www.nationalobserver.com Open in urlscan Pro
2606:4700:10::6816:4c72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium...
Effective URL:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium...
Submission: On December 07 via api (December 7th 2020, 1:27:41 pm UTC) from DE

Summary HTTP 67 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 67 HTTP transactions. The main IP is 2606:4700:10::6816:4c72, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nationalobserver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2020. Valid for: a year.

This is the only time www.nationalobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2606:4700:10:... 2606:4700:10::6816:4c72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:b6b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
67	14

42 2606:4700:10::6816:4c72 (United States)

ASN13335 (CLOUDFLARENET, US)

www.nationalobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	nationalobserver.com www.nationalobserver.com	4 MB
5	googlesyndication.com d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	13 KB
5	tinypass.com experience.tinypass.com cdn.tinypass.com id.tinypass.com buy.tinypass.com	130 KB
4	google-analytics.com www.google-analytics.com	52 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	99 KB
2	facebook.com www.facebook.com	334 B
2	facebook.net connect.facebook.net	93 KB
2	googletagmanager.com www.googletagmanager.com	96 KB
1	google.com adservice.google.com	803 B
1	google.ca adservice.google.ca	803 B
67	10

	Domain	Requested by
42	www.nationalobserver.com	www.nationalobserver.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.nationalobserver.com connect.facebook.net
2	connect.facebook.net	www.nationalobserver.com connect.facebook.net
2	experience.tinypass.com	www.nationalobserver.com cdn.tinypass.com
2	www.googletagmanager.com	www.nationalobserver.com www.googletagmanager.com
2	securepubads.g.doubleclick.net	www.nationalobserver.com securepubads.g.doubleclick.net
1	buy.tinypass.com	cdn.tinypass.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	id.tinypass.com	cdn.tinypass.com
1	d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ca	securepubads.g.doubleclick.net
1	cdn.tinypass.com	experience.tinypass.com
67	16

This site contains links to these domains. Also see Links.

Domain
static.nationalobserver.com
www.youtube.com
national-observer.myshopify.com
www.vancouverobserver.com
canadianjournalism.ca
www.facebook.com
twitter.com
instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.google.ca GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
Frame ID: 195C92EF8C28302D6A936EBB545758CF
Requests: 65 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLHkchzx2UChEFbS0gabZGeMQV3kpdgKo6r83iUorpC46u5lz72h05wNxdUA-ir192zxN7t4maIQqfpQ7JU9BTyihBAPFxMHAMHUwtbBt2Ti6P--iuIjYrHmunXCDBQMimQXW3uUucOBM0IRQTwo3AQK0WyzPlayVLIQcVs8jdx2vFq-LhyC4ofOzFI1RZTHIwCVubiAlDJOuqEmN4KqWCeU6bYus3CeOvvFPxI9Zp-UplHmVcSNh6W2JO4u3a3tKx50j5frKkG_qRo6Q-e4H82PoRSxYrWDzMke_bMdrxQvTS4omy0ZI8Lzi6ljo66BVWg0ctfjvAB2sFA-XF3gvHX0prWb6nwBV1X-EE_BZ4vrgUd9mwHy_Z42W9eQoC9NJDrno7zUZ8mFMHGYxwqzPL_kwS5ftAQAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I3QGIS8Qk1liE9eZiz3OVSXiYZrerLBy5Lc6cZFR50kWTn8EMhF5rxyUMXgDk8HdlR5_3GI29ci3NhtaW_lzM4dKDWcPeuVyobzm-t1YGgnSCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-xVAvs&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3De9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-e9a54ff860-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-07-14-27-23-535-XFxVXZnX4DuRr7TQ-c410e4313b8a81a1a4c2f029ec8f1012&visitId=v-2020-12-07-14-27-23-537-iiaTHy1jo7syo3uB-c410e4313b8a81a1a4c2f029ec8f1012&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=b80f434e2d
Frame ID: 28C25F956C2873E7F90731E093EDABF5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: DD40E6707DEEAFD50BA37B255D05008F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

67
Requests

100 %
HTTPS

93 %
IPv6

10
Domains

16
Subdomains

14
IPs

4
Countries

4121 kB
Transfer

5632 kB
Size

15
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://static.nationalobserver.com/digital-fractures?utm_source=website&utm_medium=home_cta&utm_campaign=regular&utm_content=button&utm_term=digital_fractures
Title: Download

Search URL Search Domain Scan URL

URL: https://static.nationalobserver.com/digital-fractures?piano_status=logged_in&utm_source=website&utm_medium=home_cta&utm_campaign=regular&utm_content=button&utm_term=digital_fractures_sub
Title: Download

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=OaFnZ2rt1hw
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=zi6ae6kZNqE
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://national-observer.myshopify.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.vancouverobserver.com/
Title: VO

Search URL Search Domain Scan URL

URL: https://canadianjournalism.ca/
Title: CCJ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nationalobserver

Search URL Search Domain Scan URL

URL: https://twitter.com/NatObserver

Search URL Search Domain Scan URL

URL: https://www.youtube.com/nationalobserver

Search URL Search Domain Scan URL

URL: https://instagram.com/natobserver/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/national-observer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.nationalobserver.com/ 75 KB
15 KB 1306ms
1286ms Document
text/html 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3797465c83f504ab421bf977255569f184ddf89f962d2f15076601b36cd9c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.nationalobserver.com
:scheme: https
:path: /?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:22 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d3958325c09a70e9590d8b86c7a645ff61607347641; expires=Wed, 06-Jan-21 13:27:21 GMT; path=/; domain=.nationalobserver.com; HttpOnly; SameSite=Lax
x-drupal-cache: MISS
x-content-type-options: nosniff
content-language: en
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-generator: Drupal 7 (http://drupal.org)
link: <https://www.nationalobserver.com/front>; rel="canonical",<https://www.nationalobserver.com/front>; rel="shortlink",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/favicon.ico>; rel="shortcut icon",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/icon-192x192.png>; rel="icon_192x192",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-iphone-114x114.png>; rel="apple-touch-icon-precomposed_114x114",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-ipad-144x144.png>; rel="apple-touch-icon-precomposed_144x144",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-ipad-152x152.png>; rel="apple-touch-icon-precomposed_152x152",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-iphone-180x180.png>; rel="apple-touch-icon-precomposed_180x180"
cache-control: public, max-age=300
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie,Accept-Encoding
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=63072000
last-modified: Mon, 07 Dec 2020 13:27:22 GMT
x-varnish: 42069387
age: 0
via: 1.1 varnish (Varnish/5.0)
x-varnish-cache: MISS
cf-cache-status: DYNAMIC
cf-request-id: 06defbb54100002b4dc2b72000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fde9568694e2b4d-FRA
content-encoding: br

