYTrzqflGwkUZgHBI=

GET
H/1.1 200
OK Dover-Foxcroft-downtown-091622-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/03/ 19 KB
20 KB 20ms
19ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/03/Dover-Foxcroft-downtown-091622-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7390654aa4ae602646d808e3530f0bd71a8b6dc1fb5204ad9bb476b2d6d8c00f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Tue, 28 Mar 2023 11:47:06 GMT
Server: AmazonS3
x-amz-request-id: D961JHP65H286Q6G
ETag: "435c9a9da04332d50cc4c813291145af"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 19804
x-amz-id-2: WP2+kEV/wmlS+vhxpo1LaQwkN1mtpbhvPJI2ysQJP54E6u71bV+EGN91ElzsZZmfRA0ePb0ZFz8=

GET
H/1.1 200
OK Moosehead-Lake-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2017/04/ 3 KB
4 KB 22ms
22ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2017/04/Moosehead-Lake-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 875ccaad237645a24dae9f6aeb45e2ba7bc401f005e36229cfb8b2da66cde622

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Thu, 25 Jun 2020 14:14:14 GMT
Server: AmazonS3
x-amz-request-id: D96FJ5TQBW7JHGC9
ETag: "128c5a0a150765d06f9dc53e083c2237"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 3466
x-amz-id-2: 6k8laEUAy1apE3FhxlH9dXHK6O0N1uYy71i3pfFoa4rJJXUhYOekkV8EPrcTFhpNM/fs5TnAY9c=

GET
H/1.1 200
OK Freight-train-engines-cars-derail-and-catch-fire-in-Maine-041523-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 4 KB
5 KB 82ms
82ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/Freight-train-engines-cars-derail-and-catch-fire-in-Maine-041523-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a7e5bf09db3c2bc61f6ad1876a80bfae77cc34fcc869cc3f5aa3d96a62dea5df

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Sun, 16 Apr 2023 15:20:04 GMT
Server: AmazonS3
x-amz-request-id: D96D4K6TD8XY8WDN
ETag: "24d96ea2bbf18021a7d2d6a087fb5c99"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4404
x-amz-id-2: T329QuTFKhttt1GdxY2UQb4QD2DomK/bo3G83qTxgdAbK4X624GPDSYcO4QRl/pd9wXdpJyrjlE=

GET
H/1.1 200
OK 20230415122602_029A1479-640x400.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 76 KB
76 KB 41ms
40ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/20230415122602_029A1479-640x400.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aeacc2c38257716d505be03662970a12a6525c497e559801f9779967d49dd71d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Mon, 17 Apr 2023 16:11:47 GMT
Server: AmazonS3
x-amz-request-id: D9653VB7QP3M4DH2
ETag: "184fc55b7d5e1a8ebdfa276680cae843"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 77904
x-amz-id-2: FWRvpUZx4JlpMlcYcH7li92Vvp1X3Qwct22Pd12DjVLqzc9SQuUFIx3iMITx/8R864U3TYCF9DM=

GET
H/1.1 200
OK download-100x100.png
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 12 KB
13 KB 26ms
26ms Image
image/png 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/download-100x100.png
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 92498c7b329f9d4e3f91b2964b40ae87e1b1ef23a7541a4d222749b5dd3b8dce

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Mon, 17 Apr 2023 14:03:31 GMT
Server: AmazonS3
x-amz-request-id: D965WRGXQ2CQK5MC
ETag: "e273d5007d80045cdb4173bcab5612e8"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12746
x-amz-id-2: XOUeUToiKQ8E+ZEGr1A39n8T+j67/J6SCtM/Tkg0nay4MlaW7PG8/CinhMIbmzGaIak9ZTZCaGk=

GET
H/1.1 200
OK PO-spchampeonmug-31-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 10 KB
11 KB 26ms
26ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/PO-spchampeonmug-31-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2a8eb5d54638dc4245711d29e9d0107ad9e287c61b11567d21a8302b4051181c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Sat, 15 Apr 2023 16:50:04 GMT
Server: AmazonS3
x-amz-request-id: D967W9P6BMK2JAFP
ETag: "93c84d80b82665ce474cc0b88d7a28b5"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 10689
x-amz-id-2: HSvqfCk0+EoIw+kmTrcmR0sS1GuHz0tkWP633W17NAqj7meDYxcuApmAgzH8zkW56nTImUKPyqc=

GET
H/1.1 200
OK Letters-to-the-Editor-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2018/05/ 26 KB
26 KB 41ms
41ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2018/05/Letters-to-the-Editor-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d4d2e516b0058e0ed107e1c047df8a50ff198d8415d4a26cc317fd8ff7ce8503

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Thu, 25 Jun 2020 14:25:48 GMT
Server: AmazonS3
x-amz-request-id: D96992W6R2K9QXM3
ETag: "3a8590f48aca276422bde4579cc6f98d"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 26300
x-amz-id-2: R5LWlTkzWMGR1SHiPnFdXKlJRjHh02eL6Y/0NVBUe/Evs+Nxb3Z/sueluXvv/K2sCqW1znsvPW8=

GET
H/1.1 200
OK Matthew-Gagnon-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2017/04/ 2 KB
3 KB 22ms
21ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2017/04/Matthew-Gagnon-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9ca9bf531740b90bb48f59bc15081161c39171f6ab5fa5ffcece594b69727a79

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Thu, 25 Jun 2020 14:14:13 GMT
Server: AmazonS3
x-amz-request-id: D96EBKJAVKKXSTM3
ETag: "669ce8e6c97f5e7f3da88956006747bd"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 2409
x-amz-id-2: A2OAVs8AyfvQs0OoGrC7Q88yMdG3PUzSfIxHlziW4DBTDOgViDwQx0TVw6GWWvaZlXAxBKdnKWg=

GET
H/1.1 200
OK logo-1-100x60.png
bdn-ss-po.s3.amazonaws.com/uploads/2019/08/ 2 KB
3 KB 21ms
20ms Image
image/png 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2019/08/logo-1-100x60.png
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00bebef230814ffdfb69ec7996547cf3bfe0043e174bf7f0ce99200b0665d407

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Thu, 25 Jun 2020 14:50:32 GMT
Server: AmazonS3
x-amz-request-id: D96FXJQSS5CKV4D4
ETag: "26fcecbd0882320ab75de24fc5951c7d"
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 2349
x-amz-id-2: ZOII5mnvgJuxrj2VDzs9F7c0bBiecXdg3vhHMqcRJJywlly6VCTrDarh1wM9sorcTZXlIyw0kZk=

GET
H/1.1 200
OK 3F82DD47-2E7E-47A1-A6A3-79421FF84F3F-copy-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 20 KB
20 KB 20ms
19ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/3F82DD47-2E7E-47A1-A6A3-79421FF84F3F-copy-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fefe133a62e774497a56c108969ae348c963be9aa2a3c210287bbe6b1b704ee4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Wed, 12 Apr 2023 13:04:50 GMT
Server: AmazonS3
x-amz-request-id: D9642N2Y6WVPHQXK
ETag: "eff3659cdc89fa3e3a8fcd47c3e4d014"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 20171
x-amz-id-2: 2Jy1sjUJ1GwZKaxP440vGIPlkRz/tdHi9LtSttVE+KO95VW/hr9z9lIR/61jCOh0dNutuvBrBmI=

GET
H/1.1 200
OK VPAULR-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2017/08/ 16 KB
17 KB 19ms
19ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2017/08/VPAULR-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 578b4f3a12e143450841a6c5782709dfd9db25c5ee3a63cce6aa48ba894caad1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Thu, 25 Jun 2020 14:15:42 GMT
Server: AmazonS3
x-amz-request-id: D960TGDQVAN7W3CT
ETag: "7b24c3c5335903b8f928ef3642ad3960"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 16818
x-amz-id-2: qMJ/wKL0z8tH1mJAb69Xkk0ajco2mmmeTNrGxOZ2ofia9XimCrRs2yEAUHLOH7KY//nmAhJiUoI=

GET
H/1.1 200
OK CHC-sign-2-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2021/03/ 29 KB
29 KB 37ms
37ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2021/03/CHC-sign-2-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1e82763ae66b9488d9095afecef7132031ecdefcb4b5b948c3f6a033e7996fa9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Wed, 10 Mar 2021 16:53:45 GMT
Server: AmazonS3
x-amz-request-id: D96EJC36BA0F32CZ
ETag: "623ada01e364f2be112f31156379819c"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 29757
x-amz-id-2: tmZ354FlvGscGmJIJ1afBLjUhf3rxqnjB0i5T80iWH4AetW3osBcTGOdmc3hoFTXBLf0NOIKgbU=

GET
H/1.1 200
OK unnamed-2-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 5 KB
6 KB 36ms
35ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/unnamed-2-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3b561bd82142c0bf312090bb205bf338766c4fdc9ddc075d0e355405a10e6d81

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Sun, 16 Apr 2023 13:31:40 GMT
Server: AmazonS3
x-amz-request-id: D9648J712M086WGH
ETag: "acbab42648e48e8659b69829805d8507"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 5560
x-amz-id-2: 55XKqTScaIOHvnQx43dzr0d+30yre0otfUdkyye8qub3AYRk9UuKtajZiMd3VHd4y7A6osSLZnY=

GET
H/1.1 200
OK 1rUR8AML_400x400-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 3 KB
3 KB 19ms
18ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/1rUR8AML_400x400-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 11b1cc60c35bbdbcc27e3c63af9d94ea2506edfd702a637456f63b59115efca7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Sun, 16 Apr 2023 13:09:57 GMT
Server: AmazonS3
x-amz-request-id: D967JN7QT0DT51GH
ETag: "cf37856874cc8523b29b3420aa31d8d5"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2574
x-amz-id-2: QnhyA9150hI6PkVlgklTauSA3+7sEukeijrhhe/hgrRikyBgx4IfM+6nAx95zLyElpkpsD49Fms=

