business.observernewsonline.com Open in urlscan Pro
2604:2dc0:100:282f:: Public Scan

Go To Rescan
Add Verdict Report

URL:
http://business.observernewsonline.com/observernewsonline/news/read/42003717
Submission: On November 28 via manual (November 28th 2021, 5:27:49 pm UTC) from US — Scanned from IT

Summary HTTP 150 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 22 domains to perform 150 HTTP transactions. The main IP is 2604:2dc0:100:282f::, located in United States and belongs to OVH, FR. The main domain is business.observernewsonline.com.

This is the only time business.observernewsonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 25	2604:2dc0:100... 2604:2dc0:100:282f::	16276 (OVH) (OVH)
1	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
17	192.104.183.209 192.104.183.209	10668 (LEE-ASN) (LEE-ASN)
2	34.95.105.209 34.95.105.209	15169 (GOOGLE) (GOOGLE)
1	35.160.236.154 35.160.236.154	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	13.224.193.81 13.224.193.81	16509 (AMAZON-02) (AMAZON-02)
1	72.52.216.63 72.52.216.63	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1 2	192.252.149.23 192.252.149.23	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
5	69.16.231.56 69.16.231.56	32244 (LIQUIDWEB) (LIQUIDWEB)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
12	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
20	104.18.23.230 104.18.23.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	13.225.77.94 13.225.77.94	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 7	104.107.160.24 104.107.160.24	16625 (AKAMAI-AS) (AKAMAI-AS)
3	95.100.146.64 95.100.146.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.149.62 34.102.149.62	15169 (GOOGLE) (GOOGLE)
1	34.95.81.205 34.95.81.205	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
150	32

25 2604:2dc0:100:282f:: (United States) 4 redirects

ASN16276 (OVH, FR)

business.observernewsonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
markets.financialcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.financialcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

observernewsonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.104.183.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.observernewsonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.105.209 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 209.105.95.34.bc.googleusercontent.com

launch.newsinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
launch.inform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.236.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-236-154.us-west-2.compute.amazonaws.com

weathersticker.wunderground.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.193.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-81.fra2.r.cloudfront.net

js.financialcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.52.216.63 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: ssd2.marketersmedia.com

marketersmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.252.149.23 (Waltham, United States) 1 redirects

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: server310.com

www.surfnewmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.16.231.56 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb04.parklogic.com

q1mediahydraplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.23.230 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.77.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-94.fra2.r.cloudfront.net

images.financialcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.107.160.24 (Berlin, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-160-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.100.146.64 (Slough, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-64.deploy.static.akamaitechnologies.com

res-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.149.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.149.102.34.bc.googleusercontent.com

navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.205 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 205.81.95.34.bc.googleusercontent.com

analytics.inform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	observernewsonline.com 2 redirects business.observernewsonline.com observernewsonline.com www.observernewsonline.com	66 KB
24	googlesyndication.com b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	360 KB
21	financialcontent.com 2 redirects markets.financialcontent.com js.financialcontent.com ads.financialcontent.com images.financialcontent.com	32 KB
20	dianomi.com www.dianomi.com	662 KB
15	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	166 KB
8	media.net 1 redirects contextual.media.net lg3.media.net navvy.media.net	150 KB
6	google.com adservice.google.com www.google.com	2 KB
5	q1mediahydraplatform.com q1mediahydraplatform.com
4	google.it adservice.google.it www.google.it	2 KB
4	googletagservices.com www.googletagservices.com	136 KB
4	google-analytics.com 1 redirects www.google-analytics.com	37 KB
3	akamaihd.net res-a.akamaihd.net	27 KB
2	inform.com launch.inform.com analytics.inform.com	271 KB
2	facebook.net connect.facebook.net	85 KB
2	surfnewmedia.com 1 redirects www.surfnewmedia.com	3 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	googleadservices.com partner.googleadservices.com	417 B
1	quantserve.com edge.quantserve.com	10 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	marketersmedia.com marketersmedia.com	26 KB
1	wunderground.com weathersticker.wunderground.com	111 B
1	newsinc.com launch.newsinc.com	988 B
150	22

	Domain	Requested by
20	www.dianomi.com	ads.financialcontent.com business.observernewsonline.com www.dianomi.com
17	www.observernewsonline.com	business.observernewsonline.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net business.observernewsonline.com
11	ads.financialcontent.com	business.observernewsonline.com ads.financialcontent.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	business.observernewsonline.com	2 redirects business.observernewsonline.com
5	q1mediahydraplatform.com	business.observernewsonline.com
4	contextual.media.net	1 redirects business.observernewsonline.com contextual.media.net
4	www.googletagservices.com	business.observernewsonline.com securepubads.g.doubleclick.net
4	www.google-analytics.com	1 redirects business.observernewsonline.com www.googletagmanager.com www.google-analytics.com
4	js.financialcontent.com	business.observernewsonline.com js.financialcontent.com
4	markets.financialcontent.com	2 redirects business.observernewsonline.com
3	res-a.akamaihd.net	contextual.media.net
3	lg3.media.net	business.observernewsonline.com contextual.media.net
3	www.google.com	business.observernewsonline.com tpc.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.it	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	images.financialcontent.com	business.observernewsonline.com
2	b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net business.observernewsonline.com
2	stats.g.doubleclick.net	business.observernewsonline.com www.google-analytics.com
2	connect.facebook.net	business.observernewsonline.com connect.facebook.net
2	www.surfnewmedia.com	1 redirects business.observernewsonline.com
2	fonts.googleapis.com	business.observernewsonline.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	analytics.inform.com	launch.inform.com
1	navvy.media.net	contextual.media.net
1	www.google.it	business.observernewsonline.com
1	edge.quantserve.com	launch.inform.com
1	launch.inform.com	launch.newsinc.com
1	www.googletagmanager.com	business.observernewsonline.com
1	marketersmedia.com	business.observernewsonline.com
1	weathersticker.wunderground.com	business.observernewsonline.com
1	launch.newsinc.com	business.observernewsonline.com
1	observernewsonline.com	business.observernewsonline.com
150	36

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.wunderground.com
www.legacy.com
local.observernewsonline.com
www.observernewsonline.com
games.observernewsonline.com
www.surfnewmedia.com
bns.shounen-ai.net

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
marketersmedia.com cPanel, Inc. Certification Authority	`2021-11-13` - `2022-02-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-07` - `2021-12-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
*.google.it GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.inform.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-20` - `2022-04-20`	a year	crt.sh

This page contains 16 frames:

Primary Page: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Frame ID: B7AC32255BE7B762C495632C2077CB6B
Requests: 91 HTTP requests in this frame

Frame: https://b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 944395BC134BAC8E21D23A9B626FCFB9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3e3XDAsz28C65of9fqk3DjNjQ7L_u1TzIpouh5w8i7QQBCclsWbLy8HOWQ_uw0RnJb0-2AsLSbjd7MOnfc28w_23RMBwbuGfoQLsRjOjeQETbn87T1NGJlbkNuiaSHDS4mymorfE2YiynDbeqmp7iUg8yju9u6Uf8mTYnq4Jh72CGqToKlHnaqPNxEBHpXNkTzshLQIEOvden9sapyEGWtD1EnKQJ9rzPAnA_wnPM9NBPp5phKx0UFkN3qJbY6Xy0REWOmvdyykB4Kfhi5SCfEjQpEDaxGnhMv0dYjnkeVF0ylQgjT07h-p6sYgZEXhXxkvgyqENyWLU&sai=AMfl-YRkg5r6vwvyRnxg2hZsuero7cqPeChB1LNvQwrHbvwkJ8Q5qUzIOwugvvyyRlQa3bMt4UL0hp3DBxSRUsWTv5FHdaSc4-hr7CURHfX1Wi2PIHyBdiBcO-mX6qodE6k&sig=Cg0ArKJSzH9KS9VifU3-EAE&uach_m=[UACH]&adurl=
Frame ID: 5F72AA7E63BAED30AEE31878F049FB42
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstifHiP0n3NyZUOdHG7f4U8L1UNr5G96n93Bq8sv6ethNtedhUdiF_kzhkiM50b_BrY2JzEAaVGiGw47DHjOdlvnwOzr_L4x01TkQ7pFCPG5ifD1Efm1XbvG4oA1P-AjZgfclOzFvB3GPROufMSVWOPVIZHLMPsLb5uCJWVG1rvCd6UePq7g7ivuU62zj-TzoPxi8ISYCL00SghL8XmWkwD5fZhCDXZdzsnTxpXnhfIxH3WcpBf_d9rZOge3uhKZPCb9DcIh8B2x4Fbh9Om_L94Z8u6vYJn5y35VcAjb1St6Frq45C-XL3qhaFwFJ_4f5EF7jS4sMGMSwXf48w5jrM&sai=AMfl-YSvkgKdDk2X8jQM5DEmMOIqfNlrWOMl6PSxwVvvYg7uWl9EUdtbSPCmVFvSQJFy7lpgLWF4oW67RbPX4yNrPrcZzmlkz5OAzxbUOWqm7l37-7BZ1EQWXe1LJq3_MaY&sig=Cg0ArKJSzO9aUo-GZsYDEAE&uach_m=[UACH]&adurl=
Frame ID: 46AB91C8EC4393E566E6AFF4C1564080
Requests: 8 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=6411
Frame ID: E9FF5FB6AF9C75BF43C1C38BC1259F88
Requests: 1 HTTP requests in this frame

Frame: https://b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9F8DF242BE696BDCFF0B71199062AFE3
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=6411
Frame ID: 86FD0A98A6944B9172D6A6AEF6068D66
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/1017354394/fcmain.html?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUEYJ2LS&cpcd=ZcoNprj87wgz1eq0DRjPuA%3D%3D&crid=673682968&size=300x600&cc=IT&https=1&vif=1&requrl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&nse=5&vi=1638120464918451856&ugd=4&htmlsrc=1
Frame ID: 89F786CAE66102571C3C4AB4ED931B10
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3-7lMzE81S0St6j0ZObv_p5wWcnq3_CEI3Ut8zJnHjY1Ol-iMMSAdl-JMmyFFtUfOynMlkv8ATi36YUDcrOQGpYmPuvpSyFqMrwJO1lgouogRSLSEI9-S8oEh-JJZtL0i2-KJ_iW56Q435IdrehK4WrNjzIzOTZyLLP96N-Jhe6FGpvEiw3rp43MrwTqRyxZXRow1lbZOJrtXX5cP0h6FEw7fBUjr42kPGrXtjzn42mK286SjuG-LCzMuImC-nZfMN1TP4x_Z-z2IsEt2p4wYlg9a4DZ0hOXx8k6iFDmWtOVFrHl2u1qB5yHADDfxwu4ssw9mGRzNQOLs3nn0Mg&sig=Cg0ArKJSzFI2pvC74eoTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A873519B1625DD0BC26DA393D4647110
Requests: 12 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=6427&num_ads=5&cf=417.262.FinCon&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&unitId=dianomi-6427-YaO8ERpzOXAk8cFUOxfPVwAAAB40
Frame ID: C0BA49CDFF30FA7F68F18039D2DD878D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 3AAD63093A0AA688D981A41B14BE61C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1168130439607626&output=html&h=280&slotname=4385408621&adk=2122718539&adf=3173046729&pi=t.ma~as.4385408621&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638120465322&bpp=4&bdt=124&idt=277&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&cookie=ID%3D78a3d7d77f67323f%3AT%3D1638120463%3AS%3DALNI_MbTroRt_dnAz1KURsTt9Apx63Sgmg&correlator=2792594686907&frm=23&ife=4&pv=2&ga_vid=832590970.1638120463&ga_sid=1638120463&ga_hid=1218060907&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=2858&biw=1600&bih=1200&isw=728&ish=90&ifk=2362164875&scr_x=0&scr_y=0&eid=44754331%2C31063735%2C31063793&oid=2&pvsid=1267060735643598&pem=444&tmod=1079347178&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.icvpl2qsz4cr&btvi=1&fsb=1&dtd=289
Frame ID: 6C5F8C87C4631A173C6E6376F0B649BE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C92E3A1525689619BC142874D2805C5B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63BBFF62E5CB81586D10B290F0506086
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3134DF9C04C29CC18172455BEA51275B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A56AC952FF83D39C4F577953BC52FB39
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Observer News Enterprise

Page Statistics

150
Requests

59 %
HTTPS

52 %
IPv6

22
Domains

36
Subdomains

32
IPs

5
Countries

2071 kB
Transfer

4052 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/The-Observer-News-Enterprise/73539327933

Search URL Search Domain Scan URL

URL: http://www.wunderground.com/cgi-bin/findweather/getForecast?query=zmw:28658.1.99999&bannertypeclick=wu_simpleblack

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/observernewsonline/
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://local.observernewsonline.com/
Title: Local Guide

Search URL Search Domain Scan URL

URL: http://www.observernewsonline.com/special-sections
Title: Special Sections

Search URL Search Domain Scan URL

URL: http://games.observernewsonline.com/
Title: Games

Search URL Search Domain Scan URL

URL: http://www.surfnewmedia.com/

Search URL Search Domain Scan URL

URL: http://bns.shounen-ai.net/honypot/shopperconclusive.php?showtopic=225&qlvc=5635e41519527992b2c4e930cb4dc40b
Title: Comment Here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://business.observernewsonline.com/facebook.png HTTP 301
http://markets.financialcontent.com/stocks/ HTTP 301
https://markets.financialcontent.com/stocks/