GET
H2 200 proxima-nova-bold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ 22 KB
22 KB 19ms
18ms Font
text/plain 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/proxima-nova-bold.woff2

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 07 Dec 2020 13:27:22 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1549
strict-transport-security: max-age=63072000
content-length: 22128
cf-request-id: 06defbba4b00002b4d8a3e2000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011789 14480837
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5fde957078f12b4d-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 proxima-nova-regular.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/ 21 KB
21 KB 19ms
19ms Font
text/plain 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/proxima-nova-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 07 Dec 2020 13:27:22 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1549
strict-transport-security: max-age=63072000
content-length: 21700
cf-request-id: 06defbba4b00002b4db0981000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 29505681 24110464
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5fde957078f42b4d-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 proxima-nova-extrabold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/ 22 KB
22 KB 25ms
24ms Font
text/plain 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/proxima-nova-extrabold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 07 Dec 2020 13:27:22 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6895
strict-transport-security: max-age=63072000
content-length: 22404
cf-request-id: 06defbba4b00002b4db30c8000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 29906689 23950002
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5fde957078f52b4d-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ 15 KB
4 KB 19ms
18ms Stylesheet
text/css 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2785023
cf-ray: 5fde957078f82b4d-FRA
strict-transport-security: max-age=63072000
content-length: 3972
cf-request-id: 06defbba4c00002b4d8993b000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 20750402 23504547
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: text/css

GET
H2 200 css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__vUf_ik4QAZbJWPRit307QMAXz244W6C61-FsIJIafbQ__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ 215 KB
30 KB 19ms
19ms Stylesheet
text/css 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__vUf_ik4QAZbJWPRit307QMAXz244W6C61-FsIJIafbQ__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9ade90b04a5c3909a028287ba3ac9b24c8fcfbf24edde5f17fc83b4df05c85a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 243144
cf-ray: 5fde957078f92b4d-FRA
strict-transport-security: max-age=63072000
content-length: 30177
cf-request-id: 06defbba4c00002b4dce8cd000000001
last-modified: Fri, 04 Dec 2020 17:15:22 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 40442000 39818038
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: text/css

GET
H2 200 js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__7CoYRXvilNXMJmk-e7jXIAWgokbjiIeEY3cjNCCmx1w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 54 KB
18 KB 23ms
23ms Script
application/javascript 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__7CoYRXvilNXMJmk-e7jXIAWgokbjiIeEY3cjNCCmx1w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9ee367c880576cbb3dce2243f8bd3404d3c028b2a15288bbf312914ca491705

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 203773
cf-ray: 5fde957078fc2b4d-FRA
strict-transport-security: max-age=63072000
content-length: 18563
cf-request-id: 06defbba4d00002b4d9a959000000001
last-modified: Sat, 05 Dec 2020 00:40:05 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 40576042 40015035
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 6 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 369139
cf-ray: 5fde95714b602b4d-FRA
strict-transport-security: max-age=63072000
content-length: 2234
cf-request-id: 06defbbace00002b4dea924000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 36891543
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 3 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 283502
cf-ray: 5fde95716bb72b4d-FRA
strict-transport-security: max-age=63072000
content-length: 1080
cf-request-id: 06defbbadf00002b4d9a96f000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39688533 38848692
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 lji_canada.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/ 103 KB
42 KB 889ms
889ms Image
image/svg+xml 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/lji_canada.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Mon, 07 Dec 2020 13:27:24 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-ray: 5fde95718c012b4d-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06defbbaf100002b4dbd38d000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011794
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 167 KB
58 KB 28ms
27ms Script
application/javascript 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 913100
cf-ray: 5fde9570b99f2b4d-FRA
strict-transport-security: max-age=63072000
content-length: 58590
cf-request-id: 06defbba7200002b4daa03d000000001
last-modified: Thu, 26 Nov 2020 23:29:21 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 31235036 31268442
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 79 KB
22 KB 27ms
27ms Script
application/javascript 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 913099
cf-ray: 5fde9570b9a12b4d-FRA
strict-transport-security: max-age=63072000
content-length: 22203
cf-request-id: 06defbba7200002b4d8db8f000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29906692 23949604
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 8 KB
3 KB 14ms
14ms Script
application/javascript 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 913100
cf-ray: 5fde9570ea192b4d-FRA
strict-transport-security: max-age=63072000
content-length: 2871
cf-request-id: 06defbba8f00002b4dcf23d000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 31235038 24110414
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 24 KB
7 KB 23ms
23ms Script
application/javascript 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 913100
cf-ray: 5fde9570fa532b4d-FRA
strict-transport-security: max-age=63072000
content-length: 7105
cf-request-id: 06defbba9d00002b4dcf23e000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 20149087 23949976
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 31 KB
9 KB 23ms
22ms Script
application/javascript 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 283502
cf-ray: 5fde95712ae02b4d-FRA
strict-transport-security: max-age=63072000
content-length: 8727
cf-request-id: 06defbbaba00002b4d9181c000000001
last-modified: Fri, 27 Nov 2020 02:10:44 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39946045
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 pubads_impl_2020120201.js Show response
securepubads.g.doubleclick.net/gpt/ 278 KB
98 KB 116ms
60ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__7CoYRXvilNXMJmk-e7jXIAWgokbjiIeEY3cjNCCmx1w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

