www.nationalobserver.com Open in urlscan Pro
2606:4700:10::6816:4d72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium...
Effective URL:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium...
Submission: On December 04 via api (December 4th 2020, 2:20:39 pm UTC) from DE

Summary HTTP 63 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 63 HTTP transactions. The main IP is 2606:4700:10::6816:4d72, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nationalobserver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2020. Valid for: a year.

This is the only time www.nationalobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:10:... 2606:4700:10::6816:4d72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
63	12

37 2606:4700:10::6816:4d72 (United States)

ASN13335 (CLOUDFLARENET, US)

www.nationalobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5b4bc1e9483bd23522f315b31a81d3ab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	nationalobserver.com www.nationalobserver.com	2 MB
5	googlesyndication.com 5b4bc1e9483bd23522f315b31a81d3ab.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	13 KB
5	tinypass.com experience.tinypass.com cdn.tinypass.com id.tinypass.com buy.tinypass.com	130 KB
4	google-analytics.com www.google-analytics.com	52 KB
3	googletagmanager.com www.googletagmanager.com	96 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	99 KB
2	facebook.com www.facebook.com	490 B
2	facebook.net connect.facebook.net	93 KB
1	google.com adservice.google.com	169 B
1	google.ca adservice.google.ca	803 B
63	10

	Domain	Requested by
37	www.nationalobserver.com	www.nationalobserver.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.nationalobserver.com www.googletagmanager.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.nationalobserver.com connect.facebook.net
2	connect.facebook.net	www.nationalobserver.com connect.facebook.net
2	experience.tinypass.com	www.nationalobserver.com cdn.tinypass.com
2	securepubads.g.doubleclick.net	www.nationalobserver.com securepubads.g.doubleclick.net
1	buy.tinypass.com	cdn.tinypass.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	id.tinypass.com	cdn.tinypass.com
1	cdn.tinypass.com	experience.tinypass.com
1	5b4bc1e9483bd23522f315b31a81d3ab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ca	securepubads.g.doubleclick.net
63	16

This site contains links to these domains. Also see Links.

Domain
static.nationalobserver.com
www.youtube.com
national-observer.myshopify.com
www.vancouverobserver.com
canadianjournalism.ca
www.facebook.com
twitter.com
instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.google.ca GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
Frame ID: 566643CF0130CE4E0FAF444398078540
Requests: 61 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&templateVariantId=OTVPV8TDQEP3P&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2RQW-CMBiG_0vPNmlLgdIbc2iIUzFzTL11UKETKoOCJsv--8C5LSY77Dv1y_O83-HtOxAqBRzsvJeujfzx1gcjUIlMxkqewoEQRBDEBCIKsQ37N8HQcjDcBk9V9YZLM4lqSrMGIo8J4dmUstTDCcOU2RRTwjzH8QTBaX9YnitZK6kTeTkdbNhiN58-T2dheEODs0xao476omGGbN0h1CQQ9UNMLily8zbR5WH_akxXH1Byk_eTn3CTH09rWVaFMNJ6pLtxFC7phBHC-kQumm8GuKlbOQLmul_Cy7W3oeF8jlePAfhlsaiV0OaqxFHM1verILKi3klEWQmV6QZw3RbFCHSqUV9qB__u0oJ3K41mD8ftxl2QQxmi_3SpquFzBMKc7hnHHuGDwjnpWdvI2s-kNr2SlkM3xhSAYwe52GWI4I9PAA3NlvgBAAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I_5T8rHszQx4SE3ICpGD_6s8E-OyDMwMbk5Wz9ZwRLrBuu1CBryZPqCZ6sSNKLg7C_Cs1sGMv6b61C4sN3ABQEscDagsf4olK0NERnnBtMmTCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-sLa1G&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-0a0427efa6-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-04-15-20-21-361-YEUppq1mtFPr44gs-098aa95448d91c81485414289669a21d&visitId=v-2020-12-04-15-20-21-363-BQn0KLoYX7N2kmI0-098aa95448d91c81485414289669a21d&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=d42d2da2e2
Frame ID: 2C2D81767FB2E2FDD8A81352D47B00E5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: FE3A10E31A48BEE8F9EEFCD705B61B4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

63
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

16
Subdomains

12
IPs

4
Countries

2881 kB
Transfer

4397 kB
Size

15
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://static.nationalobserver.com/digital-fractures?utm_source=website&utm_medium=home_cta&utm_campaign=regular&utm_content=button&utm_term=digital_fractures
Title: Download

Search URL Search Domain Scan URL

URL: https://static.nationalobserver.com/digital-fractures?piano_status=logged_in&utm_source=website&utm_medium=home_cta&utm_campaign=regular&utm_content=button&utm_term=digital_fractures_sub
Title: Download

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=OaFnZ2rt1hw
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=llM5wmZjJU4
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=zi6ae6kZNqE
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=eW6O_YbaVv4
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://national-observer.myshopify.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.vancouverobserver.com/
Title: VO

Search URL Search Domain Scan URL

URL: https://canadianjournalism.ca/
Title: CCJ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nationalobserver