Request Chain 16

http://business.observernewsonline.com/rss.png HTTP 301
http://markets.financialcontent.com/stocks/ HTTP 301
https://markets.financialcontent.com/stocks/

Request Chain 31

http://www.surfnewmedia.com/smalllogo.png HTTP 301
https://www.surfnewmedia.com/smalllogo.png

Request Chain 33

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 34

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 43

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=17719938&utmhn=business.observernewsonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20Observer%20News%20Enterprise&utmhid=1970493820&utmr=-&utmp=%2Fobservernewsonline%2Fnews%2Fread%2F42003717&utmht=1638120463312&utmac=UA-6352221-2&utmcc=__utma%3D121392923.832590970.1638120463.1638120463.1638120463.1%3B%2B__utmz%3D121392923.1638120463.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=896271846&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=17719938&utmhn=business.observernewsonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20Observer%20News%20Enterprise&utmhid=1970493820&utmr=-&utmp=%2Fobservernewsonline%2Fnews%2Fread%2F42003717&utmht=1638120463312&utmac=UA-6352221-2&utmcc=__utma%3D121392923.832590970.1638120463.1638120463.1638120463.1%3B%2B__utmz%3D121392923.1638120463.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=896271846&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6352221-2&cid=832590970.1638120463&jid=896271846&_v=5.7.2&z=17719938

Request Chain 81

http://contextual.media.net/dmedianet.js?cid=8CUEYJ2LS HTTP 302
https://contextual.media.net/dmedianet.js?cid=8CUEYJ2LS

150 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 42003717 Show response
business.observernewsonline.com/observernewsonline/news/read/ 40 KB
41 KB 274ms
258ms Document
text/html 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1 /
Resource Hash: fcb1b952802295d9a323c95e7f7a12916509be1de9404bb6f0ff0f9254c3b205

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Sun, 28 Nov 2021 17:27:41 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
last-modified: Sun, 28 Nov 2021 17:27:41 GMT
expires: Sun, 28 Nov 2021 17:32:41 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache: MISS from markets.financialcontent.com
transfer-encoding: chunked

GET
H/1.1 404
Not Found wrap.css
observernewsonline.com/ 0
0 340ms
209ms Stylesheet
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://observernewsonline.com/wrap.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
www.observernewsonline.com/sites/default/files/css/ 0
0 337ms
208ms Stylesheet
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found css_LLdIjgXUNZKJi5igff3lFbd7WAKl56HtA7Pju9irTrs.css
www.observernewsonline.com/sites/default/files/css/ 0
0 337ms
209ms Stylesheet
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/css/css_LLdIjgXUNZKJi5igff3lFbd7WAKl56HtA7Pju9irTrs.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found css_6DcwtKEPUvJCe61jslFuKskuZjfuI8BZa0w9_BWCmp4.css
www.observernewsonline.com/sites/default/files/css/ 0
0 336ms
208ms Stylesheet
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/css/css_6DcwtKEPUvJCe61jslFuKskuZjfuI8BZa0w9_BWCmp4.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found css_sl2JJGS3j6UHe9lIy6YH0JRAmozGzHA5SQPWIEYcsEs.css
www.observernewsonline.com/sites/default/files/css/ 0
0 337ms
209ms Stylesheet
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/css/css_sl2JJGS3j6UHe9lIy6YH0JRAmozGzHA5SQPWIEYcsEs.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found css_k7hYVLcPtUz9tqlfPQiV4_6WCoEKltTBziCEgqcwWeA.css
www.observernewsonline.com/sites/default/files/css/ 0
0 334ms
207ms Stylesheet
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/css/css_k7hYVLcPtUz9tqlfPQiV4_6WCoEKltTBziCEgqcwWeA.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found js_0gj6QcpfRH2jzTbCQqf7kEkm4MXY0UA_sRhwPc8jC1o.js
www.observernewsonline.com/sites/default/files/js/ 0
0 337ms
210ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_0gj6QcpfRH2jzTbCQqf7kEkm4MXY0UA_sRhwPc8jC1o.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found js_Xdp_56Kwrjh9XNxqhxmaYOwIKVvPB-7wqAz_R60LA6w.js
www.observernewsonline.com/sites/default/files/js/ 0
0 557ms
207ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_Xdp_56Kwrjh9XNxqhxmaYOwIKVvPB-7wqAz_R60LA6w.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found js_TnDLtOBs58sriMGzIMB-iDlDt__-c5GOBLJ-Bp6LPI0.js
www.observernewsonline.com/sites/default/files/js/ 0
0 557ms
208ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_TnDLtOBs58sriMGzIMB-iDlDt__-c5GOBLJ-Bp6LPI0.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found js_lgAAOlplEun7p_8Pb-8dM079wtvnfwLZ0hAK0mH7Dto.js
www.observernewsonline.com/sites/default/files/js/ 0
0 558ms
207ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_lgAAOlplEun7p_8Pb-8dM079wtvnfwLZ0hAK0mH7Dto.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found js_gA-c69_zfSadEfrEkAcSAEMsvlpuOxJEpXgzxAPLOYY.js
www.observernewsonline.com/sites/default/files/js/ 0
0 558ms
208ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_gA-c69_zfSadEfrEkAcSAEMsvlpuOxJEpXgzxAPLOYY.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found js_2W44zDTZr9WBvctzHmoeMuUhSWf6UlIF_AmYdLyzkco.js
www.observernewsonline.com/sites/default/files/js/ 0
0 560ms
209ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_2W44zDTZr9WBvctzHmoeMuUhSWf6UlIF_AmYdLyzkco.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found js_mB7ts7yN3otwD15UQdTqJoQbROg0BSkCq-Lhh6VMurM.js
www.observernewsonline.com/sites/default/files/js/ 0
0 560ms
208ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_mB7ts7yN3otwD15UQdTqJoQbROg0BSkCq-Lhh6VMurM.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found js_v8gW9kXjSxxjuxWVMJ4UoGeLZl0qmZAHLUhnXIsWsuc.js
www.observernewsonline.com/sites/default/files/js/ 0
0 779ms
207ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_v8gW9kXjSxxjuxWVMJ4UoGeLZl0qmZAHLUhnXIsWsuc.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK embed.js Show response
launch.newsinc.com/js/ 208 B
988 B 101ms
18ms Script
application/javascript 34.95.105.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://launch.newsinc.com/js/embed.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 34.95.105.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 209.105.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 71b4fa19a4ed21aa1def9219942ddc11bff922a06a5828bf007d9dab48067bf8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 16:30:16 GMT
x-goog-meta-goog-reserved-file-mtime: 1555959412
Age: 3447
X-GUploader-UploadID: ADPycduO-r6FK6R-9KdX-QDMq770MzSXIxIVdP-I_Mzk7fnxGT_WWIhIxIng8QG6k-Qx_SA5INp4rGldSKGBguWul7xmECeoAg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 208
Last-Modified: Tue, 30 Apr 2019 17:17:32 GMT
Server: UploadServer
ETag: "1398347a0368431b9b14993a23edca6a"
x-goog-hash: crc32c=ULK8kg==, md5=E5g0egNoQxubFJk6I+3Kag==
Content-Language: en
x-goog-generation: 1556644652929924
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 208
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Sun, 28 Nov 2021 17:30:16 GMT

GET
H/1.1

200
OK

/
markets.financialcontent.com/stocks/
Redirect Chain

http://business.observernewsonline.com/facebook.png
http://markets.financialcontent.com/stocks/
https://markets.financialcontent.com/stocks/

0
0

431ms
201ms

Image
text/html

2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://markets.financialcontent.com/stocks/
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 28 Nov 2021 17:27:43 GMT
last-modified: Sun, 28 Nov 2021 17:27:43 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
location: https://markets.financialcontent.com/stocks/
transfer-encoding: chunked
x-cache: MISS from markets.financialcontent.com
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
expires: Sun, 28 Nov 2021 17:32:43 GMT

GET
H/1.1

200
OK

/
markets.financialcontent.com/stocks/
Redirect Chain

http://business.observernewsonline.com/rss.png
http://markets.financialcontent.com/stocks/
https://markets.financialcontent.com/stocks/

0
0

961ms
454ms

Image
text/html

2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://markets.financialcontent.com/stocks/
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 28 Nov 2021 17:27:43 GMT
last-modified: Sun, 28 Nov 2021 17:27:43 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
location: https://markets.financialcontent.com/stocks/
transfer-encoding: chunked
x-cache: MISS from markets.financialcontent.com
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
expires: Sun, 28 Nov 2021 17:32:43 GMT

GET
H/1.1 404
Not Found css_2THG1eGiBIizsWFeexsNe1iDifJ00QRS9uSd03rY9co.css
www.observernewsonline.com/sites/default/files/css/ 0
0 222ms
207ms Stylesheet
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/css/css_2THG1eGiBIizsWFeexsNe1iDifJ00QRS9uSd03rY9co.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found O-N-E%20LOGO.jpg
www.observernewsonline.com/sites/default/files/ 0
0 222ms
205ms Image
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.observernewsonline.com/sites/default/files/O-N-E%20LOGO.jpg
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable: Back-end server is at capacity wxBanner
weathersticker.wunderground.com/weathersticker/cgi-bin/banner/ban/ 0
111 B 453ms
372ms Image
text/plain 35.160.236.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weathersticker.wunderground.com/weathersticker/cgi-bin/banner/ban/wxBanner?bannertype=wu_simpleblack&airportcode=KHKY&ForcedCity=Newton&ForcedState=NC&zip=28658&language=EN
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 35.160.236.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-236-154.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 105ms
34ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:wght@700&display=swap

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04de5f97e3a9f20c3cd0cf447e4b83a9637473c6ec2f0240b8d4df4f4b3fdb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 16:35:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 17:27:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 17:27:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
708 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 16:41:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 17:27:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 17:27:42 GMT

GET
H/1.1 200
OK privatelabel.css
business.observernewsonline.com/client/observernewsonline/ 10 KB
11 KB 113ms
113ms Stylesheet
text/css 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://business.observernewsonline.com/client/observernewsonline/privatelabel.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1 /
Resource Hash: 160f14de0ff9b1d041ad6a76cc63b9c184bdca6051647bf66602cd00a6cb3df5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/observernewsonline/news/read/42003717
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:42 GMT
last-modified: Mon, 24 Aug 2020 16:01:25 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
etag: "29e8-5ada1b2de2357"
x-cache: MISS from markets.financialcontent.com
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 10728

GET
H/1.1 404
Not Found privatelabel.css
business.observernewsonline.com/client/observernewsonline/observernewsonline/ 0
0 113ms
113ms Stylesheet
text/html 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://business.observernewsonline.com/client/observernewsonline/observernewsonline/privatelabel.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1 /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/observernewsonline/news/read/42003717
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 Nov 2021 17:27:43 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
content-length: 196
x-cache: MISS from markets.financialcontent.com
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK FCON.js Show response
js.financialcontent.com/FCON/ 8 KB
8 KB 80ms
51ms Script
application/javascript 13.224.193.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://js.financialcontent.com/FCON/FCON.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 13.224.193.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-81.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9ee42916827cfdd9cafa08bd07b23435d8f310d6a65c572d77f496288c3557e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:21:54 GMT
Via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 19 Aug 2020 21:34:01 GMT
Server: AmazonS3
Age: 519
ETag: "7d3bbcfda391158d3a4d8ff27b19fc76"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=60
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 7851
X-Amz-Cf-Id: eEPtF1SOJR-hA2_9mPzJwins1_mPCZ54qL8h1IgINnwSl2SeUh-0vw==

GET
H/1.1 200
OK privatelabel1.css
business.observernewsonline.com/privatelabel/ 5 KB
5 KB 117ms
112ms Stylesheet
text/css 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://business.observernewsonline.com/privatelabel/privatelabel1.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1 /
Resource Hash: ed0bcd80d3b4303d961bdc073484a695d2fee2ec84b279bc26be91dc727f22a2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/observernewsonline/news/read/42003717
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
last-modified: Thu, 27 Aug 2020 18:16:46 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
etag: "1476-5addff06f540b"
x-cache: MISS from markets.financialcontent.com
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5238

GET
H/1.1 200
OK investingnav2020.css
business.observernewsonline.com/widget/privatelabel/nav/ 4 KB
4 KB 208ms
193ms Stylesheet
text/css 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://business.observernewsonline.com/widget/privatelabel/nav/investingnav2020.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1 /
Resource Hash: f43a0e8d286dd2e8a538b2f5057d1fbbd1571cc5c2263075119bd0012eb018be

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/observernewsonline/news/read/42003717
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
last-modified: Wed, 26 Aug 2020 17:43:22 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
etag: "f0d-5adcb5b20940d"
x-cache: MISS from markets.financialcontent.com
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3853

GET
H/1.1 200
OK newsread1.css
business.observernewsonline.com/widget/privatelabel/news/ 4 KB
4 KB 215ms
198ms Stylesheet
text/css 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://business.observernewsonline.com/widget/privatelabel/news/newsread1.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1 /
Resource Hash: b81d2594557cdebef8aa9c7f7671bba2f860a7972a8a892d6cb308d624cc10d1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/observernewsonline/news/read/42003717
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
last-modified: Fri, 28 Aug 2020 20:55:25 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
etag: "e70-5adf645aa8aff"
x-cache: MISS from markets.financialcontent.com
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3696