05512d815f46a3dd0e9aaa163dad6808ea2c7d43c89fe74b821c879c4b1b5046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 09:38:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100031
x-xss-protection: 0
expires: Mon, 07 Dec 2020 13:27:23 GMT

GET
H2 200 logo_header.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ 6 KB
3 KB 15ms
15ms Image
image/svg+xml 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/logo_header.svg

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__vUf_ik4QAZbJWPRit307QMAXz244W6C61-FsIJIafbQ__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__vUf_ik4QAZbJWPRit307QMAXz244W6C61-FsIJIafbQ__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 07 Dec 2020 13:27:23 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1549
cf-ray: 5fde95721d792b4d-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06defbbb5300002b4daaa3b000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 20149092 28765569
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 national_observer_podcast_image_02.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/12/04/ 1 MB
1 MB 1269ms
1268ms Image
image/png 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/12/04/national_observer_podcast_image_02.png?itok=F7AF5uTM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8159da4270b46b0b12a9492ef295b72247905dfdecba777a9b0f1dee0d26a8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/png
strict-transport-security: max-age=63072000
content-length: 1335496
cf-request-id: 06defbbbaa00002b4daaa4a000000001
last-modified: Fri, 04 Dec 2020 20:28:30 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 43033144 42549878
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572af3c2b4d-FRA

GET
H2 200 dr._lem_main.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2020/12/04/ 542 KB
543 KB 1253ms
1252ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2020/12/04/dr._lem_main.jpg?itok=ouboxbTy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2db7bdf3364f27430b4403265b23d053e2c376709a3df925a0f1e2163669b78f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 555013
cf-request-id: 06defbbba800002b4dce8f9000000001
last-modified: Mon, 07 Dec 2020 13:17:07 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 43156548 42994194
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572af402b4d-FRA

GET
H2 200 181003_-_cos_-_steve_clark_-_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/04/ 119 KB
119 KB 1038ms
1037ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/04/181003_-_cos_-_steve_clark_-_1.jpg?itok=F-94Vvtg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f5b56d5d0d7bf0fd4cbcfc4982c285c065291ad14c5a7c2a21e0fc9b9155fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 121644
cf-request-id: 06defbbba800002b4dc2832000000001
last-modified: Thu, 05 Nov 2020 00:41:33 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 41008300 43128478
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572af432b4d-FRA

GET
H2 200 elk8zluxuay7iw8_0.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ 102 KB
102 KB 1093ms
1092ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/elk8zluxuay7iw8_0.jpeg?itok=Rtwj1aEF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995aeff23713dfc6392cc98e8f9c74e0cf4b84e16f3184a870f8f0d53a1b556b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 104361
cf-request-id: 06defbbba800002b4dbc855000000001
last-modified: Mon, 07 Dec 2020 11:10:44 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38794311 42230918
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572af472b4d-FRA

GET
H2 200 fiscal_anchorcropped_shutterstock_1780539335_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ 165 KB
165 KB 1197ms
1197ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/fiscal_anchorcropped_shutterstock_1780539335_1.jpg?itok=qcSBlh1L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2cc19a8374f51559e762cfb83103cd1ef855b6d5d13fe99e8f796535266791b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 168904
cf-request-id: 06defbbba800002b4d8a92d000000001
last-modified: Mon, 07 Dec 2020 11:17:52 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38794314 42846360
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572af482b4d-FRA

GET
H2 200 ghost_gear_in_maine_-_alexa_goodman_4_mp.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ 132 KB
132 KB 1030ms
1029ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ghost_gear_in_maine_-_alexa_goodman_4_mp.jpg?itok=MSlSfaRI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014b3e27de494c82bea3c412a19d4c5453b2e21ccd5520b19b864269711d3a44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 135079
cf-request-id: 06defbbba900002b4df4b55000000001
last-modified: Mon, 07 Dec 2020 11:15:53 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42448215 42846370
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572af492b4d-FRA

GET
H2 200 rjb11970573.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/07/06/ 15 KB
16 KB 896ms
894ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/07/06/rjb11970573.jpg?itok=Qs9FbRE8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8a820b6eaa5f853e33f05d25200ac78d72d0ec600c583512361a3bbedaea43

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=105690
cf-ray: 5fde9572cf8d2b4d-FRA
content-disposition: inline; filename="rjb11970573.webp"
vary: Accept
content-length: 15700
cf-request-id: 06defbbbbb00002b4db09b0000000001
last-modified: Sun, 06 Dec 2020 15:15:54 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 41476423 42354566
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 20201205141224-5fcbde78f0eecdad4adcc1ffjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/06/ 114 KB
115 KB 1153ms
1151ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/06/20201205141224-5fcbde78f0eecdad4adcc1ffjpeg.jpg?itok=z2a07MlE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da5c0b2a766c22cfefc2d860f81e0d3070db9b3d1cc8855c5f2786b69e097827

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 117064
cf-request-id: 06defbbbbc00002b4dba1c8000000001
last-modified: Sun, 06 Dec 2020 15:07:13 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42069400 43128437
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572cf8f2b4d-FRA

GET
H2 200 bc_ferry_loading_main_deck.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ 149 KB
149 KB 1192ms
1190ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/bc_ferry_loading_main_deck.jpg?itok=zaV_zCxW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49284bb366958716de45b05bf6183f453429aad675288c7bba59306b083e85f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 152362
cf-request-id: 06defbbbbc00002b4dce04d000000001
last-modified: Sat, 05 Dec 2020 01:44:47 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42846478 42069244
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572cf902b4d-FRA