Search URL Search Domain Scan URL

URL: https://twitter.com/NatObserver

Search URL Search Domain Scan URL

URL: https://www.youtube.com/nationalobserver

Search URL Search Domain Scan URL

URL: https://instagram.com/natobserver/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/national-observer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.nationalobserver.com/ 78 KB
16 KB 1382ms
1366ms Document
text/html 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852244c47b6b82d337c8cbb807afac2c6de02fe178414d209c46245ed4e16b24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.nationalobserver.com
:scheme: https
:path: /?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:20 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dda120d43f999d1bc70c65e5bc2ef28331607091619; expires=Sun, 03-Jan-21 14:20:19 GMT; path=/; domain=.nationalobserver.com; HttpOnly; SameSite=Lax
x-drupal-cache: MISS
x-content-type-options: nosniff
content-language: en
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-generator: Drupal 7 (http://drupal.org)
link: <https://www.nationalobserver.com/front>; rel="canonical",<https://www.nationalobserver.com/front>; rel="shortlink",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/favicon.ico>; rel="shortcut icon",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/icon-192x192.png>; rel="icon_192x192",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-iphone-114x114.png>; rel="apple-touch-icon-precomposed_114x114",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-ipad-144x144.png>; rel="apple-touch-icon-precomposed_144x144",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-ipad-152x152.png>; rel="apple-touch-icon-precomposed_152x152",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-iphone-180x180.png>; rel="apple-touch-icon-precomposed_180x180"
cache-control: public, max-age=300
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie,Accept-Encoding
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=63072000
last-modified: Fri, 04 Dec 2020 14:20:19 GMT
x-varnish: 39589969
age: 0
via: 1.1 varnish (Varnish/5.0)
x-varnish-cache: MISS
cf-cache-status: DYNAMIC
cf-request-id: 06cfb91d8a000005f1603e7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fc62adc081005f1-FRA
content-encoding: br

GET
H2 200 proxima-nova-bold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ 22 KB
22 KB 15ms
14ms Font
text/plain 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/proxima-nova-bold.woff2

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 04 Dec 2020 14:20:20 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 510
strict-transport-security: max-age=63072000
content-length: 22128
cf-request-id: 06cfb922e6000005f13715b000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011789 14480837
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5fc62ae4a86805f1-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 proxima-nova-regular.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/ 21 KB
21 KB 19ms
18ms Font
text/plain 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/proxima-nova-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 04 Dec 2020 14:20:20 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 510
strict-transport-security: max-age=63072000
content-length: 21700
cf-request-id: 06cfb922e6000005f16ea03000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 29505681 24110464
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5fc62ae4a86d05f1-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 proxima-nova-extrabold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/ 22 KB
22 KB 13ms
13ms Font
text/plain 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/proxima-nova-extrabold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 04 Dec 2020 14:20:20 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 510
strict-transport-security: max-age=63072000
content-length: 22404
cf-request-id: 06cfb922e6000005f193b8a000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 29906689 23950002
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5fc62ae4a87005f1-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ 15 KB
4 KB 14ms
13ms Stylesheet
text/css 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2529001
cf-ray: 5fc62ae4a89205f1-FRA
strict-transport-security: max-age=63072000
content-length: 3972
cf-request-id: 06cfb922ec000005f135aa2000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 20750402 23504547
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: text/css

GET
H2 200 css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__Ovx7J2g4IFlnDbCFbaIZJthossEi8l2x8GhY1fgPHp4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ 214 KB
29 KB 19ms
18ms Stylesheet
text/css 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__Ovx7J2g4IFlnDbCFbaIZJthossEi8l2x8GhY1fgPHp4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393deeb8388c12de804fd3bc415ea2f60b89a0b7ffb43fd9f0df96d4045ab7a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 45994
cf-ray: 5fc62ae4a89605f1-FRA
strict-transport-security: max-age=63072000
content-length: 29893
cf-request-id: 06cfb922ec000005f13a025000000001
last-modified: Fri, 04 Dec 2020 01:28:30 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39683715
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: text/css

GET
H2 200 js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__Wz3QOsRCjmzVl-xtKAxrkqGi6tINJ-aBW-0bBkHG-1I__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 53 KB
18 KB 27ms
27ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__Wz3QOsRCjmzVl-xtKAxrkqGi6tINJ-aBW-0bBkHG-1I__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb9094fba22af0159831e1f00a28b224db8277a89fe4190826430011b08019e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8767
cf-ray: 5fc62ae4a89805f1-FRA
strict-transport-security: max-age=63072000
content-length: 18364
cf-request-id: 06cfb922ec000005f12886a000000001
last-modified: Fri, 04 Dec 2020 10:55:02 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 37714399 39752611
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 6 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 113116
cf-ray: 5fc62ae57ab905f1-FRA
strict-transport-security: max-age=63072000
content-length: 2234
cf-request-id: 06cfb9236e000005f184060000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 36891543
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 3 KB
1 KB 13ms
13ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27479
cf-ray: 5fc62ae59b0405f1-FRA
strict-transport-security: max-age=63072000
content-length: 1080
cf-request-id: 06cfb9237f000005f1281e0000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39688533 38848692
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 lji_canada.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/ 103 KB
42 KB 21ms
21ms Image
image/svg+xml 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/lji_canada.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 04 Dec 2020 14:20:20 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2978
cf-ray: 5fc62ae5bb6405f1-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06cfb9238f000005f1281e1000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011794
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 167 KB
57 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 657077
cf-ray: 5fc62ae4c8f105f1-FRA
strict-transport-security: max-age=63072000
content-length: 58590
cf-request-id: 06cfb92300000005f193b8c000000001
last-modified: Thu, 26 Nov 2020 23:29:21 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 31235036 31268442
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 79 KB
22 KB 13ms
12ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 657077
cf-ray: 5fc62ae4f96e05f1-FRA
strict-transport-security: max-age=63072000
content-length: 22203
cf-request-id: 06cfb92319000005f1281d4000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29906692 23949604
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 8 KB
3 KB 13ms
13ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 657077
cf-ray: 5fc62ae519bc05f1-FRA
strict-transport-security: max-age=63072000
content-length: 2871
cf-request-id: 06cfb9232b000005f1303d4000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 31235038 24110414
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 24 KB
7 KB 18ms
18ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 657077
cf-ray: 5fc62ae529ec05f1-FRA
strict-transport-security: max-age=63072000
content-length: 7105
cf-request-id: 06cfb9233a000005f19133a000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 20149087 23949976
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 31 KB
9 KB 30ms
30ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27479
cf-ray: 5fc62ae54a3e05f1-FRA
strict-transport-security: max-age=63072000
content-length: 8727
cf-request-id: 06cfb9234d000005f188b56000000001
last-modified: Fri, 27 Nov 2020 02:10:44 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39946045
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 112ms
58ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__Wz3QOsRCjmzVl-xtKAxrkqGi6tINJ-aBW-0bBkHG-1I__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 04 Dec 2020 14:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Fri, 04 Dec 2020 14:20:20 GMT

