www.thenewsobserver.com Open in urlscan Pro
104.196.37.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thenewsobserver.com/
Effective URL:
https://www.thenewsobserver.com/
Submission: On June 12 via api (June 12th 2024, 9:13:01 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 51 HTTP transactions. The main IP is 104.196.37.2, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is www.thenewsobserver.com.
TLS certificate: Issued by R10 on June 9th 2024. Valid for: 3 months.

This is the only time www.thenewsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	104.196.37.2 104.196.37.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	20.150.38.36 20.150.38.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.172.112.27 18.172.112.27	16509 (AMAZON-02) (AMAZON-02)
1	52.217.87.134 52.217.87.134	16509 (AMAZON-02) (AMAZON-02)
3	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 1	18.245.86.62 18.245.86.62	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:275... 2600:9000:275b:9a00:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	18.157.128.118 18.157.128.118	16509 (AMAZON-02) (AMAZON-02)
1	151.101.195.52 151.101.195.52	54113 (FASTLY) (FASTLY)
51	13

26 104.196.37.2 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 2.37.196.104.bc.googleusercontent.com

www.thenewsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.38.36 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

etypeproductionstorage1.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.112.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-27.fra60.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.87.134 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.62 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-62.fra60.r.cloudfront.net

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:275b:9a00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.128.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-128-118.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.195.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdnres.willyweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	thenewsobserver.com www.thenewsobserver.com	1 MB
9	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4992 api.cmp.inmobi.com — Cisco Umbrella Rank: 16880	220 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	174 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4534	28 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	166 KB
1	willyweather.com cdnres.willyweather.com — Cisco Umbrella Rank: 82338
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 9107	605 B
1	amazonaws.com s3.amazonaws.com	140 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 7324	2 KB
1	windows.net etypeproductionstorage1.blob.core.windows.net — Cisco Umbrella Rank: 294365	214 KB
0	adatoolbar.com Failed adatoolbar.com Failed
51	12

	Domain	Requested by
26	www.thenewsobserver.com	www.thenewsobserver.com
8	cmp.inmobi.com	www.thenewsobserver.com cmp.quantcast.com cmp.inmobi.com
3	securepubads.g.doubleclick.net	www.thenewsobserver.com securepubads.g.doubleclick.net
3	static.addtoany.com	www.thenewsobserver.com static.addtoany.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.thenewsobserver.com www.googletagmanager.com
1	cdnres.willyweather.com	www.thenewsobserver.com
1	api.cmp.inmobi.com	cmp.inmobi.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cmp.quantcast.com	1 redirects
1	s3.amazonaws.com	www.thenewsobserver.com
1	cdn-images.mailchimp.com	www.thenewsobserver.com
1	etypeproductionstorage1.blob.core.windows.net	www.thenewsobserver.com
0	adatoolbar.com Failed	www.thenewsobserver.com
51	14

This site contains links to these domains. Also see Links.

Domain
thenewsobserver.newsbank.com
publisher.etype.services
www.etypeservices.com
www.legacy.com
classadz.vdata.com
www.facebook.com

Subject Issuer	Validity	Valid
thenewsobserver.com R10	`2024-06-09` - `2024-09-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 03	`2024-03-28` - `2025-03-23`	a year	crt.sh
cdn-images.mailchimp.com Amazon RSA 2048 M02	`2023-06-20` - `2024-07-17`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
static.addtoany.com E1	`2024-04-23` - `2024-07-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.willyweather.com R11	`2024-06-07` - `2024-09-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.thenewsobserver.com/
Frame ID: 19C39FFCA53DE13DB2B78790E4134393
Requests: 49 HTTP requests in this frame

Frame: https://cdnres.willyweather.com/widget/loadView.html?id=114747
Frame ID: 23E72C56A20CAB857D6957D97FDCE48B
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: ED147BE3F096401314974EDE66874193
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The News Observer, Blue Ridge, Georgia