GET
H2 200 89053664-thumb-500x273.jpg
marketersmedia.com/wp-content/uploads/2021/11/ 26 KB
26 KB 409ms
132ms Image
image/jpeg 72.52.216.63
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketersmedia.com/wp-content/uploads/2021/11/89053664-thumb-500x273.jpg
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.216.63 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ssd2.marketersmedia.com
Software: LiteSpeed /
Resource Hash: b8e003b4b7d26ee02a188fb24628333d94e9fa88da957caec99f9100a899c91b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:42 GMT
last-modified: Mon, 22 Nov 2021 10:50:21 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 26436
expires: Tue, 28 Dec 2021 17:27:42 GMT

GET
H/1.1 200
OK attribution1.css
business.observernewsonline.com/widget/privatelabel/attribution/ 491 B
829 B 214ms
198ms Stylesheet
text/css 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://business.observernewsonline.com/widget/privatelabel/attribution/attribution1.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1 /
Resource Hash: b701c3ed8d8713f1a532046fb21e00edd11222319452cbbc4654d363bd6fc077

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/observernewsonline/news/read/42003717
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
last-modified: Tue, 18 Aug 2020 02:47:46 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
etag: "1eb-5ad1de97c68f9"
x-cache: MISS from markets.financialcontent.com
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 491

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 110ms
37ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8590502-3

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33e13399dbfbfb70121ef3ae538ff4242e5ae9fbd247afcd0a8af8fdd5de3203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36146
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Nov 2021 17:27:43 GMT

GET
H2

200

smalllogo.png
www.surfnewmedia.com/
Redirect Chain

http://www.surfnewmedia.com/smalllogo.png
https://www.surfnewmedia.com/smalllogo.png

3 KB
3 KB

348ms
117ms

Image
image/png

192.252.149.23
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.surfnewmedia.com/smalllogo.png

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Server

192.252.149.23 Waltham, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

server310.com

Software

Apache /

Resource Hash

3e68595446d0fdd1964f1f69a856526cdd8a04351583fe5cf122d0cc729f638a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Jul 2021 00:05:23 GMT
server: Apache
etag: "b04-5c782cf6a19e2"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2820
expires: Sun, 12 Dec 2021 17:27:43 GMT

Redirect headers

Location: https://www.surfnewmedia.com/smalllogo.png
Date: Sun, 28 Nov 2021 17:27:43 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=60, max=10000
Content-Length: 250
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found controller.php
q1mediahydraplatform.com/ads/video/ 0
0 300ms
266ms Script
text/html 69.16.231.56
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 69.16.231.56 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb04.parklogic.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

88ms
30ms

Script
application/x-javascript

2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

954dc6f92cc73e0d267992c81832ef4558fdd8d8d8e698a10e0686bd29370438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GyzakwpsnrnB1ngmSNxGLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: kNuEs5J/3dWbGaYBYfw6iNpHAChR/ye0pz1Vzg13uKE1R5lLbKffz9hf0F9bPLtlT1e4EuOf1ag7JJSf1B1B2g==
x-fb-trip-id: 917726464
x-fb-content-md5: 2e09ae8bc36048bc9679740b8728bd30
x-frame-options: DENY
date: Sun, 28 Nov 2021 17:27:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "093d264c48f1eed5fc3852d29243deef"
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:37:24 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

94ms
25ms

Script
text/javascript

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 572
date: Sun, 28 Nov 2021 17:18:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 28 Nov 2021 19:18:11 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found js_mB7ts7yN3otwD15UQdTqJoQbROg0BSkCq-Lhh6VMurM.js
www.observernewsonline.com/sites/default/files/js/ 0
0 222ms
207ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_mB7ts7yN3otwD15UQdTqJoQbROg0BSkCq-Lhh6VMurM.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found js_v8gW9kXjSxxjuxWVMJ4UoGeLZl0qmZAHLUhnXIsWsuc.js
www.observernewsonline.com/sites/default/files/js/ 0
0 222ms
207ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.observernewsonline.com/sites/default/files/js/js_v8gW9kXjSxxjuxWVMJ4UoGeLZl0qmZAHLUhnXIsWsuc.js
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 68ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d68b4c44cafe1ab0c4ba679f2c5d189c862200c162b0dfded1cc2daefa8b185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:27:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1057 / 134 of 1000 / last-modified: 1637708722"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 26863
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Sun, 28 Nov 2021 17:27:43 GMT

GET
H/1.1 200
OK embed.js Show response
launch.inform.com/2/js/ 270 KB
271 KB 35ms
20ms Script
application/javascript 34.95.105.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://launch.inform.com/2/js/embed.js
Requested by: Host: launch.newsinc.com
URL: http://launch.newsinc.com/js/embed.js
Protocol: HTTP/1.1
Server: 34.95.105.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 209.105.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b6001c79ff05080996f77cd3e4561352163af6996b6f6f434ac6fc96fe67b605

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 16:44:29 GMT
x-goog-meta-goog-reserved-file-mtime: 1568920283
Age: 2594
X-GUploader-UploadID: ADPycdvKS36OAZZNW10X9HfnrLXT1fMshSGtuoj9Y-leMjBWQyW18X40Jxu1HgSOLfgie6QbF83jgfIRt71WGeCB-SpmKpIPbQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 276619
Last-Modified: Thu, 19 Sep 2019 19:12:50 GMT
Server: UploadServer
ETag: "4ce437e3e9be478eae83573da9cd057b"
x-goog-hash: crc32c=CMT3cA==, md5=TOQ34+m+R46ug1c9qc0Few==
Content-Language: en
x-goog-generation: 1568920370729109
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 276619
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Sun, 28 Nov 2021 17:44:29 GMT

GET
H/1.1 200
OK ajs.php Show response
ads.financialcontent.com/www/delivery/ 727 B
1 KB 239ms
207ms Script
text/javascript 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5141&cb=35584083921&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: e925d37f2475e0b8b162af50ef45ab4882142db5716a9a0483c8cf939c5d19a5

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:43 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
content-length: 727
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 291 KB
82 KB 52ms
25ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=102c43f389c1f9e326694f3a994a33cc

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

985ea6febe2dc38f90bdbc7226471dd7740bf2daaf199285549cbe2bdcff86c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://business.observernewsonline.com/
Origin: http://business.observernewsonline.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4Nn0UZOhtsC2V2o4TUMgvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84371
x-fb-rlafr: 0
x-fb-debug: cCORwWk9BAH+qT8FJLadJ+NdlPJrQCPUz+MNlJ7KNDTpHtYrBetEpynfZd4Xmjr5l6Evc9cLZbcohoDIDiZI+g==
x-fb-content-md5: 68cabd80c2cca2d795f1d485a2782e9c
x-frame-options: DENY
date: Sun, 28 Nov 2021 17:27:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5d40817b023d0c657bf5a672fee9c351"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 28 Nov 2022 16:36:42 GMT

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 117ms
40ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Nov 2021 17:27:43 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 162 B
753 B 114ms
38ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=business.observernewsonline.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3bd973b6680957845565525da00200236d33f1cb8cd5f76c77995e9243888379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Sun, 28 Nov 2021 17:27:43 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=17719938&utmhn=business.observernewsonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=17719938&utmhn=business.observernewsonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmf...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6352221-2&cid=832590970.1638120463&jid=896271846&_v=5.7.2&z=17719938

35 B
430 B

107ms
35ms

Image
image/gif

2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6352221-2&cid=832590970.1638120463&jid=896271846&_v=5.7.2&z=17719938

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Nov 2021 17:27:43 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:43 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6352221-2&cid=832590970.1638120463&jid=896271846&_v=5.7.2&z=17719938
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 366
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 24 KB
10 KB 72ms
43ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: launch.inform.com
URL: http://launch.inform.com/2/js/embed.js
Protocol: HTTP/1.1
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:27:43 GMT
Content-Encoding: gzip
Etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sun, 05 Dec 2021 17:27:43 GMT

GET
H2 200 contextfeed.js Show response
www.dianomi.com/js/ 14 KB
5 KB 206ms
141ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed.js

Requested by

Host: ads.financialcontent.com
URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5141&cb=35584083921&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f03c94d5a4e33977b89384bb7d334c4f3a4149a2b51b744aa0cb406b4c1c53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2884
vary: X-FORWARDED-PROTO, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 10:44:06 GMT
server: cloudflare
etag: W/"3837-5cfb7db263757"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 28 Nov 2021 21:27:43 GMT
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6b554f00fe4bf91b-MXP
cf-bgj: minify

GET
H/1.1 200
OK lg.php
ads.financialcontent.com/www/delivery/ 43 B
430 B 113ms
113ms Image
image/gif 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.financialcontent.com/www/delivery/lg.php?bannerid=771&campaignid=450&zoneid=5141&loc=1&referer=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&cb=fcaf61b006
Requested by: Host: ads.financialcontent.com
URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5141&cb=35584083921&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:43 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 116ms
35ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=business.observernewsonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 103ms
37ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=business.observernewsonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
17 KB 124ms
81ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=467262228497960&correlator=1191304219516460&output=ldjh&impl=fif&eid=31063813&vrg=2021111601&ptt=17&sc=0&sfv=1-0-38&ecs=20211128&iu_parts=23317403%2CNewtonWeather&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x90&cookie_enabled=1&bc=23&abxe=1&lmt=1638120461&dt=1638120463487&dlt=1638120462053&idt=1411&frm=20&biw=1600&bih=1200&oid=2&adxs=8&adys=322&adks=2936773750&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&vis=1&scr_x=0&scr_y=0&psz=1584x91&msz=160x-1&ga_vid=832590970.1638120463&ga_sid=1638120463&ga_hid=1970493820&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

638cfa11c9b627cdf5f7155638be6fd8e72010e7a1f1d530904d5adb1e11772f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17793
x-xss-protection: 0
google-lineitem-id: 715464283
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 111937787923
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://business.observernewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
17 KB 128ms
85ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=467262228497960&correlator=1191304219516460&output=ldjh&impl=fif&eid=31063813&vrg=2021111601&ptt=17&sc=0&sfv=1-0-38&ecs=20211128&iu_parts=23317403%2CNewtonTopBannerHome&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=23&abxe=1&lmt=1638120461&dt=1638120463491&dlt=1638120462053&idt=1411&frm=20&biw=1600&bih=1200&oid=2&adxs=8&adys=726&adks=1279596725&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&vis=1&scr_x=0&scr_y=0&psz=1584x91&msz=728x-1&ga_vid=832590970.1638120463&ga_sid=1638120463&ga_hid=1970493820&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a367afbf305dcaddbe329b0f51169e076dd95399380f2b550b4fe7ff952b7433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17802
x-xss-protection: 0
google-lineitem-id: 662011243
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 66493817323
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://business.observernewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9443 6 KB
4 KB 120ms
44ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 28 Nov 2021 17:27:43 GMT
expires: Mon, 28 Nov 2022 17:27:43 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5F72 0
0 71ms
70ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3e3XDAsz28C65of9fqk3DjNjQ7L_u1TzIpouh5w8i7QQBCclsWbLy8HOWQ_uw0RnJb0-2AsLSbjd7MOnfc28w_23RMBwbuGfoQLsRjOjeQETbn87T1NGJlbkNuiaSHDS4mymorfE2YiynDbeqmp7iUg8yju9u6Uf8mTYnq4Jh72CGqToKlHnaqPNxEBHpXNkTzshLQIEOvden9sapyEGWtD1EnKQJ9rzPAnA_wnPM9NBPp5phKx0UFkN3qJbY6Xy0REWOmvdyykB4Kfhi5SCfEjQpEDaxGnhMv0dYjnkeVF0ylQgjT07h-p6sYgZEXhXxkvgyqENyWLU&sai=AMfl-YRkg5r6vwvyRnxg2hZsuero7cqPeChB1LNvQwrHbvwkJ8Q5qUzIOwugvvyyRlQa3bMt4UL0hp3DBxSRUsWTv5FHdaSc4-hr7CURHfX1Wi2PIHyBdiBcO-mX6qodE6k&sig=Cg0ArKJSzH9KS9VifU3-EAE&uach_m=[UACH]&adurl=

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 17:27:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 5F72 19 KB
8 KB 94ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 17:25:14 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5F72 2 KB
1 KB 109ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 17:26:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F72 119 KB
36 KB 1873ms
1808ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 17:27:45 GMT

GET
H2 200 12532044045655092974
tpc.googlesyndication.com/simgad/ Frame 5F72 51 KB
51 KB 109ms
42ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12532044045655092974