GET
H2 200 2020120410120-5fca4ef57ad13735596783ccjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ 103 KB
103 KB 1200ms
1199ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/2020120410120-5fca4ef57ad13735596783ccjpeg.jpg?itok=dO29NSdd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf3668dc254abf86667abe19ddc8f6d0d2cc120bcfb7989382dde3539904b1cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 105537
cf-request-id: 06defbbbbd00002b4db30ee000000001
last-modified: Fri, 04 Dec 2020 20:36:26 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42257578 42257534
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572cf922b4d-FRA

GET
H2 200 201204_tenant_protest.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 200 KB
200 KB 1188ms
1187ms Image
image/png 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/201204_tenant_protest.png?itok=sGyYccCw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0513de7446a33420fc157450a47446bf4939aafbea5ecb8f3457d71ceab846

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/png
strict-transport-security: max-age=63072000
content-length: 204902
cf-request-id: 06defbbbbd00002b4daaa4e000000001
last-modified: Fri, 04 Dec 2020 15:17:56 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42230994 42230875
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9572cf972b4d-FRA

GET
H2 200 20201202221248-5fc860240a5307b0ef43fb92jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 8 KB
8 KB 824ms
823ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/20201202221248-5fc860240a5307b0ef43fb92jpeg.jpg?itok=SbLB3KHn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

005a9e50b27cc1e283e22e4fbb909bf772540406c9c5bc95e448183badbb2e28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=74524
cf-ray: 5fde9572cf982b4d-FRA
content-disposition: inline; filename="20201202221248-5fc860240a5307b0ef43fb92jpeg.webp"
vary: Accept
content-length: 8298
cf-request-id: 06defbbbbd00002b4dce8fb000000001
last-modified: Thu, 03 Dec 2020 13:57:12 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 42834397
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 20201203141224-5fc93bf75e3dadb04534ded8jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ 15 KB
15 KB 865ms
864ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/20201203141224-5fc93bf75e3dadb04534ded8jpeg.jpg?itok=kFPhnKFe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e490897f21d56fe35ad7028d6104d11a9193e58e6872764d56f78d814198675

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=112007
cf-ray: 5fde9572cf9b2b4d-FRA
content-disposition: inline; filename="20201203141224-5fc93bf75e3dadb04534ded8jpeg.webp"
vary: Accept
content-length: 15526
cf-request-id: 06defbbbbe00002b4d8a931000000001
last-modified: Fri, 04 Dec 2020 13:51:43 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 42962934 42086812
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 20201020161048-5f8f4d16c09fa369382a6e3ajpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/20/ 13 KB
14 KB 848ms
847ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/20/20201020161048-5f8f4d16c09fa369382a6e3ajpeg.jpg?itok=SAaCCTvR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06091d2d68425c5493c423bd22a31fdc8c8c39a148da84046a9a5b92ed27fcb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=94636
cf-ray: 5fde9572cf9e2b4d-FRA
content-disposition: inline; filename="20201020161048-5f8f4d16c09fa369382a6e3ajpeg.webp"
vary: Accept
content-length: 13752
cf-request-id: 06defbbbbe00002b4dcf265000000001
last-modified: Thu, 03 Dec 2020 14:03:20 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 42205692 40598746
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
45 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

767fc87068fa115f4b331a14ed3005d1bb71d54cdb0684f5ac104da6d34d4943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46278
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Dec 2020 13:27:23 GMT

GET
H2 200 logo_footer.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ 6 KB
3 KB 20ms
20ms Image
image/svg+xml 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/logo_footer.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__vUf_ik4QAZbJWPRit307QMAXz244W6C61-FsIJIafbQ__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 07 Dec 2020 13:27:23 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6896
cf-ray: 5fde9572effc2b4d-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06defbbbd400002b4d8a01b000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011806 31235028
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 23ms
23ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=Z9bvuPACYA

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 719
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06defbbbed0000d6d9ba3b3000000001
x-request-id: Cot0zkqp7CY
wn: prod-exp-10-0-85-234
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 5fde95731909d6d9-FRA
expires: Mon, 07 Dec 2020 13:57:23 GMT

GET
H2 200 2020120318128-54670e61b56f5f2144bb6fb244a491f7560452dabccf80a9a6909e0d502f46c6.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ 10 KB
10 KB 810ms
807ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/2020120318128-54670e61b56f5f2144bb6fb244a491f7560452dabccf80a9a6909e0d502f46c6.jpg?itok=js4W3EQI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1916fe808362b08a11ad58504cc4b9c71368e4f528ed2f2de2b81944dd27cfa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=74871
cf-ray: 5fde9573490b2b4d-FRA
content-disposition: inline; filename="2020120318128-54670e61b56f5f2144bb6fb244a491f7560452dabccf80a9a6909e0d502f46c6.webp"
vary: Accept
content-length: 9852
cf-request-id: 06defbbc1100002b4dadbdf000000001
last-modified: Fri, 04 Dec 2020 13:33:15 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 41221804 38791626
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 img_2522-57.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 29 KB
29 KB 788ms
785ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/img_2522-57.jpg?itok=DkmKNjVc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aab2a7bcefc050a409672ec537c23333a312439d36595e3041ca0ffa27a0050

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 07 Dec 2020 13:27:24 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=167830, status=webp_bigger
cf-ray: 5fde9573490c2b4d-FRA
strict-transport-security: max-age=63072000
content-length: 29563
cf-request-id: 06defbbc1100002b4dbdbc5000000001
last-modified: Fri, 04 Dec 2020 11:16:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 38792835 42022166
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 doctor_bonnie_henry_dec_covid_briefing.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 22 KB
22 KB 880ms
878ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/doctor_bonnie_henry_dec_covid_briefing.jpg?itok=9iy66PM5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba404e05fa1982f8ecd46594ccce3b4fd1dfa6254abde0724b258fcb5c295ef1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=135861
cf-ray: 5fde9573490d2b4d-FRA
content-disposition: inline; filename="doctor_bonnie_henry_dec_covid_briefing.webp"
vary: Accept
content-length: 22524
cf-request-id: 06defbbc1200002b4db5a7d000000001
last-modified: Fri, 04 Dec 2020 11:16:44 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 41995061 42840345
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 ciat_gene_bank_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ 70 KB
70 KB 1257ms
1254ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ciat_gene_bank_0.jpg?itok=_Jc9w6p0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4989faa43ccca1f974716283a15c80397cada4ae35d83707b5552f0b2b531c38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 71794
cf-request-id: 06defbbc1200002b4dce059000000001
last-modified: Fri, 04 Dec 2020 11:15:32 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42710485 42994139
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fde9573490f2b4d-FRA