GET
H2 200 logo_header.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ 6 KB
3 KB 14ms
13ms Image
image/svg+xml 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/logo_header.svg

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__Ovx7J2g4IFlnDbCFbaIZJthossEi8l2x8GhY1fgPHp4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__Ovx7J2g4IFlnDbCFbaIZJthossEi8l2x8GhY1fgPHp4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 04 Dec 2020 14:20:20 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 508
cf-ray: 5fc62ae65d1805f1-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06cfb923fb000005f151261000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 20149092 28765569
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 25096551355_d8d4b789b8_k.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/12/02/ 136 KB
136 KB 20ms
18ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/12/02/25096551355_d8d4b789b8_k.jpg?itok=vlWzVAZ2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d332c5733777ab2eef7556dd7d89f1ebd5d09ff70c333712eefe2fff500bc856

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2978
cf-polished: qual=85, origFmt=jpeg, origSize=1465220
content-type: image/webp
content-disposition: inline; filename="25096551355_d8d4b789b8_k.webp"
vary: Accept
content-length: 139196
cf-request-id: 06cfb9247e000005f1800d2000000001
last-modified: Wed, 02 Dec 2020 23:27:01 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 38725548 40122181
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae72f8005f1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 ciat_gene_bank_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2020/12/03/ 319 KB
319 KB 1186ms
1184ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2020/12/03/ciat_gene_bank_0.jpg?itok=b76xxLob

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97de983720f78a5e6819e7bbe480b8aaf15275b05ea6aa3627185eba692bac14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 326441
cf-request-id: 06cfb9247e000005f128200000000001
last-modified: Fri, 04 Dec 2020 13:21:41 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38461959 38691081
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae72f8205f1-FRA

GET
H2 200 plant_based_meat_sandwich_final_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/02/ 130 KB
130 KB 1224ms
1222ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/02/plant_based_meat_sandwich_final_1.jpg?itok=FUWfvyov

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae9640e15a886ff4334fc7ed3a1c20fbfad3c5721798d1bc600272a9a6c08d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 132906
cf-request-id: 06cfb9247f000005f156b63000000001
last-modified: Thu, 03 Dec 2020 11:15:56 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39562670 37550692
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae72f8505f1-FRA

GET
H2 200 2020120220128-5fc83a9445524b323d7a30a6jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 53 KB
54 KB 1200ms
1198ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/2020120220128-5fc83a9445524b323d7a30a6jpeg.jpg?itok=_M03qDEC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5538bc99a5062d3ab1d51d2d25e88d2a4be86eb7d1d705bf3267699c8cbf580

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 54601
cf-request-id: 06cfb9247f000005f1501cd000000001
last-modified: Thu, 03 Dec 2020 21:58:22 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38497162 40405992
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae72f8a05f1-FRA

GET
H2 200 covid-19_spendingshutterstock_1665580240_2.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 54 KB
54 KB 1196ms
1195ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/covid-19_spendingshutterstock_1665580240_2.jpg?itok=RwLUWlAc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c095c62d9872590051bb590cc40cdf1a48e4c5924a4c7ce882ef65baf6ef5d9e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 55580
cf-request-id: 06cfb92483000005f136a5e000000001
last-modified: Fri, 04 Dec 2020 11:16:11 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 40244405 40405792
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae72f8d05f1-FRA

GET
H2 200 ridec_04-20_collage.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 128 KB
128 KB 1121ms
1120ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ridec_04-20_collage.jpg?itok=rmF1Jg-f

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3bc21d3a058985087c6044de97dfa3425a4f7b76325126ec6e0d6c6b3075cea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 131293
cf-request-id: 06cfb92480000005f133b5e000000001
last-modified: Fri, 04 Dec 2020 11:17:31 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38691094 39589939
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae72f8e05f1-FRA

GET
H2 200 20201202221248-5fc860240a5307b0ef43fb92jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 8 KB
8 KB 17ms
15ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/20201202221248-5fc860240a5307b0ef43fb92jpeg.jpg?itok=SbLB3KHn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