GET
H/1.1 200
OK 20200824_153201-1-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 8 KB
8 KB 52ms
50ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/20200824_153201-1-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f1a7af225a0104126d79e7a2bf1d4c1d972f0f94537bf07e410dc637c6ad96e3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Sat, 15 Apr 2023 15:34:58 GMT
Server: AmazonS3
x-amz-request-id: D963YV89JE38TRET
ETag: "0cb935c9d9b758efed9aed9201bb383f"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8105
x-amz-id-2: T+KCPFgPHyS+FU0tqL0S6rQR9Lax/r49jlklo9XDbEFjwrHcti14UBMctRkFLtWG25tA5drgRnE=

GET
H/1.1 200
OK PO-RSU68building-13-21-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 31 KB
32 KB 19ms
19ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/PO-RSU68building-13-21-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f5bb8c06bdb93beeb4646dc66a1eb8f51e20c360d0d7c65c4d2000b82f93e17e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Fri, 14 Apr 2023 13:07:07 GMT
Server: AmazonS3
x-amz-request-id: D96DMVJA7K2ZC0QC
ETag: "b3e6b6aaa0886b57f4252ad337797c6a"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 32049
x-amz-id-2: uqs/NqmgzDn/MTLRXoNpgS+hBJNpvE/mZDF1EA/p62TtLJu7xeJK4UVL8Z0Ef6Gzk/prsze6gEM=

GET
H/1.1 200
OK Statehouse-100x100.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2017/04/ 44 KB
44 KB 38ms
38ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2017/04/Statehouse-100x100.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 55ff4f8dd7227e424d5b93e51f93a25ed4bff79ada8229b5d42269cd3599eb26

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Thu, 25 Jun 2020 14:14:25 GMT
Server: AmazonS3
x-amz-request-id: D96CKEETN6PAV68Y
ETag: "f2db663377460649b6527cf9b674f118"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 44827
x-amz-id-2: noAV4yt1KktCeo8+4c7QzmHImLhTiG/x5f+D65D54qZlXcHIdxqBuXKwYTVMlxIk6KFqdNyr+xE=

GET
H/1.1 200
OK Freight-train-engines-cars-derail-and-catch-fire-in-Maine-041523-40x40.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 968 B
1 KB 45ms
26ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/Freight-train-engines-cars-derail-and-catch-fire-in-Maine-041523-40x40.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c82c220865f837b572b2c89473cef4cd9fb4d82d4d5878b396b4cebf0be8430c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Sun, 16 Apr 2023 15:20:04 GMT
Server: AmazonS3
x-amz-request-id: D966XWGH37D14A6F
ETag: "b32525c16f007623b3bbcb91001a852b"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 968
x-amz-id-2: O/4jQteySqpno6/MeYiMKfdxdstvf+M7CpXJmfH0NTkIQr7FPMpS96xETGh8l1rf171V2wLigJU=

GET
H/1.1 200
OK Dover-Foxcroft-Municipal-Building-030122-40x40.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2022/03/ 17 KB
17 KB 44ms
25ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2022/03/Dover-Foxcroft-Municipal-Building-030122-40x40.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0dbef0a3a4867d1fdab18409d057d8d7a32bb5fff86e85a57f4642ab332ad156

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Wed, 02 Mar 2022 02:49:40 GMT
Server: AmazonS3
x-amz-request-id: D964B49YA1SREKZV
ETag: "6a88944ef0e33d07655a57f073387b4c"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 17321
x-amz-id-2: 8AqUY98VvMVjgEMbpzLTnh7+5PHakVYT+tDChnNOj450nCQmQh8AGPafeegGjyKOjK8JaV7rBNE=

GET
H/1.1 200
OK PO-greenvillefire-15-23-40x40.jpg
bdn-ss-po.s3.amazonaws.com/uploads/2023/04/ 30 KB
30 KB 47ms
27ms Image
image/jpeg 52.216.56.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-ss-po.s3.amazonaws.com/uploads/2023/04/PO-greenvillefire-15-23-40x40.jpg
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.56.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 79bd5b1a75846283399327d0d33011411c4cac24bc8ec39777c7bb1edae8b5fd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:15 GMT
Last-Modified: Tue, 11 Apr 2023 12:55:53 GMT
Server: AmazonS3
x-amz-request-id: D96BHB38SPDSXXKA
ETag: "3829b790f2cd9f16494662dbb2541aa8"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 30566
x-amz-id-2: qX8DfgeaszWGt9lO6V7BWgtyK2cbZ0VYdVB7C6oXKINFWLW8/QYJpY8nUnLGqyiwAYYLUYJUy1A=

GET
H/1.1 200
OK email-js.js Show response
observer-me.com/wp-content/plugins/wp-email/ 4 KB
2 KB 151ms
150ms Script
application/javascript 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-content/plugins/wp-email/email-js.js?ver=2.67.5
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: c124fab0de2117b1a58241d3d7bac1b88b7558dc8cde9f16e381cfc2d41f500c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
Via: 1.1 3b3cb210495e4d1678591271d0921206.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:45 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: W/"5ef37b05-118e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Miss from cloudfront
X-Config-Version: 0.0.2
Connection: keep-alive
X-Amz-Cf-Id: Ex-hGMxkLj6_Ko4suRL8o26Z38PahV3EBSCncBBQPwTqLJjaxpFnkQ==

GET
H/1.1 200
OK site.js Show response
observer-me.com/wp-content/themes/bpc-weekly/static/ 5 KB
2 KB 173ms
173ms Script
application/javascript 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-content/themes/bpc-weekly/static/site.js?ver=1
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: e1b5168a3bb31b7ebf8fbc084f4356a3379aafe72bfd901ec78346e30247944e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
Via: 1.1 a6df9d2a49d38e15439d97b097858240.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:45 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: W/"5ef37b05-14c4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Miss from cloudfront
X-Config-Version: 0.0.2
Connection: keep-alive
X-Amz-Cf-Id: Q92zl-0Th8Vomw8Q8p7SM3invkogE3c2X_JfJrUNXrpfJ7PIK5-1kQ==

GET
H/1.1 200
OK bpc-ads.js Show response
observer-me.com/wp-content/themes/bpc-weekly/static/ 1 KB
2 KB 173ms
172ms Script
application/javascript 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-content/themes/bpc-weekly/static/bpc-ads.js?ver=1
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 5feec8da6dd320ef0e426c108d51cec5c4001195f6b94c15c4a6f32ef6a9f999

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
Via: 1.1 8542aaf5305e0e6e067cca1e9561db6e.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:45 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: W/"5ef37b05-58a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Miss from cloudfront
X-Config-Version: 0.0.2
Connection: keep-alive
X-Amz-Cf-Id: qezA0FUZCZzgnGdJbH3OgUA5VLE6W_6v1CBkIeSdQxcTGktgpN6E6Q==

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 24ms
4ms Script
application/javascript 199.232.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?ver=1
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 27630
x-served-by: cache-iad-kjyo7100035-IAD, cache-lga21932-LGA
last-modified: Tue, 24 Jan 2023 21:41:51 GMT
etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H/1.1 200
OK cookieControl-8.0.min.js Show response
cc.cdn.civiccomputing.com/8.0/ 27 KB
9 KB 75ms
23ms Script
application/javascript 2600:9000:21b8:5a00:e:3706:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://cc.cdn.civiccomputing.com/8.0/cookieControl-8.0.min.js?ver=5.2.2

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

HTTP/1.1

Server

2600:9000:21b8:5a00:e:3706:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f7747f6b3c907bcdf5bb5d567461e79a9b68c03587d0b11400deb85c8526916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:06:16 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
Via: 1.1 0555c213d7226d51e12d73c5d4a443e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ORD52-C1
Age: 567
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8519
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 May 2018 08:59:22 GMT
Server: Apache
ETag: "6c9f-56d4055777fce-gzip"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=604800
Vary: Accept-Encoding
Accept-Ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
X-Amz-Cf-Id: 1Xc_1fj0pO_h7arHpmwt0yIoqGJgAJj0kQb93Lvd26zWP75TOc5uBg==
Expires: Mon, 24 Apr 2023 21:05:47 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
observer-me.com/wp-includes/js/ 1 KB
2 KB 179ms
175ms Script
application/javascript 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-includes/js/wp-embed.min.js?ver=5.2.2
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Content-Encoding: gzip
Via: 1.1 16b6be5a931c8f1a8986fa25ce120864.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:46 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: W/"5ef37b06-57b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Miss from cloudfront
X-Config-Version: 0.0.2
Connection: keep-alive
X-Amz-Cf-Id: N1TzDaG5wV8BgksEgnmT50MT3D1r8QBgazxTyFUhFecCj3z5Ntelhw==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
955 B 79ms
34ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db0e93a6caa38aa56a60492fbb22c1d09e743b879bf3486c2caf5e6dc290cf32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 21:03:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 21:15:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
782 B 90ms
45ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,800

Requested by

Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3668fec75e6b6be8ea40f236b3bca6192607304ca4691327e0d10a7b5dfb9a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 19:42:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 21:15:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
609 B 80ms
35ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,700

Requested by

Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba8ce9ae6438063f8b8c5584d894ee266f8a31efd8601d65d3c8d22a94c743ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 19:35:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 21:15:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 721 B
407 B 82ms
37ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ultra|Damion

Requested by

Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39101231399ea0445ee3d97916ebe14e4d3711df8c91f25a8171db61659c7f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 21:15:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 21:15:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 716 B
391 B 81ms
37ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arvo:400,700

Requested by

Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04053bb3706ce82570ab8ff2529bfe4e64e305a7bf4675a9c5bf83123f6dcbfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 20:46:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 21:15:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
691 B 100ms
55ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,900

Requested by

Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

407b1c0c745893d13360bb95d1af7e82751c5d00d7aeef06d4a51124ff309731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 20:42:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 21:15:14 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 80ms
36ms Stylesheet
text/html 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family-Open+Sans:300
Requested by: Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 80ms
36ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4a3cba4ba1c6d2412f275ee5ffe2c126b46ec8f6f8da7b2d0e37adf6cbfdf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 19:52:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 21:15:14 GMT

GET
H/1.1 200
OK masthead-lg-PO.png
observer-me.com/wp-content/themes/bpc-weekly/logos/ 53 KB
53 KB 174ms
174ms Image
image/png 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://observer-me.com/wp-content/themes/bpc-weekly/logos/masthead-lg-PO.png
Requested by: Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: a54447cf25079fb41411443dfcecd3651c9c8dc60d729ea7b5b415c66bda0069