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8fa4888e2bbcb1f5ab505b1959923054b5d8472b0dba31521cfc4f988c42fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 12:52:23 GMT
x-content-type-options: nosniff
age: 362120
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52146
x-xss-protection: 0
last-modified: Fri, 19 Aug 2016 04:12:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 12:52:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46AB 0
0 71ms
71ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstifHiP0n3NyZUOdHG7f4U8L1UNr5G96n93Bq8sv6ethNtedhUdiF_kzhkiM50b_BrY2JzEAaVGiGw47DHjOdlvnwOzr_L4x01TkQ7pFCPG5ifD1Efm1XbvG4oA1P-AjZgfclOzFvB3GPROufMSVWOPVIZHLMPsLb5uCJWVG1rvCd6UePq7g7ivuU62zj-TzoPxi8ISYCL00SghL8XmWkwD5fZhCDXZdzsnTxpXnhfIxH3WcpBf_d9rZOge3uhKZPCb9DcIh8B2x4Fbh9Om_L94Z8u6vYJn5y35VcAjb1St6Frq45C-XL3qhaFwFJ_4f5EF7jS4sMGMSwXf48w5jrM&sai=AMfl-YSvkgKdDk2X8jQM5DEmMOIqfNlrWOMl6PSxwVvvYg7uWl9EUdtbSPCmVFvSQJFy7lpgLWF4oW67RbPX4yNrPrcZzmlkz5OAzxbUOWqm7l37-7BZ1EQWXe1LJq3_MaY&sig=Cg0ArKJSzO9aUo-GZsYDEAE&uach_m=[UACH]&adurl=

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 17:27:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 46AB 19 KB
8 KB 86ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 17:25:14 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 46AB 2 KB
1 KB 97ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 17:26:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46AB 119 KB
36 KB 1877ms
1823ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 17:27:45 GMT

GET
H2 200 9211684914478637143
tpc.googlesyndication.com/simgad/ Frame 46AB 67 KB
68 KB 112ms
55ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9211684914478637143

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3839c3b8a5fe0959c2c95b62aa567af2ddcad21c9b5911ddbf821150aeb92a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:36:12 GMT
x-content-type-options: nosniff
age: 345091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68976
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 14:17:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 17:36:12 GMT

GET
H/1.1 404
Not Found controller.php
q1mediahydraplatform.com/ads/video/ 0
0 281ms
266ms Script
text/html 69.16.231.56
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 69.16.231.56 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb04.parklogic.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK Hover.js Show response
js.financialcontent.com/Hover/ 3 KB
4 KB 33ms
33ms Script
application/javascript 13.224.193.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://js.financialcontent.com/Hover/Hover.js
Requested by: Host: js.financialcontent.com
URL: http://js.financialcontent.com/FCON/FCON.js
Protocol: HTTP/1.1
Server: 13.224.193.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-81.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 327e5d1f0abe4611e6b1a45a1f2c39eb17fb37fc1a0e21565b78cce92c4df31e

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 28 Nov 2021 17:21:55 GMT
Via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 19 Aug 2020 21:34:01 GMT
Server: AmazonS3
Age: 520
ETag: "5c80e0fc1b1fa10eb1e31f960110c404"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=60
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 3158
X-Amz-Cf-Id: km5ppx6wEdQJisNf6AiyUCyI7Yd-61WJUnsze0zLSONmH3S8rJJCAA==

GET
H/1.1 200
OK QuoteAPI.js Show response
js.financialcontent.com/QuoteAPI/ 1 KB
2 KB 76ms
61ms Script
application/javascript 13.224.193.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://js.financialcontent.com/QuoteAPI/QuoteAPI.js
Requested by: Host: js.financialcontent.com
URL: http://js.financialcontent.com/FCON/FCON.js
Protocol: HTTP/1.1
Server: 13.224.193.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-81.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a7dc1467c7bfa39d15d77f4c1ce42f1ebde93bcd5b8c57cac367df08be51c8b

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 28 Nov 2021 17:21:55 GMT
Via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 19 Aug 2020 21:34:03 GMT
Server: AmazonS3
Age: 604
ETag: "9aa61e8d2f70d48aff5d0e322c473364"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=60
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 1497
X-Amz-Cf-Id: g14WiCDXqSzHXoOdKJfUK0juRl7mUsd97LBxDSC-Er8kU1Yi9lbeRA==

GET
H/1.1 200
OK TickerBox2020.js Show response
js.financialcontent.com/TickerBox2020/ 5 KB
6 KB 72ms
57ms Script
application/javascript 13.224.193.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://js.financialcontent.com/TickerBox2020/TickerBox2020.js
Requested by: Host: js.financialcontent.com
URL: http://js.financialcontent.com/FCON/FCON.js
Protocol: HTTP/1.1
Server: 13.224.193.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-81.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c11c5710bca10bc5ef48e0c091572747642cf33af494020c321fa92ae3dd0d1

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 28 Nov 2021 17:21:55 GMT
Via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 19 Aug 2020 21:34:03 GMT
Server: AmazonS3
Age: 520
ETag: "4d19526af69972ba44326276ee62e2e9"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=60
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 5406
X-Amz-Cf-Id: HWvNeQhYlgB6iUuQzhkt7RPuxmRodVpTXhu4YiwOgrtCa9X888Hn5A==

GET
H/1.1 200
OK ajs.php Show response
ads.financialcontent.com/www/delivery/ 798 B
1 KB 114ms
114ms Script
text/javascript 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5145&cb=82839107757&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: e5688bcf9d2a2212aa313f05751cfb4e078f63c3f4621ae9e056913fd91b948a

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:43 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
content-length: 798
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK arrow_more1.png
images.financialcontent.com/studio-6.0/arrows/ 1 KB
2 KB 85ms
48ms Image
image/png 13.225.77.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.financialcontent.com/studio-6.0/arrows/arrow_more1.png
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/widget/privatelabel/nav/investingnav2020.css
Protocol: HTTP/1.1
Server: 13.225.77.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4397e610c09e4734d9481e332ec444b0317e8d529d674eac1e6bd1dca32b729

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:27:43 GMT
Via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Aug 2016 19:18:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
ETag: "52c43176369f14291bfdad4fc901508b"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1241
X-Amz-Cf-Id: gt_7qwsoAE9NCtehItgpkmFW8D7umWTXJiwqs5A-emJtxpRuQMUD9w==

GET
H/1.1 200
OK line-chart.png
images.financialcontent.com/studio-6.0/icons/16x16/ 934 B
1 KB 82ms
45ms Image
image/png 13.225.77.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.financialcontent.com/studio-6.0/icons/16x16/line-chart.png
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/widget/privatelabel/news/newsread1.css
Protocol: HTTP/1.1
Server: 13.225.77.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9e68264c45370d5c7e7e6976ff7f9f746c83480a7566e81172a9b28eb2742db

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:27:43 GMT
Via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Aug 2016 19:18:52 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
ETag: "6242b51d2929276c294dc67953a00ecd"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 934
X-Amz-Cf-Id: 9oMPc_i4KmkG_2fQ1TWqpukAVe5R2EqK3AhVjgj8171LpzvqGfLfwA==

GET smartads.epl
www.dianomi.com/ Frame E9FF 0
0

GET
H/1.1 200
OK lg.php
ads.financialcontent.com/www/delivery/ 43 B
430 B 113ms
112ms Image
image/gif 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.financialcontent.com/www/delivery/lg.php?bannerid=903&campaignid=316&zoneid=5145&loc=1&referer=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&cb=0933499469
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:43 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07934bc19b7c5e4e6896e598fd33c916e04afc2a7a36216f27174968c300aa87

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK ajs.php Show response
ads.financialcontent.com/www/delivery/ 1 KB
2 KB 215ms
200ms Script
text/javascript 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5135&cb=62819945724&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1400a1a3901f7fb0e1320d4a7371b52c74256b06fb213683fc8c551973057d47

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
content-length: 1330
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 404
Not Found privatelabel.css
business.observernewsonline.com/client/observernewsonline/observernewsonline/ 0
0 107ms
107ms Stylesheet
text/html 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://business.observernewsonline.com/client/observernewsonline/observernewsonline/privatelabel.css
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1 /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/observernewsonline/news/read/42003717
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 Nov 2021 17:27:43 GMT
server: Apache/2.4.48 (Debian) mod_perl/2.0.11 Perl/v5.32.1
content-length: 196
x-cache: MISS from markets.financialcontent.com
content-type: text/html; charset=iso-8859-1

GET
H3 200 container.html Show response
b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F8D 6 KB
3 KB 60ms
27ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 28 Nov 2021 17:27:43 GMT
expires: Mon, 28 Nov 2022 17:27:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 86FD 7 KB
2 KB 248ms
248ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=6411

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4334f7d351ded11e16711e0115aeb1bdd787cd713705d06e65e3580e6c755b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2670/26.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b554f034ac8f91b-MXP
content-encoding: br
cf-h2-pushed: </img/a/pss/2670/26.css>

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8590502-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6760
date: Sun, 28 Nov 2021 15:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 28 Nov 2021 17:35:03 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
33ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1970493820&t=pageview&_s=1&dl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&ul=en-us&de=UTF-8&dt=The%20Observer%20News%20Enterprise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=121392923.832590970.1638120463.1638120463.1638120463.1&_utmz=121392923.1638120463.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1638120463928&_u=YQBCAUABAAAAAC~&jid=854255527&gjid=1021941918&cid=832590970.1638120463&tid=UA-8590502-3&_gid=1173877415.1638120464&_r=1&gtm=2ouba1&z=709120183

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://business.observernewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 72ms
35ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8590502-3&cid=832590970.1638120463&jid=854255527&gjid=1021941918&_gid=1173877415.1638120464&_u=YQBCAUAAAAAAAC~&z=1517408424

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Nov 2021 17:27:44 GMT
content-type: text/plain
access-control-allow-origin: http://business.observernewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 137ms
64ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8590502-3&cid=832590970.1638120463&jid=854255527&_u=YQBCAUAAAAAAAC~&z=2079677242

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
501 B 138ms
62ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8590502-3&cid=832590970.1638120463&jid=854255527&_u=YQBCAUAAAAAAAC~&z=2079677242

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dmedianet.js Show response
contextual.media.net/
Redirect Chain

http://contextual.media.net/dmedianet.js?cid=8CUEYJ2LS
https://contextual.media.net/dmedianet.js?cid=8CUEYJ2LS

284 KB
95 KB

169ms
74ms

Script
text/javascript

104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUEYJ2LS

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

00208f2e3e89211dc2a512eb8ca6cbd5356535a2a4ba56430fa42d15e11f1fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h: 10-8
content-encoding: gzip
server: Apache
etag: "d6bb535179ad9862a7eabec8d9537ecc"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Sun, 28 Nov 2021 17:27:44 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-34
expires: Sun, 28 Nov 2021 17:32:44 GMT

Redirect headers

Location: https://contextual.media.net/dmedianet.js?cid=8CUEYJ2LS
Date: Sun, 28 Nov 2021 17:27:44 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=604800

GET
H/1.1 200
OK lg.php
ads.financialcontent.com/www/delivery/ 43 B
430 B 109ms
109ms Image
image/gif 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.financialcontent.com/www/delivery/lg.php?bannerid=899&campaignid=569&zoneid=5135&loc=1&referer=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&cb=a0a76ed6a1
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ajs.php Show response
ads.financialcontent.com/www/delivery/ 727 B
1 KB 113ms
113ms Script
text/javascript 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5136&cb=35610940&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 0e52bcf967787aedf98151d96be236d1e5931a4e92a763ba04fb24472ab7e321

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
content-length: 727
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 26.css
www.dianomi.com/img/a/pss/2670/ Frame 86FD 4 KB
1 KB 39ms
0ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2670/26.css

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d667c9a1c3734f61f6db1b2b5b8d1a5ead6427602feb01d79542aea6db6604e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 639652
cf-polished: origSize=5308
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Oct 2021 07:48:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css; charset=ISO-8859-1
access-control-allow-origin: *
expires: Wed, 29 Dec 2021 03:27:44 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6b554f04bd69f91b-MXP
cf-bgj: minify

GET
H2 200 viewability8.js Show response
www.dianomi.com/js/ Frame 86FD 7 KB
2 KB 60ms
60ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability8.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2225
cf-polished: origSize=9963
last-modified: Tue, 31 Aug 2021 16:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"26eb-5caddd1f2481d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6b554f04edb2f91b-MXP
expires: Sun, 28 Nov 2021 21:27:44 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 86FD 1 KB
1 KB 60ms
59ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1719484
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 29 Dec 2021 03:27:44 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6b554f04edbaf91b-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 396x276.jpg
www.dianomi.com/img/a/sav2/233462/4/ Frame 86FD 6 KB
7 KB 73ms
73ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/233462/4/396x276.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

454f02168766763038b33868ce255c10910d1c127317fe7f4ce576e43a188826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2339695
cf-polished: qual=85, origFmt=jpeg, origSize=57722
content-disposition: inline; filename="396x276.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 14:44:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 05 Dec 2021 17:27:44 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6b554f04edc6f91b-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 396x276.jpg
www.dianomi.com/img/a/sav2/234740/4/ Frame 86FD 6 KB
6 KB 48ms
47ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/234740/4/396x276.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e8ebad4fd446c682bb3b26413717d4983bc3d6fc4803709ab94c6bbcdb3687b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1714481
cf-polished: qual=85, origFmt=jpeg, origSize=13502
content-disposition: inline; filename="396x276.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Nov 2021 21:10:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 05 Dec 2021 17:27:44 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6b554f04edc9f91b-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 396x276.jpg
www.dianomi.com/img/a/sav2/228427/8/ Frame 86FD 10 KB
10 KB 68ms
67ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/228427/8/396x276.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

451503b5b5dc2af1761b4f8bb2273370487fd112c53eb3c7647b4997a429d2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 342033
cf-polished: qual=85, origFmt=jpeg, origSize=62264
content-disposition: inline; filename="396x276.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 10046
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 18:40:09 GMT
server: cloudflare
etag: "f338-5d1147cfa6aa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 29 Dec 2021 03:27:44 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6b554f04edccf91b-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 396x276.jpg
www.dianomi.com/img/a/sav2/238260/3/ Frame 86FD 15 KB
15 KB 89ms
88ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/238260/3/396x276.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