005a9e50b27cc1e283e22e4fbb909bf772540406c9c5bc95e448183badbb2e28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2959
cf-polished: qual=85, origFmt=jpeg, origSize=74524
content-type: image/webp
content-disposition: inline; filename="20201202221248-5fc860240a5307b0ef43fb92jpeg.webp"
vary: Accept
content-length: 8298
cf-request-id: 06cfb9249a000005f13e908000000001
last-modified: Thu, 03 Dec 2020 13:57:12 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 39273951
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae75fec05f1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 20201203141224-5fc93bf75e3dadb04534ded8jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ 109 KB
110 KB 1204ms
1203ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/20201203141224-5fc93bf75e3dadb04534ded8jpeg.jpg?itok=kFPhnKFe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5f07544aab13f54a9d2d440a0fd8a69944c07348bbca4b226cb47206091f32c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 112007
cf-request-id: 06cfb9249b000005f130003000000001
last-modified: Fri, 04 Dec 2020 13:51:43 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38691097 38691087
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae75fef05f1-FRA

GET
H2 200 20201020161048-5f8f4d16c09fa369382a6e3ajpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/20/ 13 KB
14 KB 18ms
17ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/20/20201020161048-5f8f4d16c09fa369382a6e3ajpeg.jpg?itok=SAaCCTvR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06091d2d68425c5493c423bd22a31fdc8c8c39a148da84046a9a5b92ed27fcb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2959
cf-polished: qual=85, origFmt=jpeg, origSize=94636
content-type: image/webp
content-disposition: inline; filename="20201020161048-5f8f4d16c09fa369382a6e3ajpeg.webp"
vary: Accept
content-length: 13752
cf-request-id: 06cfb9249b000005f1838b3000000001
last-modified: Thu, 03 Dec 2020 14:03:20 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 38564335
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae75ff205f1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 2020120318128-54670e61b56f5f2144bb6fb244a491f7560452dabccf80a9a6909e0d502f46c6.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ 73 KB
73 KB 1053ms
1052ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/2020120318128-54670e61b56f5f2144bb6fb244a491f7560452dabccf80a9a6909e0d502f46c6.jpg?itok=js4W3EQI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0afff8b1e9a111f7ac4ed18478ed3f35c94a27e8d5a503449876d99a6045023

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 74871
cf-request-id: 06cfb9249b000005f19f310000000001
last-modified: Fri, 04 Dec 2020 13:33:15 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38497164 39589951
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae75ff405f1-FRA

GET
H2 200 20201202171248-5fc81a807ad137355966858fjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 12 KB
13 KB 15ms
14ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/20201202171248-5fc81a807ad137355966858fjpeg.jpg?itok=RftarAJB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daeb333b26e1c8fc3ae104802f7d628fd98ce1dc81f72d6668123397f034f99c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2959
cf-polished: qual=85, origFmt=jpeg, origSize=97039
content-type: image/webp
content-disposition: inline; filename="20201202171248-5fc81a807ad137355966858fjpeg.webp"
vary: Accept
content-length: 12558
cf-request-id: 06cfb9249b000005f19bbb1000000001
last-modified: Thu, 03 Dec 2020 14:10:01 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 38725590
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae75ff505f1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 20201202171244-5fc8193c4f7002117e5a950ajpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 49 KB
49 KB 1210ms
1209ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/20201202171244-5fc8193c4f7002117e5a950ajpeg.jpg?itok=Y6W0Gaoc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c17b1105508dee549d98f71dc9e6f5f5e43bdc602105213ee48f11f2fce20aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 50173
cf-request-id: 06cfb9249b000005f191353000000001
last-modified: Thu, 03 Dec 2020 13:52:49 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 40213625 40405808
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae75ff705f1-FRA

GET
H2 200 logo_footer.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ 6 KB
3 KB 842ms
842ms Image
image/svg+xml 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/logo_footer.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__Ovx7J2g4IFlnDbCFbaIZJthossEi8l2x8GhY1fgPHp4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 04 Dec 2020 14:20:21 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-ray: 5fc62ae7681305f1-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06cfb924a2000005f13e909000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011806 31235028
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 20201202201232-5fc840a9f0eecdad4adb36c0jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 78 KB
78 KB 1205ms
1203ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/20201202201232-5fc840a9f0eecdad4adb36c0jpeg.jpg?itok=erXXI663

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

981242366782cfa4ca8a99613a9c9ad69b1978dd5b5be6de6bcac99fe08a9c10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 80010
cf-request-id: 06cfb924d3000005f12c1f3000000001
last-modified: Thu, 03 Dec 2020 13:48:08 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39589972 39589922
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae7b8fa05f1-FRA

GET
H2 200 danya_fast_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/02/ 111 KB
112 KB 1058ms
1056ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/02/danya_fast_1.jpg?itok=PaWCSvWh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4873708aa8c2a754a8fcdbaddf9673c5cfe5f9d3ca5e08c79badc6d40e3b483

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 113926
cf-request-id: 06cfb924d4000005f1620c9000000001
last-modified: Thu, 03 Dec 2020 11:12:12 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38461964 40405943
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae7b8fc05f1-FRA

GET
H2 200 201203_ashley_lees.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/02/ 130 KB
131 KB 1199ms
1197ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/02/201203_ashley_lees.jpg?itok=5i_a30zH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0170f8251ebe8145cfe2395c35acb78b404432de3de1c16fd2a419184046c39b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 133462
cf-request-id: 06cfb924d4000005f17dbee000000001
last-modified: Thu, 03 Dec 2020 11:15:56 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 37550694 37550594
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae7b8fe05f1-FRA

GET
H2 200 philippines_flooding.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ 154 KB
154 KB 1263ms
1261ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/philippines_flooding.jpg?itok=WlgVnzTy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbe83b2df5f49db70801697c9faf53517316243c1edfc96d11686a3200e53fe9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 157538
cf-request-id: 06cfb924d4000005f12912a000000001
last-modified: Thu, 03 Dec 2020 11:15:56 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39562675 39589954
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae7b90205f1-FRA