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Via: 1.1 9fdb94d31cea383ee9cfa1b9714dc610.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 Nov 2021 23:00:20 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: "618c4f04-d20b"
X-Cache: Miss from cloudfront
Content-Type: image/png
X-Config-Version: 0.0.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53771
X-Amz-Cf-Id: 8pjkWQqs00DRSVC5pnuSuYXER3PkFHMCb4MMlm0gOpL2HQS0QmosDg==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 34ms
12ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://observer-me.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:32:14 GMT
x-content-type-options: nosniff
age: 556980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:32:14 GMT

GET
H/1.1 200
OK footer-PO.png
observer-me.com/wp-content/themes/bpc-weekly/images/ 293 KB
293 KB 144ms
144ms Image
image/png 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://observer-me.com/wp-content/themes/bpc-weekly/images/footer-PO.png
Requested by: Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 19e3bc271699530766e54c31809b144cb95196458f858bea32781c06b18f7f6f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/wp-content/themes/bpc-weekly/style-PO.css?1681766113&ver=2016.07.22.01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Via: 1.1 3b3cb210495e4d1678591271d0921206.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:45 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: "5ef37b05-49244"
X-Cache: Miss from cloudfront
Content-Type: image/png
X-Config-Version: 0.0.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 299588
X-Amz-Cf-Id: eiWimIjpYG9lKhdaZaGR_iBgeirFblkofIvT9ISmSPpUO8OUdF9R9A==

GET
H/1.1 200
OK fontawesome-webfont.woff2
observer-me.com/wp-content/themes/bpc-weekly/font-awesome/fonts/ 70 KB
71 KB 173ms
172ms Font
font/woff2 13.249.85.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://observer-me.com/wp-content/themes/bpc-weekly/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.2
Requested by: Host: observer-me.com
URL: http://observer-me.com/wp-content/themes/bpc-weekly/font-awesome/scss/font-awesome.css?ver=2016.07.22.01
Protocol: HTTP/1.1
Server: 13.249.85.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-85-86.ord52.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4

Request headers

Referer: http://observer-me.com/wp-content/themes/bpc-weekly/font-awesome/scss/font-awesome.css?ver=2016.07.22.01
Origin: http://observer-me.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
Via: 1.1 3b3cb210495e4d1678591271d0921206.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 16:10:45 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ORD52-C1
ETag: "5ef37b05-11850"
X-Cache: Miss from cloudfront
Content-Type: font/woff2
X-Config-Version: 0.0.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71760
X-Amz-Cf-Id: V10-3DCAYDmCBWCIstA9P-ENpKUI0c2U3WBSG9jQP0G0DZbCj5lCWw==

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v24/ 12 KB
12 KB 30ms
14ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b93a1b0941a116dcb0ed0b5c3ea062cdcad365207c405b231094eb485d95fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://observer-me.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 16:47:08 GMT
x-content-type-options: nosniff
age: 102486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12608
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:15:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:47:08 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
36 KB 24ms
8ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://observer-me.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:25:54 GMT
x-content-type-options: nosniff
age: 298160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 10:25:54 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 115 B
651 B 35ms
10ms Script
text/javascript 52.4.121.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=http%3A%2F%2Fobserver-me.com%2F&ntv_mvi
Requested by: Host: includemodal.global.ssl.fastly.net
URL: http://includemodal.global.ssl.fastly.net/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.121.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-121-231.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 122
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

gpt.js Show response
www.googletagservices.com/tag/js/
Redirect Chain

http://www.googletagservices.com/tag/js/gpt.js
https://www.googletagservices.com/tag/js/gpt.js

75 KB
25 KB

92ms
48ms

Script
text/javascript

2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e9e3c394c8ad382e9f6a3be3cbdbb19ba6c343da34ce747be69cedcb90a2448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25469
x-xss-protection: 0
server: cafe
etag: 244 / 19464 / m202304120101 / config-hash: 16596095323740135684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 Apr 2023 21:15:14 GMT

Redirect headers

Date: Mon, 17 Apr 2023 21:15:14 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location: https://www.googletagservices.com/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 17 Apr 2023 21:15:14 GMT

GET
H2 400 v Show response
apikeys.civiccomputing.com/c/ 107 B
437 B 376ms
83ms XHR
application/json 2001:470:6e0a::1b:243
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://apikeys.civiccomputing.com/c/v?d=observer-me.com&p=CookieControl%20Multi-Site&v=8&k=7ccbe0ef422b3cb1f71f711349c6b7ede2db33ec&format=json

Requested by

Host: cc.cdn.civiccomputing.com
URL: http://cc.cdn.civiccomputing.com/8.0/cookieControl-8.0.min.js?ver=5.2.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:470:6e0a::1b:243 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

Apache /

Resource Hash

302a2ba50620fc6d23a8395124daa850e451cfad9a148e2a4ba1819031d08c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-apikeys: hit
date: Mon, 17 Apr 2023 21:15:14 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: Apache
vary: X-Forwarded-Protocol
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
x-xss-protection: 1

GET
H2 200 widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 3AD5 320 KB
103 KB 5ms
3ms Document
text/html 199.232.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fobserver-me.com
Requested by: Host: includemodal.global.ssl.fastly.net
URL: http://includemodal.global.ssl.fastly.net/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: http://observer-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105435
content-type: text/html; charset=utf-8
date: Mon, 17 Apr 2023 21:15:14 GMT
etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
last-modified: Tue, 24 Jan 2023 21:41:13 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-cache: HIT, HIT
x-served-by: cache-iad-kcgs7200172-IAD, cache-lga21932-LGA

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3AD5 664 B
606 B 102ms
33ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e9763c9ee5a869feea22ed29c2890b7c47967f39

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fobserver-me.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-response-time: 7
date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 17 Apr 2023 21:15:14 GMT
server: tsa_b
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 6574a39c499a65f5
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 7c314978cd98546d1dba143d36f91452e4175f48fdf3d359f745d79621069f8d
content-length: 284

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/ 401 KB
125 KB 55ms
13ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Requested by

Host: includemodal.global.ssl.fastly.net
URL: http://includemodal.global.ssl.fastly.net/sp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11910
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127166
x-xss-protection: 0
server: cafe
etag: 9041812995692956310
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 16 Apr 2024 17:56:44 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 84 B
602 B 74ms
34ms XHR
application/json 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=observer-me.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6053f4fd4c695c0b390079d2033d9cadfdc7a87ae8c99f9893737af0ba19c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60
x-xss-protection: 0
expires: Mon, 17 Apr 2023 21:15:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 89ms
47ms Script
application/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observer-me.com

Requested by

Host: includemodal.global.ssl.fastly.net
URL: http://includemodal.global.ssl.fastly.net/sp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
24 KB 1047ms
1046ms XHR
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3395428111454287&correlator=3672971666121571&output=ldjh&gdfp_req=1&vrg=202304120101&ptt=17&impl=fifs&iu_parts=21682974628%2Cpiscataquisobserver&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%2C320x50%2C300x250%7C300x600%7C320x250%2C300x250%7C320x250&ifi=1&adks=3251934067%2C3473423308%2C3490724553%2C120784430&sfv=1-0-40&prev_scp=pos%3Dtop%26pub%3DPO%26target%3Dbpcads-top%26platform%3Ddesktop%26page_type%3Dhome%26page_name%3Dhome%7Cpos%3Dtop%26pub%3DPO%26target%3Dbpcads-top-mobile%26platform%3Ddesktop%26page_type%3Dhome%26page_name%3Dhome%7Cpos%3Dtop%26pub%3DPO%26target%3Dbpcads-aside-top%26platform%3Ddesktop%26page_type%3Dhome%26page_name%3Dhome%7Cpos%3Dmiddle%26pub%3DPO%26target%3Dbpcads-aside-mid%26platform%3Ddesktop%26page_type%3Dhome%26page_name%3Dhome&sc=0&cookie_enabled=1&abxe=1&dt=1681766114838&lmt=1681766114&dlt=1681766113866&idt=928&adxs=315%2C-12245933%2C969%2C969&adys=224%2C-12245933%2C550%2C804&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fobserver-me.com%2F&frm=20&vis=1&psz=1600x90%7C1600x0%7C310x250%7C310x250&msz=970x90%7C0x0%7C310x250%7C310x250&fws=0%2C128%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=672780982.1681766115&ga_sid=1681766115&ga_hid=391433200&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223a7c4c0d30fd64d2c490758fe5836ba0a45be59621e9ef0a42ac2742a7002a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24231
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,5512685932
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,138327067880
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://observer-me.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
26e643a429f686e3a720d396001c4c75.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CDBF 6 KB
3 KB 93ms
42ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://26e643a429f686e3a720d396001c4c75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://observer-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 21:15:14 GMT
expires: Tue, 16 Apr 2024 21:15:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 91ms
48ms XHR
application/json 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f2a8eacdad89a71bb5d56242cf0cc5f1a257aa7fc627db27c4ed92017eca002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11274
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
31ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: includemodal.global.ssl.fastly.net
URL: http://includemodal.global.ssl.fastly.net/sp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:15:15 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F32 13 KB
5 KB 5ms
4ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: includemodal.global.ssl.fastly.net
URL: http://includemodal.global.ssl.fastly.net/sp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://observer-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 291155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 12:22:40 GMT
expires: Sat, 13 Apr 2024 12:22:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FEC8 783 B
1 KB 43ms
25ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: includemodal.global.ssl.fastly.net
URL: http://includemodal.global.ssl.fastly.net/sp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77b4dd6f969f250127c261a7a54cbce9e89b2bc25acd76f6ad7a4b50a34100aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-htVCOcgw88n3nh4FhUIseQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://observer-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-htVCOcgw88n3nh4FhUIseQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 21:15:15 GMT
expires: Mon, 17 Apr 2023 21:15:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F32 36 KB
14 KB 45ms
15ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14296
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 08:11:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FEC8 0
0 41ms
41ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304120101&jk=3395428111454287&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4F32 0
10 B 4ms
4ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YsxRvg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
45ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304120101&jk=3395428111454287&bg=!mZqlms7NAAZA7GLoYOw7ADkAdvg8WoJnrDOsSfwrSmkKb31vDKU_XLcveXeow4_ULJnVAq0y-A_PnbebKGJdIrKVptaGMOkdKfICAAAAXVIAAAAEaAEHCgBduio1VpS6kIJY9NV1uUifcyobjXLjXTsIOVo1YflE3CSrVyidGGiTDHxjkClI9M3ifXSjQ92ZO9zZ0aGyFyp-M22L0gJ-LHowZbiPPtEtLHeAzrgG4olWC28zAXcVmQLLaMbF-n0zvLu7QTBOBjX8WN5DwHtzTxzmkgaAuJFyr-ll7dlsSi-rVLGTOPUfaAuwwOs3aUlSOi1cey8e7XvMa8BjdK0Fh93E6kSYvklI1lVrwYbvds5yp0Gozbo_3XDZ8E82xOr1CSMHtWFXkBoEukHk859LcLF56EVDi_isv2kaMUUkLxYgZkt7mPrZxS0LOqZpLJsHPcjrvXHZlybP5EdjmNMsM5nB-3vtkhOgWwR9COQkd_8D3m0EedQDPpNa8MKplFtReDORIWSMecLxmm-rixq3oeThnQL_FrT4Ziu9_u-Owt3JXuKHQEVZ6EaDrNDbYbJMb9ktfvocr47iITNt-En_0SOEk8xVu6nEe33Pb7P1uxBXcp83hBprCptXK4nXtbcCvQZHkpQFmBSk9KX07oTqi1tXRgfwy1veSEj513jGXI88CA7UdPho_3YW2AitJ5w6V5L0yxKrc8K1UgceuIl-MayeMI5eDhka2n9wBHSMSQ80G2U1GWAIuoGcvACjSgJmh3BbcW25pytyQ3yIHA2ZluMO0JZZkGJz-KIcc72KmKx73eX4o0cdEDnVMqkUWxRrlDYkfvoDCPHXkLjb0iADj-8SZBWwkn1qU6NxZpmx_z3sB9t3ZHlKhXbNScdv-VpPf0BaYbwHSy86IdKu0hDdKhDf37lbviPHQ-zDE6bzL9t46VfMcz6QnL1oMMkVqt2Z_ms7q8dHsPxroXLDSxMJLXtVjAOL3eRd9po5OHZgGJTJHi50sX3P6rJ0pKobOBmV1OqmRbZ1nhSR4jTrh_Z-oWdo46Xuafh-zcDNOFm83P_AUCWUzGZ9ABA35ix39rUUba3R37PMGC5Q04dcR1o_GPOkbptRyYdzlku6_TcloyRgxhAakYqHI5FgZcPhofrpwniHAeU9QzNOIQKnN7PZEzlUROZHHbOix87UcLwxKcXsZhvGtw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame 72C3 222 KB
61 KB 21ms
3ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 72C3 15 KB
5 KB 29ms
12ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 72C3 94 KB
28 KB 30ms
13ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 72C3 5 KB
2 KB 36ms
19ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 72C3 40 KB
13 KB 37ms
20ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
DATA 200
OK truncated
/ Frame 72C3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b83f078070498f45ce649506f7074bb53ffc2cc598bfcfcedc2b4eac5bb82c5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame 259B 222 KB
61 KB 10ms
8ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 259B 15 KB
5 KB 30ms
16ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 259B 94 KB
28 KB 19ms
6ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 259B 5 KB
2 KB 18ms
5ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 259B 40 KB
13 KB 17ms
3ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:30 GMT
age: 21645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:30 GMT