663c56ff01eee9106a3b69b5644f0fabbf6455751fd95e7144ebdfdf7853de38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 95247
cf-polished: qual=85, origFmt=jpeg, origSize=27147
content-disposition: inline; filename="396x276.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Nov 2021 10:52:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 05 Dec 2021 17:27:44 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6b554f04edd0f91b-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 396x276.jpg
www.dianomi.com/img/a/sav2/236087/2/ Frame 86FD 22 KB
22 KB 76ms
76ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/236087/2/396x276.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb4ca9b453567fa23c0d395193cfac0f1918e6e983ed423a3772ddbbbeccf65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1654987
cf-polished: qual=85, origFmt=jpeg, origSize=37576
content-disposition: inline; filename="396x276.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Nov 2021 12:41:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 05 Dec 2021 17:27:44 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6b554f04edd7f91b-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 lucida-grande.woff
www.dianomi.com/fonts/lucidagrande/ Frame 86FD 291 KB
290 KB 147ms
147ms Font
application/font-woff 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/fonts/lucidagrande/lucida-grande.woff

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2670/26.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3cabd2d938d43ee77efedbc5da68e8d62d7a91bfb9aeb957554f11f516d507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/img/a/pss/2670/26.css
Origin: https://www.dianomi.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3010
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Apr 2017 10:36:33 GMT
server: cloudflare
etag: W/"48b78-54c40bba00e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://www.dianomi.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6b554f054e7df91b-MXP
expires: Sun, 28 Nov 2021 21:27:44 GMT

GET
H/1.1 200
OK lg.php
ads.financialcontent.com/www/delivery/ 43 B
430 B 113ms
112ms Image
image/gif 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.financialcontent.com/www/delivery/lg.php?bannerid=906&campaignid=564&zoneid=5136&loc=1&referer=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&cb=3fad5f2a58
Requested by: Host: ads.financialcontent.com
URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5136&cb=35610940&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 404
Not Found controller.php
q1mediahydraplatform.com/ads/video/ 0
0 290ms
275ms Script
text/html 69.16.231.56
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 69.16.231.56 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb04.parklogic.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ajs.php Show response
ads.financialcontent.com/www/delivery/ 52 B
460 B 109ms
109ms Script
text/javascript 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5137&cb=91554750390&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: b936491c8fc53fc3437c75e6783aa984dc5fa38791d87c4ef8da2a1d2ad93e07

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
content-length: 52
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ajs.php Show response
ads.financialcontent.com/www/delivery/ 52 B
460 B 108ms
108ms Script
text/javascript 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5138&cb=8400523660&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: da3be1cfbe7fd39cff6b81898a5b25bcbc5a65be1d59eb3ef38ac9bd03e0efb7

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
content-length: 52
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lucida-grande.ttf
www.dianomi.com/fonts/lucidagrande/ Frame 86FD 630 KB
289 KB 63ms
63ms Font
application/font-sfnt 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/fonts/lucidagrande/lucida-grande.ttf

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2670/26.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

384f1df0b407e13d2186e4b0ff572e863fed36e5699c41490b0e3106bb60aed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/img/a/pss/2670/26.css
Origin: https://www.dianomi.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3010
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Apr 2017 10:36:33 GMT
server: cloudflare
etag: W/"9d6e4-54c40bba00e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/font-sfnt
access-control-allow-origin: https://www.dianomi.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6b554f06991ff91b-MXP
expires: Sun, 28 Nov 2021 21:27:44 GMT

GET
H/1.1 200
OK ajs.php Show response
ads.financialcontent.com/www/delivery/ 52 B
460 B 109ms
109ms Script
text/javascript 2604:2dc0:100:282f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5139&cb=70191875672&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 2604:2dc0:100:282f:: , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 16ce765154c358ec44640a28d8681d44016f19461ada836137b7b94babdc0da7

Request headers

Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
server: Apache/2.4.38 (Debian)
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: text/javascript; charset=UTF-8
content-length: 52
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fcmain.html Show response
contextual.media.net/1017354394/ Frame 89F7 82 KB
24 KB 434ms
433ms Document
text/html 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.html?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUEYJ2LS&cpcd=ZcoNprj87wgz1eq0DRjPuA%3D%3D&crid=673682968&size=300x600&cc=IT&https=1&vif=1&requrl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&nse=5&vi=1638120464918451856&ugd=4&htmlsrc=1

Requested by

Host: contextual.media.net
URL: http://contextual.media.net/dmedianet.js?cid=8CUEYJ2LS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ff012bf821fb657c383f63bfe52336c3c8b51b062e9a616bc342951120ada4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnt-hl2: 8-8
x-mnt-w: 10-6
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 28 Nov 2021 17:27:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 28 Nov 2021 17:27:44 GMT
content-length: 24689

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 61ms
47ms Image
image/gif 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUEYJ2LS&crid=673682968&vi=1638120464918451856&ugd=4&lf=6&cc=IT&wsip=2886994965&r=1638120464466&requrl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1638120464150178762&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pbcm=1&vgd_pgid=p0765187798t202111281727&vgd_pgids=1&vgd_uspa=0&hvsid=00001638120464459013824230409203&gdpr=1&vgd_end=1

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sun, 28 Nov 2021 17:27:44 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sun, 28 Nov 2021 17:27:44 GMT

GET
H/1.1 404
Not Found controller.php
q1mediahydraplatform.com/ads/video/ 0
0 281ms
266ms Script
text/html 69.16.231.56
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 69.16.231.56 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb04.parklogic.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 404
Not Found controller.php
q1mediahydraplatform.com/ads/video/ 0
0 287ms
271ms Script
text/html 69.16.231.56
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1
Requested by: Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717
Protocol: HTTP/1.1
Server: 69.16.231.56 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb04.parklogic.com
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 nrrV52461.js Show response
contextual.media.net/24a/ Frame 89F7 93 KB
30 KB 58ms
58ms Script
text/javascript 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/24a/nrrV52461.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/1017354394/fcmain.html?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUEYJ2LS&cpcd=ZcoNprj87wgz1eq0DRjPuA%3D%3D&crid=673682968&size=300x600&cc=IT&https=1&vif=1&requrl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&nse=5&vi=1638120464918451856&ugd=4&htmlsrc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9570f7b5803cf60e423c1800b2db2682381a985a2617e3f04d68bb5a4d655037

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://contextual.media.net/1017354394/fcmain.html?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUEYJ2LS&cpcd=ZcoNprj87wgz1eq0DRjPuA%3D%3D&crid=673682968&size=300x600&cc=IT&https=1&vif=1&requrl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&nse=5&vi=1638120464918451856&ugd=4&htmlsrc=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "f3dcc1592ff35c4ac7631edb38265c3f"
vary: Accept-Encoding
x-mnet-h: 8-21
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Sun, 28 Nov 2021 17:27:44 GMT
content-length: 30833
expires: Sun, 12 Dec 2021 17:27:44 GMT

GET
H/1.1 200
OK 1x1.gif
res-a.akamaihd.net/__media__/pics/800028474/ Frame 89F7 42 B
350 B 149ms
39ms Image
image/gif 95.100.146.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res-a.akamaihd.net/__media__/pics/800028474/1x1.gif
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/1017354394/fcmain.html?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUEYJ2LS&cpcd=ZcoNprj87wgz1eq0DRjPuA%3D%3D&crid=673682968&size=300x600&cc=IT&https=1&vif=1&requrl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&nse=5&vi=1638120464918451856&ugd=4&htmlsrc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.100.146.64 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-64.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:27:45 GMT
Last-Modified: Mon, 04 Jun 2018 10:04:19 GMT
Server: nginx
ETag: "5b150ea3-2a"
Content-Type: image/gif
Cache-Control: public, max-age=935078
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 09 Dec 2021 13:12:23 GMT

GET
DATA 200
OK truncated
/ Frame 89F7 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 89F7 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bullet354.woff
res-a.akamaihd.net/__media__/fonts/bullet354/ Frame 89F7 1 KB
1 KB 148ms
39ms Font
application/font-woff 95.100.146.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/bullet354/bullet354.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/1017354394/fcmain.html?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUEYJ2LS&cpcd=ZcoNprj87wgz1eq0DRjPuA%3D%3D&crid=673682968&size=300x600&cc=IT&https=1&vif=1&requrl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&nse=5&vi=1638120464918451856&ugd=4&htmlsrc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.100.146.64 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-64.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f19150d721a806b0ce8aa72efaca47e788346ba37a3a778824578b6deaa1a781

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:27:45 GMT
Last-Modified: Thu, 11 Apr 2019 10:32:14 GMT
Server: nginx
ETag: "5caf17ae-424"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1060

GET
H/1.1 200
OK robotocondensed-regular-webfont.woff
res-a.akamaihd.net/__media__/fonts/robotocondensed-regular-webfont/ Frame 89F7 25 KB
25 KB 120ms
43ms Font
application/font-woff 95.100.146.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/robotocondensed-regular-webfont/robotocondensed-regular-webfont.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/1017354394/fcmain.html?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUEYJ2LS&cpcd=ZcoNprj87wgz1eq0DRjPuA%3D%3D&crid=673682968&size=300x600&cc=IT&https=1&vif=1&requrl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&nse=5&vi=1638120464918451856&ugd=4&htmlsrc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.100.146.64 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-64.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fd6d849c8189af4c5cd5b4f84384e5a0d221a4932b36dffe2c143d82a720477b

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:27:45 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-62bc"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25276

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 71ms
36ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=business.observernewsonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 91ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=business.observernewsonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 79ms
79ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=467262228497960&correlator=1191304219516460&output=ldjh&impl=fif&eid=31063813&vrg=2021111601&ptt=17&sc=0&sfv=1-0-38&ecs=20211128&iu_parts=23317403%2CNewtonBottomBanner&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D78a3d7d77f67323f-220a226909cc0051%3AT%3D1638120463%3AS%3DALNI_MZYklM0WY9kjVDzOxrtSOkeq7b1zA&bc=23&abxe=1&lmt=1638120461&dt=1638120465113&dlt=1638120462053&idt=1411&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=2858&adks=4046145701&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&vis=1&scr_x=0&scr_y=0&psz=1584x90&msz=728x-1&psts=AGkb-H91vcEQwctndKO2QDInbdMelXopeTpSMNOtLPIHiiormJGh3-tMOmdWWsA-PBkGper7NW7D_Q0UyZq6X47DZ0GILw%2CAGkb-H9mC6ho2Tbl8LpEoifezkHP5vMdp6bl78xF7YIwkbCOQvAfDc6zhDo_TGS6zzED7GDM2VWXqrulwk0&ga_vid=832590970.1638120463&ga_sid=1638120463&ga_hid=1970493820&ga_fc=true&fws=0&ohw=0&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

52bad99391e6c0704e7e64fbc4ca7f33b56ac01d95f06421255201390e89f0ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8312
x-xss-protection: 0
google-lineitem-id: 676941643
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138224835969
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://business.observernewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 326 B
398 B 122ms
122ms XHR
application/json 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=262&h=business.observernewsonline.com&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

823a7bf7baadebc7732a83757a03d20855c0b267083c768d390f7f32df8b54cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: http://business.observernewsonline.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 6b554f0b088ef91b-MXP
vary: X-FORWARDED-PROTO
x-xss-protection: 1; mode=block