GET
H2 200 crop_fraser_macdonald_prawn_mfa.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/11/23/ 302 KB
302 KB 1186ms
1184ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/11/23/crop_fraser_macdonald_prawn_mfa.jpg?itok=7pIPLFV2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4068cadadb33cb8fcc9bb0a8499c93614b4f9943281313a55a2d3108b1855351

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 308895
cf-request-id: 06cfb924d7000005f185bbf000000001
last-modified: Wed, 25 Nov 2020 13:38:58 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38461961 39851932
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae7b90705f1-FRA

GET
H2 200 resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/ 187 KB
187 KB 1191ms
1190ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg?itok=_-yTTlhZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e554e5a9fb4cb8b60e0a992f50468ccd3a1ff0de992c64b502544cb77c8127e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 191635
cf-request-id: 06cfb924d5000005f19f31b000000001
last-modified: Tue, 05 Nov 2019 01:58:24 GMT
server: cloudflare
date: Fri, 04 Dec 2020 14:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 40405994 39562648
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fc62ae7b90805f1-FRA

GET
H2 200 bugaboo_creek_clearcut.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ 31 KB
32 KB 805ms
804ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/bugaboo_creek_clearcut.jpg?itok=dENkuCMc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 04 Dec 2020 14:20:21 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=144624, status=webp_bigger
cf-ray: 5fc62ae7b90a05f1-FRA
strict-transport-security: max-age=63072000
content-length: 32128
cf-request-id: 06cfb924d6000005f12820a000000001
last-modified: Mon, 26 Oct 2020 12:52:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29692636
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
45 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

767fc87068fa115f4b331a14ed3005d1bb71d54cdb0684f5ac104da6d34d4943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46278
x-xss-protection: 0
last-modified: Fri, 04 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Dec 2020 14:20:21 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 46ms
28ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=Z9bvuPACYA

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 82
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06cfb9250c00002bf68fbce000000001
x-request-id: CnrjtkqXqN2
wn: prod-exp-10-0-93-116
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 5fc62ae81b3a2bf6-FRA
expires: Fri, 04 Dec 2020 14:50:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 109 B
803 B 39ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.nationalobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 14ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nationalobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
999 B 112ms
83ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=672393841764440&correlator=1696412346317153&output=ldjh&impl=fifs&eid=21065113%2C21068809&vrg=2020111901&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201204&iu_parts=1086440%2Cnatobs_main_body_bottom%2Cnatobs_main_body_middle%2Cnatobs_main_body_top&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3&prev_iu_szs=970x250%7C728x90%2C970x250%7C728x90%2C970x250%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1607091619&dt=1607091621261&dlt=1607091620575&idt=263&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C315&adys=4299%2C3639%2C1872&adks=2171609318%2C1768474810%2C3015429365&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-0a0427efa6-277178234&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C1600x250&msz=1600x250%7C1600x250%7C1600x250&ga_vid=1538213348.1607091621&ga_sid=1607091621&ga_hid=1505168344&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ba656b1132d990b2f984ef9f777ad4f8475948588db2dada8fa27d0f9214391a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 271
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5b4bc1e9483bd23522f315b31a81d3ab.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5b4bc1e9483bd23522f315b31a81d3ab.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 393 KB
124 KB 18ms
16ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=Z9bvuPACYA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f0bed2cb604f8192a5880bfac2f8a9d42cb5ddc4a4d1c40a4ed69834073f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06cfb9259b00002bf60fb35000000001
wn: prod-dash-10-0-120-43
last-modified: Thu, 03 Dec 2020 15:07:30 GMT
server: cloudflare
etag: W/"402556-1607008050000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 5fc62ae8fd5e2bf6-FRA
expires: Fri, 04 Dec 2020 14:25:21 GMT

GET
H2 200 img_9448.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ 30 KB
30 KB 813ms
812ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/img_9448.jpg?itok=-hBaZ1RN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 04 Dec 2020 14:20:22 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=141104, status=webp_bigger
cf-ray: 5fc62ae90c8205f1-FRA
strict-transport-security: max-age=63072000
content-length: 30428
cf-request-id: 06cfb925b0000005f1800f4000000001
last-modified: Fri, 23 Oct 2020 16:37:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39947274
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 70ms
53ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TNN7SJH0J9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60fb90ce2e74a758518d298397b0a18a738c521d2e1b9054e3d45f96fe4e1de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51854
x-xss-protection: 0
expires: Fri, 04 Dec 2020 14:20:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1861
date: Fri, 04 Dec 2020 13:49:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 04 Dec 2020 15:49:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
24 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: EQAx+iH2JUf4/R96GfFwGZSwJODZqbwoENMywguaHOlwU10fCJKU8yl5GyAkOV7iUUef8pars+wnfo/ntHsnqA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 04 Dec 2020 14:20:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 84 KB
34 KB 49ms
35ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WFJVCJJ&t=gtm2&cid=1538213348.1607091621

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4ace00bc3d94626ea0e9629ce3a0a401bdd23a1eaf1654c100cf4a7bbd47a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34189
x-xss-protection: 0
last-modified: Fri, 04 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Dec 2020 14:20:21 GMT