GET
DATA 200
OK truncated
/ Frame 259B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eecfebe593ce364136932080a12f9966e02c7dab0a58e35145c44292ab878e1e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14054135657247131775
tpc.googlesyndication.com/daca_images/simgad/ Frame 72C3 86 KB
86 KB 20ms
17ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14054135657247131775

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d93e4f8fa04ae258e8308765478cf83544f703a6da2463bc14ab5e164d3aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 14:45:59 GMT
x-content-type-options: nosniff
age: 23356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88285
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 03:19:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 Apr 2024 14:45:59 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72C3 2 KB
2 KB 7ms
4ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 21236
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 Apr 2023 15:21:19 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72C3 295 B
319 B 20ms
17ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:14:22 GMT
x-content-type-options: nosniff
server: cafe
age: 28853
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 18 Apr 2023 13:14:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 72C3 0
0 51ms
48ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXA6v4rY9ZKKNOMzi_gTgm6ToDba75Plvu6_UvZgR4arWxqM5EAEgr9CcZGDJxqmLwKTYD6ABhu-rlQLIAQLgAgCoAwHIAwiqBKACT9DX7szeQhQOy-jjjjdrZBDYXqzdMhjBf7quJtunHDrlJfUJBMHZYiD5V0W6hry1ldOHjJJBFyZdeWMpENC6b9Y26O3VokE7hU6fg7TxZBKxgyIKZtjmnU4Jj4L1qLLt-Np7qt2BsfkmAsSHSqEOl-hlXV-k0jf1D56QbWx1-gvqPDjcvL_Q7QzBo6P9qvin0sMgixaPv5KBh_ofwMKqmhdjC8qytIymWq5ZQSSAOOlT6evpJ3gbzHF8B4HFztOGYLnH5tPEgUICzIs4fmdO4wPos6z3njAPy5FkEKLryQl3MW3ByIt_ZDwRiSGWkFGg_amkqAMIOpnq9PU2R74qNh7JLm4jTeL4yiXLboLAJ2zLsOBlzlGpRezYN7wkGjckwATkp_CrqQTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH4pDU6gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCojD3SCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzcyNjkzODQ5MDQ5MTY4NRj50Ws&sigh=RHsXqzzv6RM&uach_m=[UACH]&cid=CAQSTABygQiDYvpcwuz-de2UWPy8mv5b-JLzs5hj3Bc24_xrqh5ufWY7GZng5VQF_aR9QtJBaDfMtyK-4Ptqpg8b7wLe_ixGEFw1d-EgXcQYAQ
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 16170018211068278008
tpc.googlesyndication.com/simgad/ Frame 259B 100 KB
100 KB 23ms
21ms Image
image/gif 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16170018211068278008

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140c5d57ee90b0abac5af4901d92a148bc6ddd2a674fb4e8241cf39d01861f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:25:52 GMT
x-content-type-options: nosniff
age: 557363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102026
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 11:49:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 10:25:52 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 259B 2 KB
2 KB 20ms
18ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 21236
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 18 Apr 2023 15:21:19 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 259B 295 B
319 B 20ms
18ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:14:22 GMT
x-content-type-options: nosniff
server: cafe
age: 28853
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 18 Apr 2023 13:14:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 259B 0
0 51ms
49ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDEeD4rY9ZNCQOMzi_gTgm6ToDba75Plvkv74rMQR4arWxqM5EAEgr9CcZGDJxqmLwKTYD6ABhu-rlQLIAQPgAgCoAwHIAwiqBKMCT9ARGJY6YgXJee4eoC2NmkcoxItDJpmIwILJLGgLw47i2_bcAfFTjoMn-eS7FjOlpZ5dl2VRiEHQqnSJcVaBFbTiCxZB5qx5FGPu5XkRnO289daaF3o7C3Y2y_gjoowxe8LRnXC99N06ilT8Y-PNAyt26CejVyoWUP1zScy_Ij3lg6n1cjUlAsL__QgB7AbZE89JyTf-fFc8_709Jlc45h0lw3DqngXm0tdc3XXz7sRL09K3StjgSjmQkYq2LhaXCMxU6EsWc54-9cQfDPI56rmYMCO0Ma-8hFN362jOXR8nardMXXqhagHYZaS-e7HdHGhiXqgVoe3vWkqk7Fp7DhK_WFt7ZiPJ57Kt6HJ-yRyMnCIDY64d6bzts6IQYUSlZf5EwATkp_CrqQTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AH4pDU6gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC-rEnSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzcyNjkzODQ5MDQ5MTY4NRj50Ws&sigh=EdJ97H4vMtw&uach_m=[UACH]&cid=CAQSTABygQiDYvpcwuz-de2UWPy8mv5b-JLzs5hj3Bc24_xrqh5ufWY7GZng5VQF_aR9QtJBaDfMtyK-4Ptqpg8b7wLe_ixGEFw1d-EgXcQYAQ
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 e3bf52b8-991a-41fe-9bb4-1acf24a22d27.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 27EF 78 KB
20 KB 56ms
3ms Script
application/javascript 2600:9000:210b:4c00:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/e3bf52b8-991a-41fe-9bb4-1acf24a22d27.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:4c00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a80b38c728c722b98fb0765f85ba1ff967a4d23bcf5e36143a7d2e566ecb7362

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: 2RtyddP8NW73fvDDmtmosiuOBy5.jO83
content-encoding: gzip
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
date: Mon, 17 Apr 2023 20:05:12 GMT
last-modified: Thu, 03 Nov 2022 13:16:29 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 5973
etag: W/"19e85ba3bbc71e275b7432dc055630c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, public
x-amz-cf-id: PppGM6iHFNHWdKLGIe0uV1HlY3WMefYuy331cB0cnQdjWXo1xsoObA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 27EF 0
0 41ms
41ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5x34igGJSS70sluXEp0CvspsxY1J-xvGLgMyV4JP8VuEZTBYvq3xDCF-KaJMb6eytaExfxx9ZTibN8OSE1OakLb_0FXR-IAlzOMKf0NR4KdM1oMZAdXxZWSgq-sGqqOT3xcTOxWbnH23kYYXZicRjNWgeJSj9Th1scoG_CewggexmLagLRW_7WaXAKDqgtyvQtu_Xh9EyxLazYojK-ZQAiy5y9XDszgboKJ30QRRW8l226ijy5tUlDTmKyBPawRGozQ2DTB_anv96ObVYPp_gCxiZIN1rYCHAOjIh_JtR0zRazUVxV5BpJuXNQM1DVscg7bC_Jf3fdHXuLg&sai=AMfl-YQpGb5_y7cK9XWmc870YOLHTZ1WUYyrCwSa4lF0DgKEy4fYbG3wAPK-tNTKSgScbXC3GJVP59xA5vkp0P3vj8QA9yrdoxQPA6eV0nFSjewKcybCKEBmuQ9fvWTTXWmY77hefMsIvp2INGej0giI&sig=Cg0ArKJSzNImPe-jLQ-0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Apr 2023 21:15:16 GMT