GET
H2 200 sophiahu2_3.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/12/02/ 37 KB
37 KB 889ms
887ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/12/02/sophiahu2_3.jpg?itok=THPAjwAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2533bdfc95048ef071dcc5e86fbec139e966ae8c889ec3f7d74c4faaba8a006b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=248931
cf-ray: 5fde957349102b4d-FRA
content-disposition: inline; filename="sophiahu2_3.webp"
vary: Accept
content-length: 37728
cf-request-id: 06defbbc1200002b4daaa5b000000001
last-modified: Fri, 04 Dec 2020 16:58:27 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 42514171 42834395
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/ 36 KB
36 KB 851ms
849ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg?itok=_-yTTlhZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fc9efbd7e62f925da9298da7d58262e218a4698a6b5f2f46a6b09f7e963b6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 07 Dec 2020 13:27:24 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=191635, status=webp_bigger
cf-ray: 5fde957349112b4d-FRA
strict-transport-security: max-age=63072000
content-length: 36552
cf-request-id: 06defbbc1200002b4da3bae000000001
last-modified: Tue, 05 Nov 2019 01:58:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 40405994 39562648
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 bugaboo_creek_clearcut.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ 31 KB
32 KB 803ms
801ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/bugaboo_creek_clearcut.jpg?itok=dENkuCMc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Mon, 07 Dec 2020 13:27:24 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=144624, status=webp_bigger
cf-ray: 5fde957349152b4d-FRA
strict-transport-security: max-age=63072000
content-length: 32128
cf-request-id: 06defbbc1200002b4de3030000000001
last-modified: Mon, 26 Oct 2020 12:52:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29692636
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 img_9448.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ 30 KB
30 KB 821ms
820ms Image
image/jpeg 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/img_9448.jpg?itok=-hBaZ1RN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Mon, 07 Dec 2020 13:27:24 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=141104, status=webp_bigger
cf-ray: 5fde957349172b4d-FRA
strict-transport-security: max-age=63072000
content-length: 30428
cf-request-id: 06defbbc1300002b4d9009d000000001
last-modified: Fri, 23 Oct 2020 16:37:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39947274
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 393 KB
124 KB 27ms
26ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=Z9bvuPACYA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe4d27f1e989c5a6cb13084af3961ddd488ad0cbfdecf5b1c920a9316423b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06defbbc3a0000d6d970828000000001
wn: prod-dash-10-0-81-85
last-modified: Fri, 04 Dec 2020 15:59:38 GMT
server: cloudflare
etag: W/"402545-1607097578000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 5fde95738a2ad6d9-FRA
expires: Mon, 07 Dec 2020 13:32:23 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 46ms
31ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TNN7SJH0J9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60fb90ce2e74a758518d298397b0a18a738c521d2e1b9054e3d45f96fe4e1de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51854
x-xss-protection: 0
expires: Mon, 07 Dec 2020 13:27:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2253
date: Mon, 07 Dec 2020 12:49:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 07 Dec 2020 14:49:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: XKxeRmPm5EGg6xTaQHJrF/yyg1r5LOgQqzFRUL1pMX0oqArDv7JkDIpeUPPQ4ihSB+7mFLusLD6TswHGu+OsLQ==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 13:27:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 84 KB
34 KB 50ms
36ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WFJVCJJ&t=gtm2&cid=1830286564.1607347643

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4ace00bc3d94626ea0e9629ce3a0a401bdd23a1eaf1654c100cf4a7bbd47a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34189
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Dec 2020 13:27:23 GMT

GET
H2 200 161351677799122 Show response
connect.facebook.net/signals/config/ 238 KB
70 KB 57ms
56ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/161351677799122?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6KtNLXvGt/95IUCxdb5i8z3FOeDSeRP6mNRUCzCzmEB0FdTYSNt7T6U/LN0FS0S1NfB5Ln2EL1ixZGMt+jKFcw==
x-fb-trip-id: 603378373
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 07 Dec 2020 13:27:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1747440604
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
123 B 13ms
13ms Other
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TNN7SJH0J9&gtm=2oeb41&_p=1551846412&sr=1600x1200&ul=en-us&cid=1830286564.1607347643&_s=1&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3De9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-e9a54ff860-277178234&dr=&dt=Home%20%7C%20National%20Observer&sid=1607347643&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TNN7SJH0J9&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 13:27:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 109 B
803 B 51ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.nationalobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 34ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nationalobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
1004 B 120ms
89ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4126985494091345&correlator=1498149047062722&output=ldjh&impl=fifs&vrg=2020120201&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201207&iu_parts=1086440%2Cnatobs_main_body_bottom%2Cnatobs_main_body_middle%2Cnatobs_main_body_top&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3&prev_iu_szs=970x250%7C728x90%2C970x250%7C728x90%2C970x250%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1607347642&dt=1607347643577&dlt=1607347642950&idt=249&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C315&adys=3944%2C3285%2C1754&adks=2171609318%2C1768474810%2C3015429365&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3De9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-e9a54ff860-277178234&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C1600x250&msz=1600x250%7C1600x250%7C1600x250&ga_vid=1830286564.1607347643&ga_sid=1607347644&ga_hid=1551846412&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

c7cebcaad8b823a885c4b3b0b332ea3adb2263491f88509dd3f13e7a6df89f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 51ms
16ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 testing.00_00_57_14.still022_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/09/14/ 50 KB
50 KB 802ms
801ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/09/14/testing.00_00_57_14.still022_0.jpg?itok=zZ64BTj2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef3d90ec313b167646475aff55c4bf5e395e7d25f07ae897a874dd9e4c5f1672