GET
H2 200 161351677799122 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/161351677799122?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: FnFdpXqokHRgMt2i6IADF+OFv6x+CvY+XmBx+BCm71LaDx17Ped2n8NOmcBsKtlXvzyGVLX9UAakcyMmCbKNNQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 04 Dec 2020 14:20:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1747440604
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
344 B 15ms
13ms Other
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TNN7SJH0J9&gtm=2oeb41&_p=1505168344&sr=1600x1200&ul=en-us&cid=1538213348.1607091621&_s=1&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-0a0427efa6-277178234&dr=&dt=Home%20%7C%20National%20Observer&sid=1607091621&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TNN7SJH0J9&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Dec 2020 14:20:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 209 B
975 B 134ms
126ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery1124004667414721337093_1607091621317&client_id=Z9bvuPACYA&token=&site=https%3A%2F%2Fwww.nationalobserver.com&_=1607091621318

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7554ca88daae55c4cecd677f50151229221faedc5f37c330899980bc3dba88f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06cfb9264300002bf63e88c000000001
x-request-id: CxtjtkqxhAk
pragma: no-cache
wn: prod-id-10-0-141-182
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.002
cf-ray: 5fc62aea081e2bf6-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
73 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1505168344&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-0a0427efa6-277178234&ul=en-us&de=UTF-8&dt=Home%20%7C%20National%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAEADQAAAAC~&jid=529798064&gjid=106387772&cid=1538213348.1607091621&tid=UA-59182232-1&_gid=927344012.1607091621&_r=1&gtm=2wgb41K2JMB7M&z=1477144826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Dec 2020 14:20:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
91 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-59182232-1&cid=1538213348.1607091621&jid=529798064&gjid=106387772&_gid=927344012.1607091621&_u=aCjAAEACQAAAAC~&z=1095396529

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Dec 2020 14:20:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=161351677799122&ev=PageView&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-0a0427efa6-277178234&rl=&if=false&ts=1607091621523&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607091621521.1529455435&it=1607091621407&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 04 Dec 2020 14:20:21 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 7 KB
3 KB 145ms
145ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=Z9bvuPACYA

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50708dbcd7c63964c592dfcf45943572e20da57738ff09f05ad4172fdabb3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06cfb926cd00002bf656a55000000001
x-request-id: CxtjtkqFwDM
pragma: no-cache
wn: prod-exp-10-0-91-252
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fc62aeaea0c2bf6-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 show
buy.tinypass.com/checkout/template/ Frame 2C2D 0
0 147ms
146ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&templateVariantId=OTVPV8TDQEP3P&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2RQW-CMBiG_0vPNmlLgdIbc2iIUzFzTL11UKETKoOCJsv--8C5LSY77Dv1y_O83-HtOxAqBRzsvJeujfzx1gcjUIlMxkqewoEQRBDEBCIKsQ37N8HQcjDcBk9V9YZLM4lqSrMGIo8J4dmUstTDCcOU2RRTwjzH8QTBaX9YnitZK6kTeTkdbNhiN58-T2dheEODs0xao476omGGbN0h1CQQ9UNMLily8zbR5WH_akxXH1Byk_eTn3CTH09rWVaFMNJ6pLtxFC7phBHC-kQumm8GuKlbOQLmul_Cy7W3oeF8jlePAfhlsaiV0OaqxFHM1verILKi3klEWQmV6QZw3RbFCHSqUV9qB__u0oJ3K41mD8ftxl2QQxmi_3SpquFzBMKc7hnHHuGDwjnpWdvI2s-kNr2SlkM3xhSAYwe52GWI4I9PAA3NlvgBAAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I_5T8rHszQx4SE3ICpGD_6s8E-OyDMwMbk5Wz9ZwRLrBuu1CBryZPqCZ6sSNKLg7C_Cs1sGMv6b61C4sN3ABQEscDagsf4olK0NERnnBtMmTCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-sLa1G&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-0a0427efa6-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-04-15-20-21-361-YEUppq1mtFPr44gs-098aa95448d91c81485414289669a21d&visitId=v-2020-12-04-15-20-21-363-BQn0KLoYX7N2kmI0-098aa95448d91c81485414289669a21d&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=d42d2da2e2

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&templateVariantId=OTVPV8TDQEP3P&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2RQW-CMBiG_0vPNmlLgdIbc2iIUzFzTL11UKETKoOCJsv--8C5LSY77Dv1y_O83-HtOxAqBRzsvJeujfzx1gcjUIlMxkqewoEQRBDEBCIKsQ37N8HQcjDcBk9V9YZLM4lqSrMGIo8J4dmUstTDCcOU2RRTwjzH8QTBaX9YnitZK6kTeTkdbNhiN58-T2dheEODs0xao476omGGbN0h1CQQ9UNMLily8zbR5WH_akxXH1Byk_eTn3CTH09rWVaFMNJ6pLtxFC7phBHC-kQumm8GuKlbOQLmul_Cy7W3oeF8jlePAfhlsaiV0OaqxFHM1verILKi3klEWQmV6QZw3RbFCHSqUV9qB__u0oJ3K41mD8ftxl2QQxmi_3SpquFzBMKc7hnHHuGDwjnpWdvI2s-kNr2SlkM3xhSAYwe52GWI4I9PAA3NlvgBAAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I_5T8rHszQx4SE3ICpGD_6s8E-OyDMwMbk5Wz9ZwRLrBuu1CBryZPqCZ6sSNKLg7C_Cs1sGMv6b61C4sN3ABQEscDagsf4olK0NERnnBtMmTCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-sLa1G&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-0a0427efa6-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-04-15-20-21-361-YEUppq1mtFPr44gs-098aa95448d91c81485414289669a21d&visitId=v-2020-12-04-15-20-21-363-BQn0KLoYX7N2kmI0-098aa95448d91c81485414289669a21d&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=d42d2da2e2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234