GET
H2 200 index.js Show response
cdn1.opstag.com/13546/ Frame 27EF 15 KB
6 KB 47ms
5ms Script
application/javascript 18.164.124.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.opstag.com/13546/index.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-67.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d5300c7eef08a2dc1696d0be0cccceb15c5b86f0028f71d323ccfcf6b3e302b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
via: 1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5727
last-modified: Tue, 04 Apr 2023 15:23:24 GMT
server: AmazonS3
etag: "be7e655b3367a0e293ce031622fb649f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-amz-cf-id: luCqXnYpf6guL3BdDei9PeM8ivZbtXr89y6UN1-lDOBPOQQPRXgBNg==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27EF 159 KB
49 KB 73ms
56ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Apr 2023 21:15:16 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 72C3
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

87ms
82ms

Image
text/html

2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: H2
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

Date: Mon, 17 Apr 2023 21:15:16 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control: private
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 259B
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

83ms
78ms

Image
text/html

2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: H2
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

Date: Mon, 17 Apr 2023 21:15:16 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control: private
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0

GET
DATA 200
OK truncated
/ Frame 27EF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea8895221c75039c9a2cb7d166cd3ad303ed316b086b732fcca911dbeb8709aa

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 202 e3bf52b8-991a-41fe-9bb4-1acf24a22d27
analyticssystems.net/api/v2/ad/impression/ Frame 27EF 0
322 B 43ms
41ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/e3bf52b8-991a-41fe-9bb4-1acf24a22d27?rand=521922
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BM0d2iFd%2F2%2BlT5cXK5iciPvDrQwCZhmEXRdJI1aSUqjHls%2Fpdso4fmeJq1rGnp2tsDMIJ%2FhV1W%2BsHjj9FyzSLjEG%2F746XYVYqiNU6cJVSPWyCn%2FR6pQDGiperUXa%2Ba92ov1jOtDJtxGZYRWmODs%2FMeRGA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b97aeb248c84285-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: F1bVX1EaKca4SpQClGtS

GET
H2 200 prebid.js Show response
cdn1.opstag.com/13546/ Frame 0EFA 322 KB
98 KB 6ms
5ms Script
application/javascript 18.164.124.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.opstag.com/13546/prebid.js
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-67.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7e15cffe080669175119f5b92f4b5f053c95151815b58091ef5a9f33a63fcd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
via: 1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 100023
last-modified: Tue, 04 Apr 2023 15:23:24 GMT
server: AmazonS3
etag: "c7e305cba86ee8b6a0ce00b49b55d091"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-amz-cf-id: OaGTCpO9tVQF_M8fvhJT1wDIuGKSiGiSgkvZCkzEmMdAJbstdykliA==

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame 0EFA 201 KB
62 KB 13ms
4ms Script
application/javascript 23.54.68.197
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: HTTP/1.1
Server: 23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-197.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9e02f606f1a329fbb0ce608b5f6524a3b274236ca2bf93abbca1b6275fbed308

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 15:56:29 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=57070
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62867
Expires: Tue, 18 Apr 2023 13:06:26 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/v8hjcnCYE4vzy0UFyCJNdLlJxVw/gpt_and_prebid/ Frame 0EFA 77 KB
17 KB 66ms
17ms Script
text/javascript 2606:4700:4400::ac40:99f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/v8hjcnCYE4vzy0UFyCJNdLlJxVw/gpt_and_prebid/config.js
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bbeeb116785d969841f4aff0714b76878e4ba63371026e429ec9fa88e04250c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Apr 2023 19:07:16 GMT
server: cloudflare
x-amz-request-id: FVPJB5D9HDAZS4TC
age: 279
etag: W/"9aac5b03ce48bf792e20c17bfaa8af87"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7b97aeb2d9224352-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: T20gC4YL/F1Lv48H36DgQLACrt8zcZesQkUeB5+Aan4SDvLCjWGxwux2LCBGtkgFf8H2tv2Dm/E=

GET
H2 200 placement.js Show response
cdn1.opstag.com/13546/ Frame 0EFA 30 KB
10 KB 14ms
14ms Script
application/javascript 18.164.124.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.opstag.com/13546/placement.js
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-67.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: faa51a144f94305eb58167b7154ab49ef33016363ecde0637837d1a89806df87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:14 GMT
content-encoding: gzip
via: 1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9813
last-modified: Tue, 04 Apr 2023 15:23:24 GMT
server: AmazonS3
etag: "1ae16012c648d223aaa1fa90e7e575c1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-amz-cf-id: Rhc7nNLmjduJjiRfvWrcbyiZF17bpQuqJRE_ydvEw5Wwwr4hZickkw==

GET
H2

200

ad
pubads.g.doubleclick.net/gampad/ Frame 27EF
Redirect Chain

https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21682974628/Bangordailynews/bangordailynews-13546-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5510689438
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21682974628/Bangordailynews/bangordailynews-13546-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5510689438&pre=1

42 B
209 B

94ms
93ms

Image
image/gif

2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21682974628/Bangordailynews/bangordailynews-13546-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5510689438&pre=1

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Mon, 17 Apr 2023 21:15:16 GMT
x-content-type-options: nosniff
server: cafe
google-creative-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
google-lineitem-id: -2

Redirect headers

date: Mon, 17 Apr 2023 21:15:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21682974628/Bangordailynews/bangordailynews-13546-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5510689438&pre=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
BLOB 200
OK c44218d6-9d4b-4892-9445-648a18160777
http://observer-me.com/ Frame 27EF 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://observer-me.com/c44218d6-9d4b-4892-9445-648a18160777
Requested by: Host: observer-me.com
URL: http://observer-me.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H/1.1 200
OK wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202304111045/ Frame 0EFA 239 KB
75 KB 14ms
10ms Script
application/javascript 2606:4700:4400::6812:220a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.confiant-integrations.net/gptprebidnative/202304111045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/v8hjcnCYE4vzy0UFyCJNdLlJxVw/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Server: 2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90db7c2929c1f8fa3cb7be282e5c88ce131312749bb86d8eed33f6757e57f772

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 21:15:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: CSQN5TH8STGZ6BXN
Age: 533268
x-amz-server-side-encryption: AES256
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 76572
x-amz-id-2: yKpso84o7NT7Kghnm5z4MBTrssgETOuUhxwpARaopP4PIgcTiJFfzTnVlfjOUdrjsxNf6jCTpJg=
Last-Modified: Tue, 11 Apr 2023 14:47:39 GMT
Server: cloudflare
ETag: "7371672e2ad6b3b9469c4dc5cc2f6c08"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7b97aeb37e33443e-EWR

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0EFA 75 KB
25 KB 46ms
45ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: observer-me.com
URL: http://observer-me.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c277a53c9ecae1432ff012c2e53948495243ca91e40d1c8a9e9112d99ef544a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25473
x-xss-protection: 0
server: cafe
etag: 126 / 19464 / 31073842 / config-hash: 16596095323740135684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 Apr 2023 21:15:16 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/ Frame 0EFA 401 KB
124 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 18:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9474
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127166
x-xss-protection: 0
server: cafe
etag: 9041812995692956310
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 16 Apr 2024 18:37:22 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 0EFA 84 B
244 B 39ms
38ms XHR
application/json 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=observer-me.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6053f4fd4c695c0b390079d2033d9cadfdc7a87ae8c99f9893737af0ba19c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60
x-xss-protection: 0
expires: Mon, 17 Apr 2023 21:15:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 27EF 0
0 44ms
44ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc2MqgBoBtDh7TdQyAiFFafZxn8eYOclSlIZdrkdXza-wxXlB3jLQDlxuO1BCX3i2YuBBhu4k7vxWFQTIB9V0jbVBurKFDU1c4mNwOlfwyX5QUjM8z4Qri67FmH1_2bBw0HVGkSpWOMYWX1-IZOEKMXGpIVXkeeQoRIbB36TUz9TjWIkPhrg-7tfpu1N5DSdb-bKswxekGjD4ObB2SxWHOIo_Rp9oLePd7R-CAL4kV1V1OhtJbu-_dF93x2oDwDaiKFrEDQOnbSFzkI8J_fKAHY747R8zYD84_IIYdEdi57rdxs_cChZ6fUgksmg7wQT0odH7B41711SDdDRRi&sai=AMfl-YTDJH2vuRk4i0uA_AXHgOHwmJnsn8FMYK7BeaPkrfCID71hnm9DFINwxUC1zVMHF56ix5S3qT_KyJHvV32wO3rDm6XCGD0J8M6wXXBIqnCTCkmILuFkAWEV49UDZ9Zo68x-knUrpknb4X_7g7D6&sig=Cg0ArKJSzDNUtFFKJbVMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Apr 2023 21:15:16 GMT

GET
H2 200 arj Show response
os4m-d.openx.net/w/1.0/ Frame 0EFA 174 B
591 B 150ms
89ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://os4m-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fobserver-me.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e5de47e1-cce3-41dd-a5c3-c87136db8eab&nocache=1681766116677&pubcid=15d08cf3-78f3-4583-99e1-5919096f2ab9&schain=1.0%2C1!yieldlift.com%2C2000010%2C1%2C%2C%2C&aus=300x250&divids=div-gpt-ad-9888753433712-0&aucs=&auid=542523797
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7a2706408dc5923e8a81abea16520b622f5475ba2982072b2de83b962b5a58c9

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 21:15:16 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://observer-me.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 0EFA 94 B
1 KB 55ms
16ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224dfc1bbfc39475%22%3A%223feb0973d92ce956e1fb%7C300x250%7Cgpid%3D%2F8570%2C21682974628%2FBangordailynews%2Fbangordailynews-13546-300x250-activefill-desktop%22%7D&ref=http%3A%2F%2Fobserver-me.com%2F&s=bea0c23e-ae3c-462b-9f73-cb6a2e9c3629&pv=8dce2c9d-1348-4ef8-94c5-36a26d146cf4&vp=mobile&lib_name=prebid&lib_v=6.29.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000010%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%2215d08cf3-78f3-4583-99e1-5919096f2ab9%22%7D&coppa=0