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=323340
cf-ray: 5fde95747c9e2b4d-FRA
content-disposition: inline; filename="testing.webp"
vary: Accept
content-length: 51232
cf-request-id: 06defbbccc00002b4df6a8f000000001
last-modified: Sat, 28 Nov 2020 16:08:32 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 39905645 39905606
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 benefits-of-fuel-cells.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/08/17/ 31 KB
31 KB 848ms
847ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/08/17/benefits-of-fuel-cells.jpg?itok=A9oujYQS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

244d16a08703807b0c8d7a435dd33d54bbee11e0cae7238a40b0d48d0087800a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=163180
cf-ray: 5fde95747ca02b4d-FRA
content-disposition: inline; filename="benefits-of-fuel-cells.webp"
vary: Accept
content-length: 31500
cf-request-id: 06defbbccd00002b4df3af8000000001
last-modified: Tue, 18 Aug 2020 10:14:00 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 42863712 40200448
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 untitled-2.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/05/28/ 18 KB
18 KB 801ms
801ms Image
image/webp 2606:4700:10::6816:4c72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/05/28/untitled-2.jpeg?itok=pCP-3YnP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4398d8160e34899a97b7f90f86dd1b9bab3d81eec5ee358a34ca60e91b8b4c2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=130138
cf-ray: 5fde95747ca22b4d-FRA
content-disposition: inline; filename="untitled-2.webp"
vary: Accept
content-length: 18318
cf-request-id: 06defbbccd00002b4daaa6e000000001
last-modified: Thu, 28 May 2020 14:46:12 GMT
server: cloudflare
date: Mon, 07 Dec 2020 13:27:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 42014321 42248240
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
73 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1551846412&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3De9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-e9a54ff860-277178234&ul=en-us&de=UTF-8&dt=Home%20%7C%20National%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1225022091&gjid=1258012604&cid=1830286564.1607347643&tid=UA-59182232-1&_gid=930514493.1607347643&_r=1&gtm=2wgb41K2JMB7M&z=2059685657

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 13:27:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 208 B
1021 B 135ms
134ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery112406448489097388521_1607347643512&client_id=Z9bvuPACYA&token=&site=https%3A%2F%2Fwww.nationalobserver.com&_=1607347643513

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5801b901f88b3bd5cb8668526f696cf2bf063c2b3083826ed8528c364731835

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06defbbcdb0000d6d9cd162000000001
x-request-id: Cnd1zkq71g6
pragma: no-cache
wn: prod-id-10-0-115-57
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.004
cf-ray: 5fde95749c39d6d9-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=161351677799122&ev=PageView&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3De9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-e9a54ff860-277178234&rl=&if=false&ts=1607347643623&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607347643621.639216368&it=1607347643492&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 13:27:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-59182232-1&cid=1830286564.1607347643&jid=1225022091&gjid=1258012604&_gid=930514493.1607347643&_u=aGDAAEACQAAAAC~&z=781496922

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Dec 2020 13:27:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 7 KB
3 KB 133ms
132ms XHR
application/json 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=Z9bvuPACYA

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8545f1429626818614f9c6de8a27a39c625bbb89da097d0f524baf27880ef9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 07 Dec 2020 13:27:23 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06defbbd6b0000d6d9b7969000000001
x-request-id: Cnd1zkqoFQ8
pragma: no-cache
wn: prod-exp-10-0-139-116
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fde95757e2ed6d9-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 show
buy.tinypass.com/checkout/template/ Frame 28C2 0
0 149ms
148ms Document
text/html 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLHkchzx2UChEFbS0gabZGeMQV3kpdgKo6r83iUorpC46u5lz72h05wNxdUA-ir192zxN7t4maIQqfpQ7JU9BTyihBAPFxMHAMHUwtbBt2Ti6P--iuIjYrHmunXCDBQMimQXW3uUucOBM0IRQTwo3AQK0WyzPlayVLIQcVs8jdx2vFq-LhyC4ofOzFI1RZTHIwCVubiAlDJOuqEmN4KqWCeU6bYus3CeOvvFPxI9Zp-UplHmVcSNh6W2JO4u3a3tKx50j5frKkG_qRo6Q-e4H82PoRSxYrWDzMke_bMdrxQvTS4omy0ZI8Lzi6ljo66BVWg0ctfjvAB2sFA-XF3gvHX0prWb6nwBV1X-EE_BZ4vrgUd9mwHy_Z42W9eQoC9NJDrno7zUZ8mFMHGYxwqzPL_kwS5ftAQAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I3QGIS8Qk1liE9eZiz3OVSXiYZrerLBy5Lc6cZFR50kWTn8EMhF5rxyUMXgDk8HdlR5_3GI29ci3NhtaW_lzM4dKDWcPeuVyobzm-t1YGgnSCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-xVAvs&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3De9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-e9a54ff860-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-07-14-27-23-535-XFxVXZnX4DuRr7TQ-c410e4313b8a81a1a4c2f029ec8f1012&visitId=v-2020-12-07-14-27-23-537-iiaTHy1jo7syo3uB-c410e4313b8a81a1a4c2f029ec8f1012&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=b80f434e2d