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 89F7 15 B
216 B 50ms
49ms Script
text/javascript 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001638120464459013824230409203&geo=45.47|9.20&dlper=25&lper=100&fp=MgyT22L1r75_Wd7HI_TNkvAy-bDIvz6QpSFPFIW66JFB93K5TXoCTNCiC_UpZXRpR7VdsviLlBdN-9QeRA82Sq3LdoM9Cu7QgVUYil-HvuCOm5ek5srxCkLS1DH2niQ27-D0LFP5UYIulqAFymJZEg%3D%3D&lpid=&tsid=18&q=&prv=&type=&ps=&cme=kMiBrX4urhGjFEB6Q33_edN3Hoz9eHG0_DWjLgHTGVh2A2kgnSr9HlJTiQYjQjVMb7xcStVjdyhr4dH_1NI82A8MlcmQOxjtD17Q0slxHveiLzuRhjJJUNUTYoJXULJ_85f0FsELCuU9dwnzUiXnZav38l23sSAdBdzwY86SS5Z59ckb5OGzBTtnEZS-KFnJ2Z5S6tZ0R0-5WTFYT3CDnw%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CFcl4VLL-IaLs3lby4p1OIECdVqic6KoC7loTkrQ4RWyGjfxgxwzAC33a8gMeTOic5olg_nXLnEiO9_DS39SM6Q%3D%3D%7CN7fu2vKt8_s%3D%7CKfhvRtM59zJF3oh27FfyJIEqzjHIt-10cEr8tm7jybx02vHCutzMuwMjUgPXRphd-x822ZTKiMxlUVMvpS-LjF23Ur_mLmhlMJCr7x1U3KudWpdnbOme5oIlGwRrCmm6PKfTv8SkQdqrbYf5JYnJLtcpVoq-iR1rvwO2IgzLAEqxqRGojW5CSpBMm2VUyxYRj91JBTyFtnI%3D%7C&hint=&td=&cc=IT&wsip=2887305232&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=0&vgde_kbbh=u9oNu9&vgde_setid=Nu9&&rc=0&ksu=257&fdkt=391&kwd[]=3%25%20Interest%20Savings%20Account&kwt[]=391&kbc[]=1203037022&kwp[]=1&kid[]=329494980&kbc2[]=rpc%3D0.08%7C%7Clvl%3D1.00&ktd[]=274894880768&kwd[]=Business%20Templates%20for%20Excel&kwt[]=391&kbc[]=1203037022&kwp[]=2&kid[]=329915575&kbc2[]=rpc%3D0.12%7C%7Clvl%3D1.00&ktd[]=274894880768&kwd[]=Renewable%20Energy%20Investments&kwt[]=391&kbc[]=1203037022&kwp[]=3&kid[]=24212517&kbc2[]=rpc%3D0.58%7C%7Clvl%3D1.00&ktd[]=274911657984&kwd[]=Best%20Stocks%20to%20Buy%20Today&kwt[]=391&kbc[]=1203037022&kwp[]=4&kid[]=49013606&kbc2[]=rpc%3D0.49%7C%7Clvl%3D3.74&ktd[]=274911657984&kwd[]=Top%20Stocks%20to%20Invest%20In&kwt[]=391&kbc[]=1203037022&kwp[]=5&kid[]=28656653&kbc2[]=rpc%3D0.28%7C%7Clvl%3D2.09&ktd[]=274911657984&kwd[]=Top%20Stocks%20to%20Invest&kwt[]=391&kbc[]=1203037022&kwp[]=6&kid[]=172154115&kbc2[]=rpc%3D0.13%7C%7Clvl%3D1.98&ktd[]=274911657984&kwd[]=Best%20Car%20Insurance%20Companies&kwt[]=391&kbc[]=1203037022&kwp[]=7&kid[]=48806540&kbc2[]=rpc%3D0.29%7C%7Clvl%3D1.00&ktd[]=274911657984&rand=1638120464994&cid=8CUEYJ2LS&vwid=1638120464918451856&vi=1638120464918451856&l3ch=0&slnkp=no&tdAdd[]=rtbsd%3D16&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1638120464150178762&vgd_l1rhst=contextual.media.net&vgd_lhl=716&vgd_ifrmode=03&sttm=1638120464458&upk=1638120464.26127&hvsid=00001638120464459013824230409203&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1638118728C8S34U145&vgd_isiolc=1&rtbsd=16&vgd_pgid=p0765187798t202111281727&matm=1638120465004&vgd_ltime=696&vgd_ltimesrc=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_ro_spt=1&vgd_bkwds=&vgd_l1ch=1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_nrrsf=nrr&vgd_nrrv=52461&vgd_nrrs=52461&vgd_nrrmf=24a&vgd_cntrdt=AS%7CDIV-673682968%7CSPAN&vgd_cty=MILANO&vgd_l1hcsd=N8%7C7874&vgd_sethcsd=A8%7C7936&vgd_cfud=210408&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=209_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_pbcm=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=1&oRurl=http%3A%2F%2Fcdng%2Ffcmain.js%3F%26esi%3D1%26%26fvips%3D0%26vpf%3D000%26chost%3Dcontextual.media.net%26cb%3Dwindow._mNDetails.initAd%26%26gdpr%3D1%26cid%3D8CUEYJ2LS%26cpcd%3DZcoNprj87wgz1eq0DRjPuA%253D%253D%26crid%3D673682968%26size%3D300x600%26cc%3DIT%26https%3D1%26vif%3D1%26requrl%3Dhttp%253A%252F%252Fbusiness.observernewsonline.com%252Fobservernewsonline%252Fnews%252Fread%252F42003717%26nse%3D5%26vi%3D1638120464918451856%26ugd%3D4%26htmlsrc%3D1%26blacpfl%3D1%26baeFlag%3D1%26blapd%3D0%26isOffice%3D0&tdAdd[]=uiparams%3D%3Brend_w%3A209%3Brend_h%3A600%3Bkwd_scnt%3A7&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/24a/nrrV52461.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sun, 28 Nov 2021 17:27:45 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sun, 28 Nov 2021 17:27:45 GMT

POST
H2 200 log
navvy.media.net/ Frame 89F7 35 B
207 B 225ms
180ms Ping
image/gif 34.102.149.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/24a/nrrV52461.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.149.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.149.102.34.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://contextual.media.net/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:45 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 35
expires: Sun, 28 Nov 2021 17:27:45 GMT

GET
H2 200 pl Show response
analytics.inform.com/ 43 B
197 B 165ms
111ms XHR
image/gif 34.95.81.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.inform.com/pl?uut=b89cdd7d-4da9-44c4-be73-901e79c395fb&insid=4b4b9e11-d5ec-4c7a-8e16-bce5a1b5063e&atei=0&atets=0&vw=1600&vh=1200&sw=1600&sh=1200&furl=http%253A%252F%252Fbusiness.observernewsonline.com%252Fobservernewsonline%252Fnews%252Fread%252F42003717&ua=chrome+89&embedCount=0&eo=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&iframe=0&fe=0&fv=0&env=production&bn=2&ref=&_=1638120465127
Requested by: Host: launch.inform.com
URL: http://launch.inform.com/2/js/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.81.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.81.95.34.bc.googleusercontent.com
Software: nginx/1.17.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept: */*
Referer: http://business.observernewsonline.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.0
content-type: image/gif
access-control-allow-origin: http://business.observernewsonline.com
alt-svc: clear
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A873 0
0 70ms
70ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3-7lMzE81S0St6j0ZObv_p5wWcnq3_CEI3Ut8zJnHjY1Ol-iMMSAdl-JMmyFFtUfOynMlkv8ATi36YUDcrOQGpYmPuvpSyFqMrwJO1lgouogRSLSEI9-S8oEh-JJZtL0i2-KJ_iW56Q435IdrehK4WrNjzIzOTZyLLP96N-Jhe6FGpvEiw3rp43MrwTqRyxZXRow1lbZOJrtXX5cP0h6FEw7fBUjr42kPGrXtjzn42mK286SjuG-LCzMuImC-nZfMN1TP4x_Z-z2IsEt2p4wYlg9a4DZ0hOXx8k6iFDmWtOVFrHl2u1qB5yHADDfxwu4ssw9mGRzNQOLs3nn0Mg&sig=Cg0ArKJSzFI2pvC74eoTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A873 143 KB
51 KB 76ms
59ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29d980cf3c90dc51d1b4fbc2444b58257a8b2d73b1dff1bedfe54df83ec28013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 28 Nov 2021 17:27:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 11587662658375002555
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 51181
X-XSS-Protection: 0
Expires: Sun, 28 Nov 2021 17:27:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A873 119 KB
37 KB 302ms
302ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 17:27:45 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ 1 KB
1 KB 69ms
68ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1719485
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 29 Dec 2021 03:27:45 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6b554f0bd9cbf91b-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ 169 B
289 B 38ms
37ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2245
cf-polished: origSize=199
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"c7-57ff735ded940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6b554f0bd9ccf91b-MXP
expires: Sun, 28 Nov 2021 21:27:45 GMT

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame C0BA 6 KB
2 KB 244ms
243ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=6427&num_ads=5&cf=417.262.FinCon&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&unitId=dianomi-6427-YaO8ERpzOXAk8cFUOxfPVwAAAB40

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a148f641d41bfd3208897f13dc9b2bbfd58e16c826a89b80f682a0c36bc8859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/3287/9.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b554f0bd9d4f91b-MXP
content-encoding: br
cf-h2-pushed: </img/a/pss/3287/9.css>

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
261 B 178ms
177ms Image
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=417.262.FinCon&geo_ccod=it

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6b554f0bd9d1f91b-MXP
expires: Sat, 27 Nov 2021 17:27:45 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ Frame A873 270 KB
98 KB 186ms
104ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1168130439607626&plah=business.observernewsonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2aab8c6ab9d49416c3201919c515cb0e9cea83f8ba8d5b9cce7de4a6ab6832fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99572
x-xss-protection: 0
server: cafe
etag: 9278821240027767591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:27:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 3AAD 11 KB
5 KB 108ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Nov 2021 09:43:00 GMT
expires: Sun, 12 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 27885
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 9.css
www.dianomi.com/img/a/pss/3287/ Frame C0BA 2 KB
765 B 26ms
0ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3287/9.css

Requested by

Host: business.observernewsonline.com
URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35d78671063f35a367b718dbc72a80c21940d99e9754f6b42026132e6133ecf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6427&num_ads=5&cf=417.262.FinCon&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&unitId=dianomi-6427-YaO8ERpzOXAk8cFUOxfPVwAAAB40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 293901
cf-polished: origSize=3220
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Aug 2021 15:22:33 GMT
server: cloudflare
etag: W/"c94-5c95e4dd8b56d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Wed, 29 Dec 2021 03:27:45 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6b554f0d4c3bf91b-MXP
cf-bgj: minify

GET
H2 200 viewability8.js Show response
www.dianomi.com/js/ Frame C0BA 7 KB
2 KB 47ms
46ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability8.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6427&num_ads=5&cf=417.262.FinCon&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&unitId=dianomi-6427-YaO8ERpzOXAk8cFUOxfPVwAAAB40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6427&num_ads=5&cf=417.262.FinCon&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&unitId=dianomi-6427-YaO8ERpzOXAk8cFUOxfPVwAAAB40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2226
cf-polished: origSize=9963
last-modified: Tue, 31 Aug 2021 16:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"26eb-5caddd1f2481d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6b554f0d7c7df91b-MXP
expires: Sun, 28 Nov 2021 21:27:45 GMT

GET
H2 200 X3NbZ64Hbn3elYEYUAifkAAAAAs.png
www.dianomi.com/img/uploads/ Frame C0BA 3 KB
3 KB 52ms
52ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/X3NbZ64Hbn3elYEYUAifkAAAAAs.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883fed4080473e0aabc59976a3bdd7de8d53f757d841d3e42cae547800316b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6427&num_ads=5&cf=417.262.FinCon&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&unitId=dianomi-6427-YaO8ERpzOXAk8cFUOxfPVwAAAB40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 293901
cf-polished: origFmt=png, origSize=6524
content-disposition: inline; filename="X3NbZ64Hbn3elYEYUAifkAAAAAs.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2592
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Sep 2020 16:05:59 GMT
server: cloudflare
etag: "197c-5b075f57067c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 29 Dec 2021 03:27:45 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6b554f0d9cb2f91b-MXP
cf-bgj: imgq:85,h2pri

GET
DATA 200
OK truncated
/ Frame A873 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63aa6e980032027aabae9a31c274f45c7d0e03e1eb6768d9e5b8ac8f7a1705ab

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5F72 0
0 116ms
71ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTWamqKuTsGtsm8uDXcFYx-W5ObM6XgLf4W5LFovSS_c3OiRam9SNiwX39NCcPYSIpkqNBsedoTTzyVxGmbXVvWVEocJHjDLtuXL1aG5dnpQl_tOCQqEkUorBrthZI-TSShmwv-drU2jHGhE8kebLj5iKGsaSO4U_qqlTQ3Ku0qXjGm9n9vZyqEFhHCXZIb5DGAylGrF5yRRxQfYW4wG1YGFYcszo2I2phwndsGREjkP4ZgDvt8alSwuMv-EF7AVwdcFzgXpm5vaXpNS9nz2hRCiZRxfqKJlzfwWyg85pkoKbonr2FtDANIMyVigJLt2DDEUcSbzoaeoy9-g&sai=AMfl-YQGbBo7EyS92MXnmQQPCwJaFBzTcTMb8IulAb_a-Dv2Ge82kHdtaaby_6YffY9w4XGQvTzW1QxFN-9D8ih1i-KGFfmtEV-exb6er0dG6T_00tBb0T8n1hei9r2ZGCA&sig=Cg0ArKJSzB4XdpONjSduEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 17:27:45 GMT

GET
DATA 200
OK truncated
/ Frame 5F72 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c70d65d2d2669da2220f62b532740e0d560d32d16fc8b56c9cf76d11e42ec2d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame A873 212 B
417 B 35ms
34ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=business.observernewsonline.com&callback=_gfp_s_&client=ca-pub-1168130439607626&cookie=ID%3D78a3d7d77f67323f%3AT%3D1638120463%3AS%3DALNI_MbTroRt_dnAz1KURsTt9Apx63Sgmg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1168130439607626&plah=business.observernewsonline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

26bdc7d292d70489e650894aed83d39794045c4e1bfe205523926286fb9b98ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ Frame A873 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=business.observernewsonline.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A873 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=business.observernewsonline.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C5F 436 B
232 B 274ms
228ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1168130439607626&output=html&h=280&slotname=4385408621&adk=2122718539&adf=3173046729&pi=t.ma~as.4385408621&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638120465322&bpp=4&bdt=124&idt=277&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&cookie=ID%3D78a3d7d77f67323f%3AT%3D1638120463%3AS%3DALNI_MbTroRt_dnAz1KURsTt9Apx63Sgmg&correlator=2792594686907&frm=23&ife=4&pv=2&ga_vid=832590970.1638120463&ga_sid=1638120463&ga_hid=1218060907&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=2858&biw=1600&bih=1200&isw=728&ish=90&ifk=2362164875&scr_x=0&scr_y=0&eid=44754331%2C31063735%2C31063793&oid=2&pvsid=1267060735643598&pem=444&tmod=1079347178&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.icvpl2qsz4cr&btvi=1&fsb=1&dtd=289