Response headers

date: Fri, 04 Dec 2020 14:20:21 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.013
set-cookie: LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-141-121
x-forwarded-https: on
x-request-id: CxtjtkqnegN
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-request-id: 06cfb9278300002bf639b9e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fc62aec0cc02bf6-FRA
content-encoding: br

POST
H2 200 /
www.facebook.com/tr/ 0
112 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryyi1lFHJIulhYJuIg

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 04 Dec 2020 14:20:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 37ms
17ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

746deb19463f9c1f90660b85c5a2e7f63b6ba3e596fc05f95a05291c18cc918e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Dec 2020 14:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6423
x-xss-protection: 0

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
118 B 15ms
14ms Image
image/gif 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WFJVCJJ&cv=24&t=ol&g=78&p=gtm&l=384&q=810&f=58&e=13&i=47&d=352&c=455&hc=0&sr=0.050000&ps=0.03298326857174594&cb=807979596

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Dec 2020 14:20:22 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 14:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 04 Dec 2020 14:20:22 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame FE3A 0
0 34ms
20ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 04 Dec 2020 14:04:52 GMT
expires: Sat, 04 Dec 2021 14:04:52 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 930
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 17ms
17ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=672393841764440&bg=!S0ilSGjNAAUbEDgJG1hq2Od3sXtn9QIAAACeUgAAABNoAQcKAIR2ymDI3CB90L0Fmb6xSObfMwymC6rabfxDEODHZI7fRpIfPmzh-hTGMpH7wUxp4rZSdkk9qVJ7tQ7qFIbqFm5_EqqJVkhh2xJcUrBVhqoLlE6gu-JMXO2CZWOIWnkOIwjI1UD0vHyssnUrCfqHa_M9KZHqBtQlvZWEwVnrYqpLY4GpDvuZAcG9JYSfx1WKbeVHAFuUuWGG4ySxgAKLeqpyehzEPF5G2_OeDphnl6vZktoQFKKzXUMUGSAQ7Va95OOGjZiDqJjs73cifubsJkgjBEUVD1cYmYgwJVDLXtw8NKUBkP-tnaCYv-Sh8W-LgxB8HObBqe9HJk7H3EK-AXx1vg1f1hhttzd4VJDAChl3vtZwynTjYrFeK5Vl5Gb5Dim1tXBuZLz6NxxcEkc-Rc6njuni9pI7QwmEIr_7mz8xHwlzuAv8JQaYM9V3EpbI52_fuhTaaYV2KB8nkixZJho1zSCd1IVWmF2atRsQMVnk0y46shf1tPvCuAquznZvagMAdqHJdyMGX2eTtx-7wSxRAV5wyR1yYVEwznytuar4Xdmr48k3ruyY4GSor2b9NdCjDGd56ufmgMReeKBOkMJ9t86gpE_xw208Eve-lm2tK-LslfPewuXaJ0ln2AKMIAI0Q1RsO-FV6zS4LoKSD7N--Bil_NjGXLPCOISapgfr7_WBAX1e04a2mn3AuJJFzm0kOmI1TkXy91IoRI7HqSG3fwECZ0auEivMrssh2Ulig9klX-lL5jVQJ4IXKdCRjDgnBYzoZNTUjg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=0a0427efa6-EMAIL_CAMPAIGN_2020_12_04_02_11&utm_medium=email&utm_term=0_cacd0f141f-0a0427efa6-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Dec 2020 14:20:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nationalobserver.com/	1970-01-19 14:26:18	Name: __pvi Value: %7B%22id%22%3A%22v-2020-12-04-15-20-21-363-BQn0KLoYX7N2kmI0-098aa95448d91c81485414289669a21d%22%2C%22domain%22%3A%22.nationalobserver.com%22%2C%22time%22%3A1607091621728%7D
.tinypass.com/	1970-01-21 02:24:51	Name: LANG Value: en_US
www.nationalobserver.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.nationalobserver.com/	1970-01-19 14:24:51	Name: _gat_UA-59182232-1 Value: 1
.nationalobserver.com/	1970-01-20 07:56:03	Name: _ga Value: GA1.2.1538213348.1607091621
.nationalobserver.com/	1970-01-20 07:56:03	Name: __tbc Value: %7Bjzx%7Di4cQEliGphDucRXKRMu_I_5T8rHszQx4SE3ICpGD_6s8E-OyDMwMbk5Wz9ZwRLrBuu1CBryZPqCZ6sSNKLg7C_Cs1sGMv6b61C4sN3ABQEscDagsf4olK0NERnnBtMmTCVG_RXn-uiONfDaQYYJiQw
.nationalobserver.com/	1970-01-20 07:56:03	Name: _ga_TNN7SJH0J9 Value: GS1.1.1607091621.1.0.1607091621.0
.nationalobserver.com/	1970-01-19 23:46:27	Name: __gads Value: ID=3e46ccb6ef7c5775-2222348d54b90026:T=1607091621:S=ALNI_MZKjIVd1ABEBiISOz0Z5lNYE-ebkw
www.nationalobserver.com/	1969-12-31 23:59:59	Name: _pc_nat_brief Value: nosub
.nationalobserver.com/	1970-01-20 07:56:03	Name: xbc Value: %7Bjzx%7DsP3NgJ2i2GEzR8w_uoW71WUr__jKHwAxdXGRMQxwgDmsLKKwY1qMwU4fjJT5Xnz3BEi2yO7DIrp0RBrS_59-bnB62Y0N_XspK8PFHD3CGYKxcwHVHWB4LmQl2t0hYdgBH8h1CV_-WBUONIb8mA-JaDqwlKJoNxu2pgjyftNKUzcdkzFGYlwrE8G07uFrgePbhri_3GgPStjolWDL_sV_YiR1fEkhOzIFdwNN78EHhhwgeodF8XhDXaCaUopV1jE5HaZiC8_vGuiREMnPlEO7KPFuk5fMU6NX4-cUbTKUSSrwwZx8bKPUjdTgdLKHbwKr7xiNfX_oyfyHsk9YHaGISyT4dR-3eu9M02y487dmfkqfCdk05WMxJaHopnEzK3aq
.nationalobserver.com/	1970-01-19 16:34:27	Name: _fbp Value: fb.1.1607091621521.1529455435
.nationalobserver.com/	1970-01-19 14:26:18	Name: _gid Value: GA1.2.927344012.1607091621
.nationalobserver.com/	1970-01-19 15:08:03	Name: __pat Value: -18000000
.tinypass.com/	1970-01-19 14:26:18	Name: LANG_CHANGED Value: en_US
.nationalobserver.com/	1970-01-19 15:08:03	Name: __cfduid Value: dda120d43f999d1bc70c65e5bc2ef28331607091619