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLHkchzx2UChEFbS0gabZGeMQV3kpdgKo6r83iUorpC46u5lz72h05wNxdUA-ir192zxN7t4maIQqfpQ7JU9BTyihBAPFxMHAMHUwtbBt2Ti6P--iuIjYrHmunXCDBQMimQXW3uUucOBM0IRQTwo3AQK0WyzPlayVLIQcVs8jdx2vFq-LhyC4ofOzFI1RZTHIwCVubiAlDJOuqEmN4KqWCeU6bYus3CeOvvFPxI9Zp-UplHmVcSNh6W2JO4u3a3tKx50j5frKkG_qRo6Q-e4H82PoRSxYrWDzMke_bMdrxQvTS4omy0ZI8Lzi6ljo66BVWg0ctfjvAB2sFA-XF3gvHX0prWb6nwBV1X-EE_BZ4vrgUd9mwHy_Z42W9eQoC9NJDrno7zUZ8mFMHGYxwqzPL_kwS5ftAQAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I3QGIS8Qk1liE9eZiz3OVSXiYZrerLBy5Lc6cZFR50kWTn8EMhF5rxyUMXgDk8HdlR5_3GI29ci3NhtaW_lzM4dKDWcPeuVyobzm-t1YGgnSCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-xVAvs&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3De9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-e9a54ff860-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-07-14-27-23-535-XFxVXZnX4DuRr7TQ-c410e4313b8a81a1a4c2f029ec8f1012&visitId=v-2020-12-07-14-27-23-537-iiaTHy1jo7syo3uB-c410e4313b8a81a1a4c2f029ec8f1012&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=b80f434e2d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234

Response headers

date: Mon, 07 Dec 2020 13:27:24 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.008
set-cookie: LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-94-11
x-forwarded-https: on
x-request-id: Cod1zkqWwyW
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-request-id: 06defbbe0e0000d6d95e21d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fde9576782fd6d9-FRA
content-encoding: br

POST
H2 200 /
www.facebook.com/tr/ 0
77 B 7ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary5JWtv5SzR0AUkbQq

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 13:27:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
19ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dce8d555c31ffcff1f0b9e87617ed08e5c1093cd483255679b764a157045ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 13:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6465
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 07 Dec 2020 13:27:24 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame DD40 0
0 33ms
20ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 07 Dec 2020 12:33:51 GMT
expires: Tue, 07 Dec 2021 12:33:51 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3213
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 15ms
15ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120201&jk=4126985494091345&bg=!HR6lHj7NAAUbEDgJG1gCEoAONiRYVAIAAACXUgAAABVoAQcKAH1NwwQLuNqnZSISwkTf6YcSYZ7eMZZDzvtwfOOk3DLknDf-mnzEY1pS_sciYwj-wJTxkvMB5UKE3iS6t0J9uHB-8TVSWofiEEwTlUhep18EB_k26UpdQPcw-qvwMNdCxbInvObCNU20VkYhsgOrK1mkyEoJ8gy9fNTINjagp5kBwZ98HP0S1dgD-VoO_n9qVXyHRlyH-RWt9fD0x17Kz-SNK5Ewh53XubHWtLX7OnbF_Q4B_8uiBRnpsPpYEo0Tw5yXjU2SxdmlGIVjUmu_jYGib3suldr1vl-J8-aRw0aZfI66xltLNjD3P-J-Yk2wPGCmQaw8JGyQif1UO95di1qNQFV_Fp5EhwJaAX1aVqtDq72Sed3si62TDRY8e_K1an2Alvw2VAC4jyMWyEJPm2QCOYCU1SoFNX9ts8QaCqPvD_l2JRBx-TcM8ozJPjR6XV8Ua5CYOb3lHllfBvRYqLqbOEXYtxry2ZHaFwsdMHFOMwXSkVlHk0LFhqwgYRRbmH6AiZ3FhTpDlignOWAv866uGJWiHGAC1_88FmtnOvUlLxZJwaiJhPir-J6mdEr9ohV5kfNoGdakWZPrC41Th4D2Yig-OuyVLbpqDdVGoG8Iuf38KvV4VZVJPKqq2cleQiC9pz9CxZKjHQopDCtb6aE3pUcAgv7Dwtyt9Hq2tN-LG76Nd-ccgr8NJs1TXRkOaqW38Br6uer361HxiDerH8rLnQOTUp0Q5hXypxPb9wz6s5mgO8JGk-FIiZDwT75-Kp2B

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 13:27:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nationalobserver.com/	1970-01-19 14:30:34	Name: __pvi Value: %7B%22id%22%3A%22v-2020-12-07-14-27-23-537-iiaTHy1jo7syo3uB-c410e4313b8a81a1a4c2f029ec8f1012%22%2C%22domain%22%3A%22.nationalobserver.com%22%2C%22time%22%3A1607347643889%7D
.nationalobserver.com/	1970-01-19 23:50:43	Name: __gads Value: ID=bc39e296dc32deaf-224b2ac458b9003d:T=1607347643:S=ALNI_MZBqnFJ8w7NAYWJZQsVkjTztwu49w
.tinypass.com/	1970-01-21 02:29:07	Name: LANG Value: en_US
www.nationalobserver.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.nationalobserver.com/	1970-01-19 14:29:07	Name: _gat_UA-59182232-1 Value: 1
.nationalobserver.com/	1970-01-20 08:00:19	Name: _ga Value: GA1.2.1830286564.1607347643
.nationalobserver.com/	1970-01-20 08:00:19	Name: _ga_TNN7SJH0J9 Value: GS1.1.1607347643.1.0.1607347643.0
.nationalobserver.com/	1970-01-20 08:00:19	Name: __tbc Value: %7Bjzx%7Di4cQEliGphDucRXKRMu_I3QGIS8Qk1liE9eZiz3OVSXiYZrerLBy5Lc6cZFR50kWTn8EMhF5rxyUMXgDk8HdlR5_3GI29ci3NhtaW_lzM4dKDWcPeuVyobzm-t1YGgnSCVG_RXn-uiONfDaQYYJiQw
www.nationalobserver.com/	1969-12-31 23:59:59	Name: _pc_nat_brief Value: nosub
.nationalobserver.com/	1970-01-20 08:00:19	Name: xbc Value: %7Bjzx%7Dc9TIG17mMMcS93JkVF9a--gbnkfPyaiKffFmoIJ1RYsYzgNDvRkFcCUDrjrYDcfIJilLjYultg2YNVkHwX1gakj1nBN_aA-UJvSFn_H2iv9C-tZPZi64C_nP7C8dNTwko8xZJFGi3TvBoKDuT4tf8lFFkktBKNKRz0NOIimq90R37hFFKi7rZHUN2neyAVOSHoQQFhAKn0VqTFAHZ2kHpS1eb8JPhn6Zvo-Cz0ABJGqaoqTB3XzPY2BYD1yFo5woyteU3trKTmOWCVl6Ke609qusXOpzryIEqQ7AIxqW89-3NkwkvZgHYSPkUTom6T-ONhNLijgJfBwchIOfSyWyvjHkMubwwUlEY37pXEa1Jj-TBdbjVCARyUVQe6j2yz2J
.nationalobserver.com/	1970-01-19 16:38:43	Name: _fbp Value: fb.1.1607347643621.639216368
.nationalobserver.com/	1970-01-19 14:30:34	Name: _gid Value: GA1.2.930514493.1607347643
.nationalobserver.com/	1970-01-19 15:12:19	Name: __pat Value: -18000000
.tinypass.com/	1970-01-19 14:30:34	Name: LANG_CHANGED Value: en_US
.nationalobserver.com/	1970-01-19 15:12:19	Name: __cfduid Value: d3958325c09a70e9590d8b86c7a645ff61607347641