Requested by

Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

756c81119960f466b975f0303a0d80bf4f10f25d696d23cc0e3f50e3c841da6e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 21:15:16 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-120
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://observer-me.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 119
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0EFA 19 B
824 B 31ms
17ms XHR
application/json 68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 21:15:16 GMT
AN-X-Request-Uuid: 339a3205-429e-4c99-8d64-543c5cc29983
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://observer-me.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 5.181.234.134; 5.181.234.134; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 0EFA 0
115 B 74ms
59ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://observer-me.com
date: Mon, 17 Apr 2023 21:15:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 mvo Show response
tag.1rx.io/rmp/231857/0/ Frame 0EFA 0
162 B 37ms
9ms XHR
text/plain 199.127.204.162
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/231857/0/mvo?z=1r&hbv=6.29,2.1
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://observer-me.com
pragma: no-cache
date: Mon, 17 Apr 2023 21:15:16 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 0EFA 15 B
362 B 1787ms
32ms XHR
application/json 51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: http://observer-me.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 0EFA 37 B
566 B 43ms
22ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=587323&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221301b2c749fdbf9%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fobserver-me.com%2F%22%2C%22page%22%3A%22http%3A%2F%2Fobserver-me.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22http%3A%2F%2Fobserver-me.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214c112f89698125%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22587323%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000010%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0147be2f7720e6e11e5b146606e8f382c9bf3d7686782491e19e67327cdc4ac

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 21:15:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fk2hkErkBbnnpxOHgQ8%2Bo%2BsD%2Bu8s3h0Gybj4UcderZLMFZrNYAZofN9BxDQlQT3p4SquJhtx762JsLAWPJFSwiznINm7m9IOCE5l0Ew%2B0sjbF4mAjHkij9xx8UiINA0lKPa4fzbg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://observer-me.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7b97aeb5784e8c09-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0EFA 19 B
824 B 13ms
7ms XHR
application/json 68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 21:15:16 GMT
AN-X-Request-Uuid: f97df8c9-5317-416c-9887-3f03e5fb1438
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://observer-me.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 5.181.234.134; 5.181.234.134; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0EFA 284 B
834 B 59ms
19ms XHR
application/json 2602:803:c002:300::98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=255310&zone_id=1868552&size_id=15&rp_schain=1.0,1!yieldlift.com,2000010,1,,,&rf=http%3A%2F%2Fobserver-me.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=e5de47e1-cce3-41dd-a5c3-c87136db8eab&l_pb_bid_id=18ad229521f699c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9576490159210531
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 723985709d6ec1c320814566f58ebbe2aafa82d1d3fef799b900e0353b05010c

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 21:15:16 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://observer-me.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 284
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ Frame 0EFA 584 B
861 B 49ms
11ms XHR
application/json 147.28.129.37
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 6d3729a9c5970024ff251cbc5eba44871b1b5b55ba6a94831c635c224912a81e

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 21:15:15 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://observer-me.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 300

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 0EFA 23 B
524 B 18ms
4ms XHR
application/json 63.251.114.182
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by: Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13546/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 81c5939610d83b2f6a87942152b722e94c22d3b71e8b6217c58db07ebc237dc8

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 17 Apr 2023 21:15:16 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://observer-me.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 72C3 42 B
64 B 44ms
44ms Image
image/gif 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuK6Aba8vQW5jMpIQjpxPN1faZ6zF3fdT6u4bA-hlCS3DrOYvSbsqpXuVwnZJvHalCV9havG455B8s9nLDcGwfmsv3P_Qwrs1z7MdTCED95H3oRBxDbIsXJwiymMJ0MgKFWPPw&sai=AMfl-YRK9v8skP6uv2IML4woWpk9hb8U4UOepA9GLHjAStHwcJOZTeZrUW-4O5zI4Sh44qcviPjH7kqXcRsIvzredU-aqSF336o2fzuA1kJa7y5aag15iWtHfGrT9kZzTU2bfFpQd6whmrvrnVdHPQ&sig=Cg0ArKJSzC094eD1plhFEAE&cid=CAQSTABygQiDYvpcwuz-de2UWPy8mv5b-JLzs5hj3Bc24_xrqh5ufWY7GZng5VQF_aR9QtJBaDfMtyK-4Ptqpg8b7wLe_ixGEFw1d-EgXcQYAQ&id=ampim&o=315,224&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=386&tls=1386&g=100&h=100&tt=1387&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 21:15:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 259B 42 B
64 B 49ms
48ms Image
image/gif 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbfbWj_QWYACOa7c1uw5Etcm2wj1BMSVD1HdloWhXdco59vue3njsKZtwWzDYs321Ubf1xPtwC_ay0UQgW-rcPMzIfBHetGuzw816rA6wxg4cxBbsBzp-_ZZlk7dvBjldHRy4&sai=AMfl-YQTVmeenJkBII1mtGRqbWu38TIJrZA5DULt4TlQw63c-xlBbOPjlIe1p0unoojTHKWaYG4MJdqev4ff-d0mcAGntKEjeJMxeeQbZPfK_XZUekkqoRZHKBj8960g5g09b315SSJzcyV5dapR2Q&sig=Cg0ArKJSzHGdCRIaTB3nEAE&cid=CAQSTABygQiDYvpcwuz-de2UWPy8mv5b-JLzs5hj3Bc24_xrqh5ufWY7GZng5VQF_aR9QtJBaDfMtyK-4Ptqpg8b7wLe_ixGEFw1d-EgXcQYAQ&id=ampim&o=974,710&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1009&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&tfs=374&tls=1383&g=81.66666626930237&h=81.66666626930237&tt=1383&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 21:15:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 29ms
9ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fobserver-me.com%2F&domain=observer-me.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://observer-me.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://observer-me.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 17 Apr 2023 21:15:17 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 541513
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

envelope Show response
lexicon.33across.com/v1/ Frame 0EFA
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0010b00001si6JdAAI&gdpr=0
https://lexicon.33across.com/v1/envelope?pid=0010b00001si6JdAAI&gdpr=0&b=1&g=WVi04RQf3B58KmBgtuB3lOh%2FkALJZSvlCUVOsmRmK5o%3D

42 B
138 B

12ms
11ms

XHR
application/json

2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00001si6JdAAI&gdpr=0&b=1&g=WVi04RQf3B58KmBgtuB3lOh%2FkALJZSvlCUVOsmRmK5o%3D
Protocol: H2
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:17 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: http://observer-me.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 17 Apr 2023 21:15:18 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: http://observer-me.com
location: https://lexicon.33across.com/v1/envelope?pid=0010b00001si6JdAAI&gdpr=0&b=1&g=WVi04RQf3B58KmBgtuB3lOh%2FkALJZSvlCUVOsmRmK5o%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0EFA
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fobserver-me.com%2F&domain=observer-me.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=q5Hzv3wxSmlIbnRrUE5OUW1PZ3d1dUhNNWxybTVid3VMYVlhOXB1aFhyUWwxNTVDSFkxQS94UTBHcmFsVFlKZXlJVktXSk50cG1BYkJSNmNRN29CUnFGSk8vcjhjWXRDR2ZpQ1RXcGNqQ3RCRzJJaHpYQVZNR0JIbi8vZ2...

364 B
651 B

28ms
10ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=q5Hzv3wxSmlIbnRrUE5OUW1PZ3d1dUhNNWxybTVid3VMYVlhOXB1aFhyUWwxNTVDSFkxQS94UTBHcmFsVFlKZXlJVktXSk50cG1BYkJSNmNRN29CUnFGSk8vcjhjWXRDR2ZpQ1RXcGNqQ3RCRzJJaHpYQVZNR0JIbi8vZ2ozNVhnbWhKLzNQNzVNcVIweTlSdSszWmRCaHF2ZmV4U3lXd2R1Vk9sTTdleWpjMjlleHJ3a0NGczY2N1RBTVk4YXdyaFNQN3ZCUWVMeDJhOFlKRkN3akk4Y0dsbzU0RzdXdE9mdDZmUFJnQzVabmNuMVhxWEpXUlh6Slp1K2NJVVhDOXRIQTNpfA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5bd2b301823370cdd25839c62f4810ebee4a83e90e612089ff88917badfc9bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 21:15:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1325797
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Apr 2023 21:15:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=q5Hzv3wxSmlIbnRrUE5OUW1PZ3d1dUhNNWxybTVid3VMYVlhOXB1aFhyUWwxNTVDSFkxQS94UTBHcmFsVFlKZXlJVktXSk50cG1BYkJSNmNRN29CUnFGSk8vcjhjWXRDR2ZpQ1RXcGNqQ3RCRzJJaHpYQVZNR0JIbi8vZ2ozNVhnbWhKLzNQNzVNcVIweTlSdSszWmRCaHF2ZmV4U3lXd2R1Vk9sTTdleWpjMjlleHJ3a0NGczY2N1RBTVk4YXdyaFNQN3ZCUWVMeDJhOFlKRkN3akk4Y0dsbzU0RzdXdE9mdDZmUFJnQzVabmNuMVhxWEpXUlh6Slp1K2NJVVhDOXRIQTNpfA&cppv=2
access-control-allow-origin: http://observer-me.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 577266
content-length: 0
expires: 0

POST
H/1.1 200 944.json Show response
id5-sync.com/g/v2/ Frame 0EFA 575 B
1 KB 262ms
86ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/944.json

Requested by

Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

eea2971a679c1883149e08d494a34c20e948037e732b73b8d3b5cef59d585798

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://observer-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 21:15:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://observer-me.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET envelope
api.rlcdn.com/api/identity/ Frame 0EFA 0
0