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b4bc1e9483bd23522f315b31a81d3ab.safeframe.googlesyndication.com
adservice.google.ca
adservice.google.com
buy.tinypass.com
cdn.tinypass.com
connect.facebook.net
experience.tinypass.com
id.tinypass.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nationalobserver.com
172.217.18.162
2606:4700:10::6816:4d72
2606:4700::6811:bab1
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2008
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2001
2a00:1450:400c:c02::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
005a9e50b27cc1e283e22e4fbb909bf772540406c9c5bc95e448183badbb2e28
0170f8251ebe8145cfe2395c35acb78b404432de3de1c16fd2a419184046c39b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06091d2d68425c5493c423bd22a31fdc8c8c39a148da84046a9a5b92ed27fcb4
0c17b1105508dee549d98f71dc9e6f5f5e43bdc602105213ee48f11f2fce20aa
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
0fb9094fba22af0159831e1f00a28b224db8277a89fe4190826430011b08019e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d
393deeb8388c12de804fd3bc415ea2f60b89a0b7ffb43fd9f0df96d4045ab7a0
3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19
4068cadadb33cb8fcc9bb0a8499c93614b4f9943281313a55a2d3108b1855351
44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50
51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64
53f0bed2cb604f8192a5880bfac2f8a9d42cb5ddc4a4d1c40a4ed69834073f31
60fb90ce2e74a758518d298397b0a18a738c521d2e1b9054e3d45f96fe4e1de9
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9
746deb19463f9c1f90660b85c5a2e7f63b6ba3e596fc05f95a05291c18cc918e
7554ca88daae55c4cecd677f50151229221faedc5f37c330899980bc3dba88f7
767fc87068fa115f4b331a14ed3005d1bb71d54cdb0684f5ac104da6d34d4943
7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd
80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d
852244c47b6b82d337c8cbb807afac2c6de02fe178414d209c46245ed4e16b24
8ae9640e15a886ff4334fc7ed3a1c20fbfad3c5721798d1bc600272a9a6c08d5
8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9
97de983720f78a5e6819e7bbe480b8aaf15275b05ea6aa3627185eba692bac14
981242366782cfa4ca8a99613a9c9ad69b1978dd5b5be6de6bcac99fe08a9c10
9e554e5a9fb4cb8b60e0a992f50468ccd3a1ff0de992c64b502544cb77c8127e
a0afff8b1e9a111f7ac4ed18478ed3f35c94a27e8d5a503449876d99a6045023
ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
ba656b1132d990b2f984ef9f777ad4f8475948588db2dada8fa27d0f9214391a
bbe83b2df5f49db70801697c9faf53517316243c1edfc96d11686a3200e53fe9
bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e
beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4
c095c62d9872590051bb590cc40cdf1a48e4c5924a4c7ce882ef65baf6ef5d9e
c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0
c50708dbcd7c63964c592dfcf45943572e20da57738ff09f05ad4172fdabb3ca
c5538bc99a5062d3ab1d51d2d25e88d2a4be86eb7d1d705bf3267699c8cbf580
d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008
d332c5733777ab2eef7556dd7d89f1ebd5d09ff70c333712eefe2fff500bc856
d3bc21d3a058985087c6044de97dfa3425a4f7b76325126ec6e0d6c6b3075cea
d4873708aa8c2a754a8fcdbaddf9673c5cfe5f9d3ca5e08c79badc6d40e3b483
d4ace00bc3d94626ea0e9629ce3a0a401bdd23a1eaf1654c100cf4a7bbd47a40
daeb333b26e1c8fc3ae104802f7d628fd98ce1dc81f72d6668123397f034f99c
dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1
f5f07544aab13f54a9d2d440a0fd8a69944c07348bbca4b226cb47206091f32c

www.nationalobserver.com Open in urlscan Pro 2606:4700:10::6816:4d72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

92 %IPv6

10 Domains

16 Subdomains

12 IPs

4 Countries

2881 kBTransfer

4397 kBSize

15 Cookies

14 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nationalobserver.com Open in urlscan Pro
2606:4700:10::6816:4d72 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

16
Subdomains

12
IPs

4
Countries

2881 kB
Transfer

4397 kB
Size

15
Cookies

63 HTTP transactions
0 data transactions