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fff5482038126e400ce2e797d3b3f96a3f39a8ab98a024e5059f492871618af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Nov 2021 17:27:45 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46AB 0
0 79ms
78ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssekuLfSrDEmUesqRnhvusoVNOPUWMcgOsUdiig9UKRSz09LmkhAcpDWmxtEA6Gn43raQxp9QnYMqUN95J6ptw3w7UHOCmbVmyrbrD4Y0jfGIB09u0U9iencA3-iIL8JOM1Fsksd7CEERAFdfQCOfe14FEE8vODDZBOMrF6Ta-LpjPS61X242XW3Uv-wo3GMxXAdxUYz-BpEsqIm6-PqnYfQfMmp6r46OwL_E1jHATp_jLemJ8dEjnLG1UNfVRbtZknp5BxlcElZUVu4vUFYwzxDasoSghzdgmy5-ltWkLgrNO2fnUvXDOVJDdmARaYnTTa-mTNKuxtLlPs5PLcM5xNHg&sai=AMfl-YS78KfVE8fOnzbn190BAH4R1rCLG74_dccfN_vnVhbERl6oV7fDEZUOAJGlA9EHhs-MG0f3W-z77Lnr7ZcSwx91863j97AjLFPrJzB-h44_P_19D3M4z_cDsD1Yk_s&sig=Cg0ArKJSzLrzqEFzdezoEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 17:27:45 GMT

GET
DATA 200
OK truncated
/ Frame 46AB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58b481c527c8b36ceac5d81bba341b6b2f6b30ba96d6cad0f025c3e61e7504c9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A873 0
0 72ms
71ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9PR-J9IffZmSXGFSJUbYdI_rjP3nSP_HsKkpO7OMZQtd0RL6z07UoacQM6NyS5HUSUoHtjhgRsYJCqlyWBYL7Xi4GQXzIMdy6mNSPZdycoPtlUlm8HO5vUTrc_Yifvt1PCRYXi8UoYZUdtFivewnM5lgoOH2rMrheRFdf8xB8sqTDv_XM76ohyOqpT0601g0iB0aLRC3mfp_elY0JwTwrg5RvrwSNpu5NxuUfz9suZjWcqTKdeeIbJvAXz3oFZUiejJkCXQlAamWtjjFEoNNe_3_f8D2xmkMKhJ_7QJ21vOUXpew_ogJKJiOWGAuFEfPUR33EF9xMUfiFW1NNmc10&sig=Cg0ArKJSzJTa1c1zDnOhEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 17:27:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A873 12 KB
9 KB 103ms
57ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d5d50c557971349f663b324210978a3a230bda7a51afe041e14756383fd7d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9134
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 98ms
53ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1edea90091b4bf0c81b5460740fd169241ca382c585a2e2e3fa5120b1996dff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 17:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9199
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A873 17 KB
6 KB 80ms
44ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 28 Nov 2021 17:27:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 17:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 28 Nov 2021 17:27:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C92E 12 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 28 Nov 2021 15:20:15 GMT
expires: Mon, 28 Nov 2022 15:20:15 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 63BB 783 B
536 B 93ms
46ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ea9893dfc9f4666a449dfd894af30cebec5d1b7f226661e40ce01c13e254405

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QXkA9AtogfHZdu15Ez0LDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 28 Nov 2021 17:27:46 GMT
date: Sun, 28 Nov 2021 17:27:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QXkA9AtogfHZdu15Ez0LDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3134 12 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 28 Nov 2021 15:20:15 GMT
expires: Mon, 28 Nov 2022 15:20:15 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A56A 783 B
535 B 89ms
45ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f342555a8dd8436ebd0d36ceb2bb04315a4c304700e91d4dc8ac80a4ebf6a74c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JFgf03Rv3+aZpgNdf52HMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 28 Nov 2021 17:27:46 GMT
date: Sun, 28 Nov 2021 17:27:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-JFgf03Rv3+aZpgNdf52HMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame C92E 35 KB
13 KB 82ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 16:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 16:21:33 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3134 35 KB
13 KB 84ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 16:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 16:21:33 GMT

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 47ms
47ms Image
text/javascript 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&vgd_pbcm=1&gdpr=1&prid=8PRHGG6T9&cid=8CUEYJ2LS&crid=673682968&requrl=http%3A%2F%2Fbusiness.observernewsonline.com%2Fobservernewsonline%2Fnews%2Fread%2F42003717&vi=1638120464918451856&ugd=4&cc=IT&startTime=1638120464451&l2type=setting&vgd_l1rakh=1638120464150178762&l1ch=1&sttm=1638120464458&upk=1638120464.26127&hvsid=00001638120464459013824230409203&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&vgd_hbReqId=T1638118728C8S34U145&l1hcsd=l1!N8|7874&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&cl=%7B%7D&rtbsd=16&vgd_pgid=p0765187798t202111281727&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sun, 28 Nov 2021 17:27:46 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sun, 28 Nov 2021 17:27:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A56A 0
0 77ms
76ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=1267060735643598&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 63BB 0
0 100ms
100ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=467262228497960&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A873 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=1267060735643598&bg=!ubqluv7NAAZQLpa_UC47ACkAdvg8WlQWhTPbiAHYz0M31hrklJsCibcyRzwPUoGinTTT_xKVDSljnQIAAABuUgAAAAhoAQcKABm9Q_0DtOEA4IwE9g-DBNz7lRPvZ9GgSEJrmQKm6oFvoKNE7Tc-pypBATSXJEKio2ccQP82OHk8Kib8Z6nOnhc3iM9F3UFpYvVfpQUqCFni0pLVoLlFeKa3m-LwhCpkvCZ7UfB7bQExzlhzuYsIqolRleyX_JYWNXSY13ICIi0abkDhnxfQMAqw6RzYxj5ZJ_ByDfz-Y957YKdhl0caQD4zoJM0obdmYckpZhDjOiJbMBib9U7xwQBeW93u8NDGN4GsHib_yvZpgpRSmeKWtMpPl6iVfHZzT07wyNAvjcbSeq4Ou0M4WDE7-cpIK0PbHaAPhRcE9Dw5kOowCgVMF3XQAfUtNNvHlgu0uWQzb8xH3rOBe4Un_ka-reWYtpcFyakTHynlrU_elHaLZZfc_jiNEWPfzhtZaWvYwzkpyoKfTfGGATxE7b9C4BB0RV40zre6uLscUgPdgInwxb2_cBgLhJ0ofWXvse-lRKTm0_tRl3b-e87vkJXHusLBzf9F1Q87SuKu4NbepNkrg4s-FP4QkwlDkgEMEXUnuijJNfX3csa3-ZOmRyK_VrQ4HnZc-kwgbGPWmsaiAmM7YJmk3TSdEzB5v6f9YVUouxZBf5Y9LAvbzBYsl9WmksXrdzE0xna6Q-Ezc8NFsiQRUMkI6kEwUNHpUilFJH9C8CJKdepYHNc7YA584wM4yjWWM0ILMOpYiEbEhgECS68K3FT939JHNncsvJcrt5miQjG-wZInxZkvn6TKSnduv_9onLmrdBaDUyyhiparewrjldtZNbJLq0KwZXJ4lhFymXYNBTuYXcsXCtwTA8i7nKLF_jeUd4NNanN6OUD_mVD5G5nAXlp0U-w_Sza33cWORU_2RAvZvhFI6pmWa30A69gtrUTES-AMeIknvyRmgW4PDPM8kC5YLzVaPNPNnyLhgBPt4_lP7NmI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=467262228497960&bg=!cHOlczfNAAZQLpa_UC47ACkAdvg8Wm7XUqRgYsehrMashjsFwWvZ4d_aaELtSGpLHGc9awX9q4FexwIAAABtUgAAAAloAQcKAKmzMIGDxFSk8CdApRVg_uP1ORtFWVq-0ZY7HNgo3dp8KbbI99EbNJo_vE2ySiCthDrKKMHkJU2hCLOH-7Eql1BWi0RKAaW7QCkdxCr9AGzpdQx76m5Of8P3Fmll92IfPe3X2p7CIhD0coHCoJ03a6_T6tZJrGRvQ3d0NUIDWUKHsMi8BgynHGkpBUZsJewZPBaYVoxOQB-0kcLwLlmSD2YVtn47mvO-8LXXmQKWYcsbvNQYl3XCX2lYU7o_zYVkl2bWa0dGBUjOadcXw3npkd0_RBLeXTlH5G8bkKyRRFlrlyufD7UnKXZLNv2CDB7O1XgTA8pTk7PQPsZ7xPMUbEwoqvT-og7ML09BU0QcEd2tF_h_exZrWQeRJzhIsEcK0qsD1k65cw6zNQ4XEWTTch29htvefsH_q-hQxhW5GxWiekqdHFMz-aRL_t43hMp0eYQGhh1VFVttXZYT0NkVsNuPfEWHVp2cYF3nTPs6k7FobpBENjVjx1MNM-eR9XNXGfG_hiORarm8z3e4ZFvXca2nL1V7FGIsqU4Lut5bc9bK4boEUkgc5AP4Y6ZCEVs_WzzItntXbX6cgct2K-SBDO-fIVW-9MjLGKtxM_HujvHv5gjm0FnAwMZjsSwOlCGeB9zlMy7iDpFKhuo1LsT1LNl55k9R-3tydy3NWxUuqJiXj5Js1Hi3ZhVcQR67L3cFDy-Chz3AbgnBLCK_u01NSR-zfuP-I3ZhmKoVFX_Bw6-8Uwzickglf2TOxc52cs2tLhPTMjz7peg9eqNmqN9MC5LsV4C2v3QSP6viL-8DMlz0bWeF-Qg2OUU5O5QTr33xKoiQe67XzMIV0BDBUJoh62scVnfeMQhoEXmz_JNrGH8cleqKNmF7P-ePeFgCRr1kNFiiUiStRi88oAqY7sAmp_QzG9IEwxFoL01jImj1oh8ICf-8RpBi2QIIePumsxrhEZ6AKHgYFEwdr18i48nok0KVLJN98XHC4UpZ9rK5JyMkRq7qe-vqKdwqW8RRDeHGzBsi7TBp-IBtXtGWc_zHYgKHQlqmTdoHV3U2KB0FJJ1Q_MH2hcGBAUEshi8xBqcvICvvzjbg0zx5a4vgwA7dpaCQa1g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F72 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv44dfY5oJ_CowCwuEto54ib1G7ydp1NMfpfrbsbnM57Ri0A8MQiJQr_EaEsJevolZP5GtIjPoGRRYCVsFiWcN7D9JBF27WpN09wKjKBab_P3QDcgAY&sig=Cg0ArKJSzPOgIRUnNCm5EAE&id=lidar2&mcvt=1000&p=324,8,414,168&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2936773750&rs=4&la=0&cr=0&vs=4&r=v&rst=1638120463643&rpt=1941&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 46AB 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNJPQQ0IqDB5VuLSW7yZbsyhaVntn-fH6QcvAbOVl_rbWwOBTb5U_doi_M1shGq-dnuTAUZAX1qODuQkDDjyBZBKn62XkpNn0-u3diF-nd0C8UkKJz&sig=Cg0ArKJSzNNutoRwY1UcEAE&id=lidar2&mcvt=1001&p=742,8,832,736&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1279596725&rs=4&la=0&cr=0&vs=4&r=v&rst=1638120463656&rpt=1978&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://business.observernewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 17:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6411

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.observernewsonline.com/	1970-01-23 11:51:10	Name: TNNoMobile Value: 1
observernewsonline.com/	1970-01-23 11:51:10	Name: TNNoMobile Value: 1
.business.observernewsonline.com/	1970-01-20 16:33:12	Name: __utma Value: 121392923.832590970.1638120463.1638120463.1638120463.1
.business.observernewsonline.com/	1969-12-31 23:59:59	Name: __utmc Value: 121392923
.business.observernewsonline.com/	1970-01-20 03:24:48	Name: __utmz Value: 121392923.1638120463.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.business.observernewsonline.com/	1970-01-19 23:02:01	Name: __utmt Value: 1
.business.observernewsonline.com/	1970-01-19 23:02:02	Name: __utmb Value: 121392923.1.10.1638120463
.doubleclick.net/	1970-01-20 08:23:36	Name: IDE Value: AHWqTUkkMK7WQ95foMI9BRNq4Z59sSHyxm9C-MEd0RSqqUVBfTBNg5WB55Yr_xxLew8
.observernewsonline.com/	1970-01-20 16:33:12	Name: _ga Value: GA1.2.832590970.1638120463
.observernewsonline.com/	1970-01-19 23:03:26	Name: _gid Value: GA1.2.1173877415.1638120464
.observernewsonline.com/	1970-01-19 23:02:00	Name: _gat_gtag_UA_8590502_3 Value: 1
business.observernewsonline.com/	1970-01-19 23:02:02	Name: session_depth Value: business.observernewsonline.com%3D1%7C673682968%3D1
.observernewsonline.com/	1970-01-20 08:23:36	Name: __gads Value: ID=78a3d7d77f67323f-225b589906cc0062:T=1638120463:RT=1638120465:S=ALNI_MZdB_UGExecua7shO40QLsU5TWo3Q