GET rid
match.adsrvr.org/track/ Frame 0EFA 0
0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0EFA 107 B
165 B 41ms
40ms Script
application/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observer-me.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0EFA 503 B
261 B 88ms
88ms XHR
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3553764608426552&correlator=372439603620829&eid=31072019%2C31073836%2C31073842&output=ldjh&gdfp_req=1&vrg=202304120101&ptt=17&impl=fifs&iu_parts=8570%3A21682974628%2CBangordailynews%2Cbangordailynews-13546-300x250-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3290750615&sfv=1-0-40&prev_scp=rfsh%3D1%26rfshtime%3D17&eri=1&sc=0&cookie=ID%3Dc6cbc255d7c451f2%3AT%3D1681766114%3AS%3DALNI_Mbpm0s-rWfj43xmcfaqWUpyZPQH0g&gpic=UID%3D00000be35259eef1%3AT%3D1681766114%3ART%3D1681766114%3AS%3DALNI_MblYi5i4IZbHUashV7EiseONqm5xw&abxe=1&dt=1681766118505&lmt=1681766118&dlt=1681766116233&idt=384&adxs=974&adys=1314&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=r2rbyofyejag&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=2&url=http%3A%2F%2Fobserver-me.com%2F&ref=http%3A%2F%2Fobserver-me.com%2F&top=http%3A%2F%2Fobserver-me.com%2F&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=260&ohw=300&ea=0&ga_vid=489433418.1681766119&ga_sid=1681766119&ga_hid=1881511011&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1905806b06c00d6822e7c5aea4806d54caf8f299870e6398ded798ec04d77bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://observer-me.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0EFA 15 KB
11 KB 48ms
47ms XHR
application/json 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12b21bbabbc2b365a9b423b45faf17ec3ad98653953722e833e7cbeaadf03dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11463
x-xss-protection: 0

GET
H2 200 container.html Show response
eafc80e25c8420ae37ee435a25488828.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B96F 6 KB
3 KB 56ms
40ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eafc80e25c8420ae37ee435a25488828.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://observer-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 21:15:18 GMT
expires: Tue, 16 Apr 2024 21:15:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 184ms
11ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 17 Apr 2023 21:15:17 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 447827
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0EFA 17 KB
6 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js?cb=31073842

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:15:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1803 13 KB
5 KB 7ms
4ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://observer-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 291158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 12:22:40 GMT
expires: Sat, 13 Apr 2024 12:22:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E4EF 783 B
757 B 26ms
24ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b3c87204572951ac59b83f68638b3fda8b653af23e31950a058d042a0ea85ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bpn2Wnefc29vsC1eiooF5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://observer-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-Bpn2Wnefc29vsC1eiooF5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 21:15:18 GMT
expires: Mon, 17 Apr 2023 21:15:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1803 36 KB
14 KB 13ms
13ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14296
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 08:11:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E4EF 0
0 40ms
39ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304120101&jk=3553764608426552&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1803 0
10 B 4ms
4ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QXNdlA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:15:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0EFA 0
0 44ms
43ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304120101&jk=3553764608426552&bg=!FRalFkLNAAZA7GLoYOw7ADkAdvg8Wpp9wrAao6RI8bv8p8II0qOcyy1ZH6aFMYBhrfehnI6hZqEs9_how7GIqN-yKnhfqt6wUFkCAAAAfVIAAAAEaAEHmQMKiXWZRHSQH5-7OJS98zOnll22zoTpIb7cEJRtJcT_p_Iu1aZ_X4GViANNNx_wWyOI6-IupXfJrW5TkREu8yxihWmES0_E61P7Hn5GF_tL9amIkh-tuM3tTv7WlCpRO30_9IEOhVOXKWsMSqPz1_iBsSso0KUAJfKyvLmC3OZ9NuNJkvr-au8Zkvg9PvcJeJ6R7SW1GlcnxwRV7rUFPdaAKfbnxgQy2dEw_vpgF7IZbjSPO585wRfk6EBDFMz_567Gq3m2nDxakeFMofOS1fJGVQOWICsat7pdNA1n1Rc-d3haUdWTEH0zBE6qNRHnk7VnbKwGorF57sVYnBHzERRw4qvqnsjQTQ5BIky6Ef700DxRkeuqKEejTIParDk6aA3AxVbmZPW1I_FmTb8cbzXkgx7VJVuXBW6d0FSk15vf0MEYd5eN26RgPwchQ7krVu9fKeaTAUd22kmbIjhSWW_n44a-UbtcLPoqalYEnqWgGGGYOJGBcjcRaDQFWzFnC1yorZHD4YoJOBj3_zTLCb-2ig196ieJJ60W47CNk-NfmvPFikWsVBFxcFtRgqEy1JqDYiuEmXRRyYH8iU3-RUrpRLAMcYPsgbcYi3PMNDWIdMhufQAJRw6tQMNgLVFwRcoTp2MZswhSqfoDWk-BLtwQEv8YSOQJYqMzMyRST7ZLZbQShb1CP8MnRn-uHBGWU1lk8-m3tQnNPHyKjQH_tTOpGpmCNjkrTIrXC4Ml7RHhvevj-OhHi2eX33hGCtQ6cnXjM9yO02dmf_8O75b3tEatQu9w13sgsls6ZJl-q3H6RiQBMt9ipT6mF4ybgTgN3-QD_WFFknELE0rJD-28Zj4TcPfBtdEcLymDO6GgOcdW015fOp59Y-ubTqVHwkdqTFF2Vlu3I7LChV4DDoBAFd8wOXsjuTyDNOng5dbQqqqTtz1dszza4BIyA6aCvh1BCDPkl3WoZF0msHB_WGvzZ-4LKIH8AQRmmRZfwIVRm3k5t0-5s2BSpinaAp0jyEfvn8uXO85qY-odyJ8TEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://observer-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
observer-me.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}
.postrelease.com/	1970-01-20 19:55:02	Name: visitor Value: 72c4e20d-f69c-4b64-8238-9b3b6a1406ff
.postrelease.com/	1970-01-20 19:55:02	Name: status Value: 0
observer-me.com/	1970-01-20 11:19:30	Name: AWSALB Value: S+OaxlGtIautN1dSiqx1ZtZiOV4OHiYOE4yHlxzRmoBMCwop0Md4xmRmACtHqnBRMalQfLWOBODx0KO7DXwctNl+bF9rSp9NLwg9iNMHTWddIj5U78tuROvL1FSn
.observer-me.com/	1970-01-20 20:31:02	Name: __gads Value: ID=c6cbc255d7c451f2:T=1681766114:S=ALNI_Mbpm0s-rWfj43xmcfaqWUpyZPQH0g
.observer-me.com/	1970-01-20 20:31:02	Name: __gpi Value: UID=00000be35259eef1:T=1681766114:RT=1681766114:S=ALNI_MblYi5i4IZbHUashV7EiseONqm5xw
.doubleclick.net/	1970-01-20 20:45:26	Name: IDE Value: AHWqTUnTvnLeaIg_eMrtjnImLXlQogRdESKA_SllD-3t7YpTc76I69mH_91Jr00ORVk
.doubleclick.net/	1970-01-20 11:09:29	Name: DSID Value: NO_DATA
observer-me.com/	1970-01-20 11:52:38	Name: _pbjs_userid_consent_data Value: 3524755945110770
.observer-me.com/	1970-01-20 15:28:38	Name: _pubcid Value: 15d08cf3-78f3-4583-99e1-5919096f2ab9
.lijit.com/	1970-01-20 19:55:02	Name: ljt_reader Value: Gf27fBZHz_hctkuNTyGYlIMk
.go.sonobi.com/	1970-01-20 11:52:38	Name: __uis Value: 899d72be-c478-4a4c-8555-94d8e5d2549f
.go.sonobi.com/	1970-01-20 11:10:52	Name: _usd_observer-me.com Value: 8dce2c9d-1348-4ef8-94c5-36a26d146cf4
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8A Value: s85120\|ZD225
.prebid.a-mo.net/	1970-01-20 19:55:02	Name: __amc Value: 1_1681766116_1681766116
.a-mo.net/	1970-01-20 19:55:02	Name: amuid2 Value: 22c75080-8f6e-458b-b2d2-58290950582c
.prebid.a-mo.net/	1970-01-20 19:55:02	Name: sd_amuid2 Value: 22c75080-8f6e-458b-b2d2-58290950582c
.rubiconproject.com/	1970-01-20 19:55:02	Name: khaos Value: LGLC4GPG-7-L4HF
.rubiconproject.com/	1970-01-20 19:55:02	Name: audit Value: 1\|i7WLabMcVxIetFgpHWB4u1MG4C6D/t+3x5H4/Al95QWCWIKBvWs9GEE1v2cZBpGOJA0yWvCMbPaFRM0qSXpkbMxuhZpbWKLtSO1Kqm/rGnA=
.openx.net/	1970-01-20 19:55:02	Name: i Value: 15d08cf3-78f3-4583-99e1-5919096f2ab9\|1681766116
observer-me.com/	1970-01-20 11:09:29	Name: _lr_retry_request Value: true
observer-me.com/	1970-01-20 11:52:38	Name: _lr_env_src_ats Value: false
.33across.com/	1970-01-20 19:55:02	Name: check Value: true
.id5-sync.com/	1970-01-20 13:19:02	Name: id5 Value: 1774f8ab-ae38-70e2-aace-f104ab3c96fd#1681766118660#1
.observer-me.com/	1970-01-20 20:31:02	Name: cto_bundle Value: nJd8O183R1BtMzdrNUlCcHFYQ3lHY0Z2aHBycWJTbGdJdXA3YWhIRnMyUGg2cG4lMkZ1MXI0dVBQb3dtZUlPbTJmazBIMGw3VTlBVnR0NzR2ViUyRnpMYU4wblBwWk5Rck1iSWdUa3VMaGslMkJ4WDhhRFNqMUtnbWRHd0pvaDhzTEdweCUyQmtyMGhn
.observer-me.com/	1970-01-20 20:31:02	Name: cto_bidid Value: IUcJ0V9oMm5hZXB1RUtMUEZKQTJhWEdDQnhiT0xzZHBNJTJCZlFobzFYdkd5Tk0lMkZnbDBiQTNnRmRUeWxMJTJCJTJGemdyYkV2bFZEUXFDZEF2Tk5GT3VjSXZQdTVMRWZRJTNEJTNE