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
buy.tinypass.com
cdn.tinypass.com
connect.facebook.net
d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com
experience.tinypass.com
id.tinypass.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nationalobserver.com
172.217.18.162
2606:4700:10::6816:4c72
2606:4700::6811:b6b1
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:817::2001
2a00:1450:4001:817::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c07::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
005a9e50b27cc1e283e22e4fbb909bf772540406c9c5bc95e448183badbb2e28
014b3e27de494c82bea3c412a19d4c5453b2e21ccd5520b19b864269711d3a44
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05512d815f46a3dd0e9aaa163dad6808ea2c7d43c89fe74b821c879c4b1b5046
06091d2d68425c5493c423bd22a31fdc8c8c39a148da84046a9a5b92ed27fcb4
0dce8d555c31ffcff1f0b9e87617ed08e5c1093cd483255679b764a157045ab6
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138
244d16a08703807b0c8d7a435dd33d54bbee11e0cae7238a40b0d48d0087800a
2533bdfc95048ef071dcc5e86fbec139e966ae8c889ec3f7d74c4faaba8a006b
2b8a820b6eaa5f853e33f05d25200ac78d72d0ec600c583512361a3bbedaea43
2db7bdf3364f27430b4403265b23d053e2c376709a3df925a0f1e2163669b78f
35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d
39fc9efbd7e62f925da9298da7d58262e218a4698a6b5f2f46a6b09f7e963b6f
3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19
4398d8160e34899a97b7f90f86dd1b9bab3d81eec5ee358a34ca60e91b8b4c2d
44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50
49284bb366958716de45b05bf6183f453429aad675288c7bba59306b083e85f7
4989faa43ccca1f974716283a15c80397cada4ae35d83707b5552f0b2b531c38
4e490897f21d56fe35ad7028d6104d11a9193e58e6872764d56f78d814198675
51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64
5aab2a7bcefc050a409672ec537c23333a312439d36595e3041ca0ffa27a0050
60fb90ce2e74a758518d298397b0a18a738c521d2e1b9054e3d45f96fe4e1de9
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9
767fc87068fa115f4b331a14ed3005d1bb71d54cdb0684f5ac104da6d34d4943
7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd
7f3797465c83f504ab421bf977255569f184ddf89f962d2f15076601b36cd9c8
80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d
8545f1429626818614f9c6de8a27a39c625bbb89da097d0f524baf27880ef9e3
8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9
97f5b56d5d0d7bf0fd4cbcfc4982c285c065291ad14c5a7c2a21e0fc9b9155fe
995aeff23713dfc6392cc98e8f9c74e0cf4b84e16f3184a870f8f0d53a1b556b
a1916fe808362b08a11ad58504cc4b9c71368e4f528ed2f2de2b81944dd27cfa
ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c
afe4d27f1e989c5a6cb13084af3961ddd488ad0cbfdecf5b1c920a9316423b07
b5801b901f88b3bd5cb8668526f696cf2bf063c2b3083826ed8528c364731835
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
ba404e05fa1982f8ecd46594ccce3b4fd1dfa6254abde0724b258fcb5c295ef1
bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e
beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4
bf3668dc254abf86667abe19ddc8f6d0d2cc120bcfb7989382dde3539904b1cf
c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0
c7cebcaad8b823a885c4b3b0b332ea3adb2263491f88509dd3f13e7a6df89f51
cf0513de7446a33420fc157450a47446bf4939aafbea5ecb8f3457d71ceab846
d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008
d2cc19a8374f51559e762cfb83103cd1ef855b6d5d13fe99e8f796535266791b
d4ace00bc3d94626ea0e9629ce3a0a401bdd23a1eaf1654c100cf4a7bbd47a40
d9ade90b04a5c3909a028287ba3ac9b24c8fcfbf24edde5f17fc83b4df05c85a
d9ee367c880576cbb3dce2243f8bd3404d3c028b2a15288bbf312914ca491705
da5c0b2a766c22cfefc2d860f81e0d3070db9b3d1cc8855c5f2786b69e097827
dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8159da4270b46b0b12a9492ef295b72247905dfdecba777a9b0f1dee0d26a8e
ef3d90ec313b167646475aff55c4bf5e395e7d25f07ae897a874dd9e4c5f1672
ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1

www.nationalobserver.com Open in urlscan Pro 2606:4700:10::6816:4c72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

93 %IPv6

10 Domains

16 Subdomains

14 IPs

4 Countries

4121 kBTransfer

5632 kBSize

15 Cookies

12 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nationalobserver.com Open in urlscan Pro
2606:4700:10::6816:4c72 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

93 %
IPv6

10
Domains

16
Subdomains

14
IPs

4
Countries

4121 kB
Transfer

5632 kB
Size

15
Cookies

67 HTTP transactions
0 data transactions