46 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717(Line 16) Message: The value "100%" for key "width" was truncated to its numeric prefix.
network	error	URL: http://www.observernewsonline.com/sites/default/files/css/css_k7hYVLcPtUz9tqlfPQiV4_6WCoEKltTBziCEgqcwWeA.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/css/css_6DcwtKEPUvJCe61jslFuKskuZjfuI8BZa0w9_BWCmp4.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/css/css_LLdIjgXUNZKJi5igff3lFbd7WAKl56HtA7Pju9irTrs.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/css/css_sl2JJGS3j6UHe9lIy6YH0JRAmozGzHA5SQPWIEYcsEs.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_0gj6QcpfRH2jzTbCQqf7kEkm4MXY0UA_sRhwPc8jC1o.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://observernewsonline.com/wrap.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_Xdp_56Kwrjh9XNxqhxmaYOwIKVvPB-7wqAz_R60LA6w.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_TnDLtOBs58sriMGzIMB-iDlDt__-c5GOBLJ-Bp6LPI0.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_lgAAOlplEun7p_8Pb-8dM079wtvnfwLZ0hAK0mH7Dto.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_gA-c69_zfSadEfrEkAcSAEMsvlpuOxJEpXgzxAPLOYY.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_mB7ts7yN3otwD15UQdTqJoQbROg0BSkCq-Lhh6VMurM.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_2W44zDTZr9WBvctzHmoeMuUhSWf6UlIF_AmYdLyzkco.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_v8gW9kXjSxxjuxWVMJ4UoGeLZl0qmZAHLUhnXIsWsuc.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_mB7ts7yN3otwD15UQdTqJoQbROg0BSkCq-Lhh6VMurM.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.observernewsonline.com/sites/default/files/js/js_v8gW9kXjSxxjuxWVMJ4UoGeLZl0qmZAHLUhnXIsWsuc.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://business.observernewsonline.com/client/observernewsonline/observernewsonline/privatelabel.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717(Line 308) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5141&cb=35584083921&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.observernewsonline.com/sites/default/files/O-N-E%20LOGO.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5141&cb=35584083921&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.dianomi.com/js/contextfeed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5141&cb=35584083921&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.dianomi.com/js/contextfeed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.observernewsonline.com/sites/default/files/css/css_2THG1eGiBIizsWFeexsNe1iDifJ00QRS9uSd03rY9co.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://weathersticker.wunderground.com/weathersticker/cgi-bin/banner/ban/wxBanner?bannertype=wu_simpleblack&airportcode=KHKY&ForcedCity=Newton&ForcedState=NC&zip=28658&language=EN Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
javascript	warning	URL: http://js.financialcontent.com/FCON/FCON.js(Line 136) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://js.financialcontent.com/Hover/Hover.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://js.financialcontent.com/FCON/FCON.js(Line 136) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://js.financialcontent.com/Hover/Hover.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://js.financialcontent.com/FCON/FCON.js(Line 136) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://js.financialcontent.com/QuoteAPI/QuoteAPI.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://js.financialcontent.com/FCON/FCON.js(Line 136) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://js.financialcontent.com/TickerBox2020/TickerBox2020.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717(Line 404) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5145&cb=82839107757&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717(Line 468) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5135&cb=62819945724&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://business.observernewsonline.com/client/observernewsonline/observernewsonline/privatelabel.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717(Line 487) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5136&cb=35610940&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5136&cb=35610940&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.dianomi.com/js/contextfeed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5136&cb=35610940&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.dianomi.com/js/contextfeed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717(Line 509) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5137&cb=91554750390&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717(Line 528) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5138&cb=8400523660&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.dianomi.com/smartads.epl?id=6411 Message: Failed to decode downloaded font: https://www.dianomi.com/fonts/lucidagrande/lucida-grande.woff
other	warning	URL: https://www.dianomi.com/smartads.epl?id=6411 Message: OTS parsing error: cmap: Failed to parse table
javascript	warning	URL: http://business.observernewsonline.com/observernewsonline/news/read/42003717(Line 550) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ads.financialcontent.com/www/delivery/ajs.php?zoneid=5139&cb=70191875672&loc=http%3A//business.observernewsonline.com/observernewsonline/news/read/42003717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://www.dianomi.com/smartads.epl?id=6411 Message: Failed to decode downloaded font: https://www.dianomi.com/fonts/lucidagrande/lucida-grande.ttf
other	warning	URL: https://www.dianomi.com/smartads.epl?id=6411 Message: OTS parsing error: cmap: Failed to parse table
network	error	URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://q1mediahydraplatform.com/ads/video/controller.php?qid=54f36c5bad1d148132957fe6&qz=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.financialcontent.com
adservice.google.com
adservice.google.it
analytics.inform.com
b609ca34f57ae9e324779c5bd6fd89d9.safeframe.googlesyndication.com
business.observernewsonline.com
connect.facebook.net
contextual.media.net
edge.quantserve.com
fonts.googleapis.com
googleads.g.doubleclick.net
images.financialcontent.com
js.financialcontent.com
launch.inform.com
launch.newsinc.com
lg3.media.net
marketersmedia.com
markets.financialcontent.com
navvy.media.net
observernewsonline.com
pagead2.googlesyndication.com
partner.googleadservices.com
q1mediahydraplatform.com
res-a.akamaihd.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
weathersticker.wunderground.com
www.dianomi.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.googletagservices.com
www.observernewsonline.com
www.surfnewmedia.com
www.dianomi.com
104.107.160.24
104.18.23.230
13.224.193.81
13.225.77.94
142.250.185.66
192.104.183.109
192.104.183.209
192.252.149.23
2604:2dc0:100:282f::
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:803::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c1b::9b
2a03:2880:f02d:100:face:b00c:0:3
34.102.149.62
34.95.105.209
34.95.81.205
35.160.236.154
69.16.231.56
72.52.216.63
95.100.146.64
00208f2e3e89211dc2a512eb8ca6cbd5356535a2a4ba56430fa42d15e11f1fdc
04de5f97e3a9f20c3cd0cf447e4b83a9637473c6ec2f0240b8d4df4f4b3fdb8c
07934bc19b7c5e4e6896e598fd33c916e04afc2a7a36216f27174968c300aa87
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0c11c5710bca10bc5ef48e0c091572747642cf33af494020c321fa92ae3dd0d1
0e52bcf967787aedf98151d96be236d1e5931a4e92a763ba04fb24472ab7e321
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1400a1a3901f7fb0e1320d4a7371b52c74256b06fb213683fc8c551973057d47
160f14de0ff9b1d041ad6a76cc63b9c184bdca6051647bf66602cd00a6cb3df5
16ce765154c358ec44640a28d8681d44016f19461ada836137b7b94babdc0da7
1e8ebad4fd446c682bb3b26413717d4983bc3d6fc4803709ab94c6bbcdb3687b
1edea90091b4bf0c81b5460740fd169241ca382c585a2e2e3fa5120b1996dff1
26bdc7d292d70489e650894aed83d39794045c4e1bfe205523926286fb9b98ff
29d980cf3c90dc51d1b4fbc2444b58257a8b2d73b1dff1bedfe54df83ec28013
2a148f641d41bfd3208897f13dc9b2bbfd58e16c826a89b80f682a0c36bc8859
2aab8c6ab9d49416c3201919c515cb0e9cea83f8ba8d5b9cce7de4a6ab6832fb
2ea9893dfc9f4666a449dfd894af30cebec5d1b7f226661e40ce01c13e254405
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
327e5d1f0abe4611e6b1a45a1f2c39eb17fb37fc1a0e21565b78cce92c4df31e
33e13399dbfbfb70121ef3ae538ff4242e5ae9fbd247afcd0a8af8fdd5de3203
35d78671063f35a367b718dbc72a80c21940d99e9754f6b42026132e6133ecf3
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3839c3b8a5fe0959c2c95b62aa567af2ddcad21c9b5911ddbf821150aeb92a6e
384f1df0b407e13d2186e4b0ff572e863fed36e5699c41490b0e3106bb60aed4
3bd973b6680957845565525da00200236d33f1cb8cd5f76c77995e9243888379
3d68b4c44cafe1ab0c4ba679f2c5d189c862200c162b0dfded1cc2daefa8b185
3e68595446d0fdd1964f1f69a856526cdd8a04351583fe5cf122d0cc729f638a
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
4334f7d351ded11e16711e0115aeb1bdd787cd713705d06e65e3580e6c755b77
451503b5b5dc2af1761b4f8bb2273370487fd112c53eb3c7647b4997a429d2a4
454f02168766763038b33868ce255c10910d1c127317fe7f4ce576e43a188826
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52bad99391e6c0704e7e64fbc4ca7f33b56ac01d95f06421255201390e89f0ad
58b481c527c8b36ceac5d81bba341b6b2f6b30ba96d6cad0f025c3e61e7504c9
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5f03c94d5a4e33977b89384bb7d334c4f3a4149a2b51b744aa0cb406b4c1c53e
638cfa11c9b627cdf5f7155638be6fd8e72010e7a1f1d530904d5adb1e11772f
63aa6e980032027aabae9a31c274f45c7d0e03e1eb6768d9e5b8ac8f7a1705ab
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
663c56ff01eee9106a3b69b5644f0fabbf6455751fd95e7144ebdfdf7853de38
6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
71b4fa19a4ed21aa1def9219942ddc11bff922a06a5828bf007d9dab48067bf8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c70d65d2d2669da2220f62b532740e0d560d32d16fc8b56c9cf76d11e42ec2d
823a7bf7baadebc7732a83757a03d20855c0b267083c768d390f7f32df8b54cc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
883fed4080473e0aabc59976a3bdd7de8d53f757d841d3e42cae547800316b24
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d5d50c557971349f663b324210978a3a230bda7a51afe041e14756383fd7d8a
8fff5482038126e400ce2e797d3b3f96a3f39a8ab98a024e5059f492871618af
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
954dc6f92cc73e0d267992c81832ef4558fdd8d8d8e698a10e0686bd29370438
9570f7b5803cf60e423c1800b2db2682381a985a2617e3f04d68bb5a4d655037
985ea6febe2dc38f90bdbc7226471dd7740bf2daaf199285549cbe2bdcff86c6
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
9a7dc1467c7bfa39d15d77f4c1ce42f1ebde93bcd5b8c57cac367df08be51c8b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a367afbf305dcaddbe329b0f51169e076dd95399380f2b550b4fe7ff952b7433
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ae3cabd2d938d43ee77efedbc5da68e8d62d7a91bfb9aeb957554f11f516d507
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b6001c79ff05080996f77cd3e4561352163af6996b6f6f434ac6fc96fe67b605
b701c3ed8d8713f1a532046fb21e00edd11222319452cbbc4654d363bd6fc077
b81d2594557cdebef8aa9c7f7671bba2f860a7972a8a892d6cb308d624cc10d1
b8e003b4b7d26ee02a188fb24628333d94e9fa88da957caec99f9100a899c91b
b936491c8fc53fc3437c75e6783aa984dc5fa38791d87c4ef8da2a1d2ad93e07
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cb8fa4888e2bbcb1f5ab505b1959923054b5d8472b0dba31521cfc4f988c42fe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4397e610c09e4734d9481e332ec444b0317e8d529d674eac1e6bd1dca32b729
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d667c9a1c3734f61f6db1b2b5b8d1a5ead6427602feb01d79542aea6db6604e3
d9e68264c45370d5c7e7e6976ff7f9f746c83480a7566e81172a9b28eb2742db
d9ee42916827cfdd9cafa08bd07b23435d8f310d6a65c572d77f496288c3557e
da3be1cfbe7fd39cff6b81898a5b25bcbc5a65be1d59eb3ef38ac9bd03e0efb7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5688bcf9d2a2212aa313f05751cfb4e078f63c3f4621ae9e056913fd91b948a
e925d37f2475e0b8b162af50ef45ab4882142db5716a9a0483c8cf939c5d19a5
ecb4ca9b453567fa23c0d395193cfac0f1918e6e983ed423a3772ddbbbeccf65
ed0bcd80d3b4303d961bdc073484a695d2fee2ec84b279bc26be91dc727f22a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19150d721a806b0ce8aa72efaca47e788346ba37a3a778824578b6deaa1a781
f342555a8dd8436ebd0d36ceb2bb04315a4c304700e91d4dc8ac80a4ebf6a74c
f43a0e8d286dd2e8a538b2f5057d1fbbd1571cc5c2263075119bd0012eb018be
fcb1b952802295d9a323c95e7f7a12916509be1de9404bb6f0ff0f9254c3b205
fd6d849c8189af4c5cd5b4f84384e5a0d221a4932b36dffe2c143d82a720477b
ff012bf821fb657c383f63bfe52336c3c8b51b062e9a616bc342951120ada4a0

business.observernewsonline.com Open in urlscan Pro 2604:2dc0:100:282f:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

150 Requests

59 %HTTPS

52 %IPv6

22 Domains

36 Subdomains

32 IPs

5 Countries

2071 kBTransfer

4052 kBSize

13 Cookies

8 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

business.observernewsonline.com Open in urlscan Pro
2604:2dc0:100:282f:: Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

59 %
HTTPS

52 %
IPv6

22
Domains

36
Subdomains

32
IPs

5
Countries

2071 kB
Transfer

4052 kB
Size

13
Cookies

150 HTTP transactions
6 data transactions