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css?family-Open+Sans:300 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://apikeys.civiccomputing.com/c/v?d=observer-me.com&p=CookieControl%20Multi-Site&v=8&k=7ccbe0ef422b3cb1f71f711349c6b7ede2db33ec&format=json Message: Failed to load resource: the server responded with a status of 400 ()
javascript	error	URL: http://observer-me.com/ Message: Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json' from origin 'http://observer-me.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://observer-me.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'http://observer-me.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26e643a429f686e3a720d396001c4c75.safeframe.googlesyndication.com
ads.pubmatic.com
adservice.google.com
analyticssystems.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
apikeys.civiccomputing.com
bdn-ss-po.s3.amazonaws.com
cc.cdn.civiccomputing.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn1.opstag.com
d3plfjw9uod7ab.cloudfront.net
eafc80e25c8420ae37ee435a25488828.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
includemodal.global.ssl.fastly.net
jadserve.postrelease.com
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
observer-me.com
onetag-sys.com
os4m-d.openx.net
pagead2.googlesyndication.com
platform.twitter.com
prebid.a-mo.net
pubads.g.doubleclick.net
s.ntv.io
securepubads.g.doubleclick.net
syndication.twitter.com
tag.1rx.io
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
api.rlcdn.com
match.adsrvr.org
104.18.24.185
104.244.42.72
104.36.115.111
13.249.85.86
147.28.129.37
151.101.65.194
162.19.138.116
18.164.124.67
184.29.133.80
199.127.204.162
199.232.36.157
2001:470:6e0a::1b:243
23.54.68.197
2600:1901:0:8344::
2600:9000:210b:4c00:13:a391:88c0:21
2600:9000:21b8:5a00:e:3706:bd00:93a1
2602:803:c002:300::98
2606:4700:3032::ac43:cb69
2606:4700:4400::6812:220a
2606:4700:4400::ac40:99f6
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81d::2001
2607:f8b0:4006:821::2004
2607:f8b0:4020:804::2002
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2002
2607:f8b0:4020:807::2002
2620:100:a001::c
35.244.159.8
51.222.39.187
52.216.56.185
52.4.121.231
63.251.114.182
68.67.161.182
69.166.1.15
74.119.119.139
00bebef230814ffdfb69ec7996547cf3bfe0043e174bf7f0ce99200b0665d407
03daf7cc54ecee16ceda5b6e209c8f62c719151aa1b336a28001d5947db0fbb6
04053bb3706ce82570ab8ff2529bfe4e64e305a7bf4675a9c5bf83123f6dcbfa
0b3c87204572951ac59b83f68638b3fda8b653af23e31950a058d042a0ea85ec
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d935e9a0486996a88e5a9f1dffcc004989be37ae295a5093530f77ffca0d713
0dbef0a3a4867d1fdab18409d057d8d7a32bb5fff86e85a57f4642ab332ad156
11b1cc60c35bbdbcc27e3c63af9d94ea2506edfd702a637456f63b59115efca7
12b21bbabbc2b365a9b423b45faf17ec3ad98653953722e833e7cbeaadf03dac
140c5d57ee90b0abac5af4901d92a148bc6ddd2a674fb4e8241cf39d01861f4d
19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01
19e3bc271699530766e54c31809b144cb95196458f858bea32781c06b18f7f6f
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e82763ae66b9488d9095afecef7132031ecdefcb4b5b948c3f6a033e7996fa9
1f2a8eacdad89a71bb5d56242cf0cc5f1a257aa7fc627db27c4ed92017eca002
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
223a7c4c0d30fd64d2c490758fe5836ba0a45be59621e9ef0a42ac2742a7002a
2822df76b60b986d449729846039a8ea05b32225117be4bca40477c2b33b535b
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
2a8eb5d54638dc4245711d29e9d0107ad9e287c61b11567d21a8302b4051181c
302a2ba50620fc6d23a8395124daa850e451cfad9a148e2a4ba1819031d08c75
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
35d93e4f8fa04ae258e8308765478cf83544f703a6da2463bc14ab5e164d3aaf
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3668fec75e6b6be8ea40f236b3bca6192607304ca4691327e0d10a7b5dfb9a6f
39101231399ea0445ee3d97916ebe14e4d3711df8c91f25a8171db61659c7f2a
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3a368dc7c7d015928ad937103b85f2e91240171531b3de1af6c61798e1246c8a
3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648
3a8b7fd9fe106225100967c56092eccefff1f7ce0c5357fa2055064f262d443e
3b561bd82142c0bf312090bb205bf338766c4fdc9ddc075d0e355405a10e6d81
3b7e15cffe080669175119f5b92f4b5f053c95151815b58091ef5a9f33a63fcd
3d3f0f04b0c234eb052753f53167ed01dd68248144491615b450132fbffad437
3e9e3c394c8ad382e9f6a3be3cbdbb19ba6c343da34ce747be69cedcb90a2448
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
407b1c0c745893d13360bb95d1af7e82751c5d00d7aeef06d4a51124ff309731
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b83f078070498f45ce649506f7074bb53ffc2cc598bfcfcedc2b4eac5bb82c5
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4d5300c7eef08a2dc1696d0be0cccceb15c5b86f0028f71d323ccfcf6b3e302b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ff4f8dd7227e424d5b93e51f93a25ed4bff79ada8229b5d42269cd3599eb26
578b4f3a12e143450841a6c5782709dfd9db25c5ee3a63cce6aa48ba894caad1
5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce
5bbeeb116785d969841f4aff0714b76878e4ba63371026e429ec9fa88e04250c
5bd2b301823370cdd25839c62f4810ebee4a83e90e612089ff88917badfc9bc3
5feec8da6dd320ef0e426c108d51cec5c4001195f6b94c15c4a6f32ef6a9f999
60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6c277a53c9ecae1432ff012c2e53948495243ca91e40d1c8a9e9112d99ef544a
6d3729a9c5970024ff251cbc5eba44871b1b5b55ba6a94831c635c224912a81e
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
723985709d6ec1c320814566f58ebbe2aafa82d1d3fef799b900e0353b05010c
7390654aa4ae602646d808e3530f0bd71a8b6dc1fb5204ad9bb476b2d6d8c00f
7448717677870520f378a821327774b08368dca7dac413a73d89bda49399c4f1
756c81119960f466b975f0303a0d80bf4f10f25d696d23cc0e3f50e3c841da6e
77b4dd6f969f250127c261a7a54cbce9e89b2bc25acd76f6ad7a4b50a34100aa
79bd5b1a75846283399327d0d33011411c4cac24bc8ec39777c7bb1edae8b5fd
7a2706408dc5923e8a81abea16520b622f5475ba2982072b2de83b962b5a58c9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81c5939610d83b2f6a87942152b722e94c22d3b71e8b6217c58db07ebc237dc8
875ccaad237645a24dae9f6aeb45e2ba7bc401f005e36229cfb8b2da66cde622
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
90db7c2929c1f8fa3cb7be282e5c88ce131312749bb86d8eed33f6757e57f772
92498c7b329f9d4e3f91b2964b40ae87e1b1ef23a7541a4d222749b5dd3b8dce
9ca9bf531740b90bb48f59bc15081161c39171f6ab5fa5ffcece594b69727a79
9e02f606f1a329fbb0ce608b5f6524a3b274236ca2bf93abbca1b6275fbed308
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54447cf25079fb41411443dfcecd3651c9c8dc60d729ea7b5b415c66bda0069
a6053f4fd4c695c0b390079d2033d9cadfdc7a87ae8c99f9893737af0ba19c50
a7e5bf09db3c2bc61f6ad1876a80bfae77cc34fcc869cc3f5aa3d96a62dea5df
a80b38c728c722b98fb0765f85ba1ff967a4d23bcf5e36143a7d2e566ecb7362
a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a
aeacc2c38257716d505be03662970a12a6525c497e559801f9779967d49dd71d
b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480
b52fb8d6e31262ca135e3f13f6bbd4cbe47e6adc73d4469d1ddbb47b88538d3e
b97bd40ed81da00659daeff4bc998c4e1c28e4d54b63c4f22caa982dafbc0458
ba8ce9ae6438063f8b8c5584d894ee266f8a31efd8601d65d3c8d22a94c743ef
bd04ead36af44e993ecd77cb0cbcfa61ed402614a0826887e0223113ead7e230
c124fab0de2117b1a58241d3d7bac1b88b7558dc8cde9f16e381cfc2d41f500c
c82c220865f837b572b2c89473cef4cd9fb4d82d4d5878b396b4cebf0be8430c
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df
d4a3cba4ba1c6d2412f275ee5ffe2c126b46ec8f6f8da7b2d0e37adf6cbfdf2f
d4d2e516b0058e0ed107e1c047df8a50ff198d8415d4a26cc317fd8ff7ce8503
db0e93a6caa38aa56a60492fbb22c1d09e743b879bf3486c2caf5e6dc290cf32
e0147be2f7720e6e11e5b146606e8f382c9bf3d7686782491e19e67327cdc4ac
e1905806b06c00d6822e7c5aea4806d54caf8f299870e6398ded798ec04d77bb
e1b5168a3bb31b7ebf8fbc084f4356a3379aafe72bfd901ec78346e30247944e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b93a1b0941a116dcb0ed0b5c3ea062cdcad365207c405b231094eb485d95fc
ea8895221c75039c9a2cb7d166cd3ad303ed316b086b732fcca911dbeb8709aa
eea2971a679c1883149e08d494a34c20e948037e732b73b8d3b5cef59d585798
eecfebe593ce364136932080a12f9966e02c7dab0a58e35145c44292ab878e1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a7af225a0104126d79e7a2bf1d4c1d972f0f94537bf07e410dc637c6ad96e3
f5bb8c06bdb93beeb4646dc66a1eb8f51e20c360d0d7c65c4d2000b82f93e17e
f7747f6b3c907bcdf5bb5d567461e79a9b68c03587d0b11400deb85c8526916a
faa51a144f94305eb58167b7154ab49ef33016363ecde0637837d1a89806df87
fefe133a62e774497a56c108969ae348c963be9aa2a3c210287bbe6b1b704ee4

observer-me.com Open in urlscan Pro 13.249.85.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

81 %HTTPS

49 %IPv6

33 Domains

43 Subdomains

40 IPs

4 Countries

2600 kBTransfer

5680 kBSize

26 Cookies

6 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

observer-me.com Open in urlscan Pro
13.249.85.86 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

81 %
HTTPS

49 %
IPv6

33
Domains

43
Subdomains

40
IPs

4
Countries

2600 kB
Transfer

5680 kB
Size

26
Cookies

139 HTTP transactions
3 data transactions