Page URL History Show full URLs

http://www.thenewsobserver.com/ HTTP 307
https://www.thenewsobserver.com/ Page URL

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
cdn-images\.mailchimp\.com/[^>]*\.css

Page Statistics

51
Requests

96 %
HTTPS

31 %
IPv6

12
Domains

14
Subdomains

13
IPs

2
Countries

2072 kB
Transfer

4271 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://thenewsobserver.newsbank.com/
Title: Extended Search

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer
Title: Renew

Search URL Search Domain Scan URL

URL: https://www.etypeservices.com/Privacy.aspx
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/thenewsobserver/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://classadz.vdata.com/CommunityNewspapersMurphy/Advertising/Advertiser
Title: Place a classified

Search URL Search Domain Scan URL

URL: https://www.facebook.com/The-News-Observer-740175116028857/
Title: square-facebook

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer/e-paper-special-edition/B6567085429FA0EE

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer/e-paper-special-edition/0B6E75E4453478E8

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer/e-paper-special-edition/A9CAC1F8F426CE46

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer/e-paper-special-edition/CF3295D9278FE342

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thenewsobserver.com/ HTTP 307
https://www.thenewsobserver.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP 301
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thenewsobserver.com/
Redirect Chain

http://www.thenewsobserver.com/
https://www.thenewsobserver.com/

68 KB
13 KB

546ms
216ms

Document
text/html

104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

ea165e7fbfe49eb97b3446b21401c357d063cabc5775fb5244acaca367f523da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: must-revalidate, no-cache, private
content-encoding: gzip
content-language: en
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 19:20:33 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
referrer-policy: no-referrer
server: nginx/1.18.0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-default-cache: default_cache
x-drupal-cache: HIT
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.thenewsobserver.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 147ms
64ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26466179-22

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2dc6ae2692b07a7ddddb9162fdf3ed4b12aabe017d0a46e66d90f793a0b61e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73124
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jun 2024 21:12:56 GMT

GET
H2 200 css_qCYVQcwlz_blv9ryQYiokRbIGMa5710Ds6bC6xFuX78.css
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/ 9 KB
3 KB 111ms
110ms Stylesheet
text/css 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_qCYVQcwlz_blv9ryQYiokRbIGMa5710Ds6bC6xFuX78.css

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

a8261541cc25cff6e5bfdaf24188a89116c818c6b9ef5d03b3a6c2eb116e5fbf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 03 Jun 2024 15:33:31 GMT
server: nginx/1.18.0
etag: W/"665de24b-24cb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/ 364 KB
58 KB 116ms
115ms Stylesheet
text/css 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

479869b8d6acf4973961042c49d4fcaa4f9efea38e8e9706e87cc8adf95b2698

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 03 Jun 2024 15:33:31 GMT
server: nginx/1.18.0
etag: W/"665de24b-5ae60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_P1NGcVaP41NJGJkUdicGZ5z4_V6DssyGg4AN_ryfFrE.js Show response
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/ 377 B
904 B 229ms
228ms Script
application/javascript 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/js_P1NGcVaP41NJGJkUdicGZ5z4_V6DssyGg4AN_ryfFrE.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

3f534671568fe35349189914762706679cf8fd5e83b2cc8683800dfebc9f16b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 03 Jun 2024 15:33:31 GMT
server: nginx/1.18.0
etag: W/"665de24b-179"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image001_0.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/ 38 KB
38 KB 229ms
228ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/image001_0.jpg
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.37.196.104.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 752d55c576fa27805d9277c3f5f06dab0d21620d765512218eb87ca82dedb2e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
last-modified: Fri, 13 Sep 2019 17:57:00 GMT
server: nginx/1.18.0
etag: "5d7bd86c-97b4"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 38836
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BP%20Water%20Advisory%201-WEB%20copy.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/2024-06/ 108 KB
108 KB 229ms
229ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/2024-06/BP%20Water%20Advisory%201-WEB%20copy.jpg
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.37.196.104.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 8a9fabb522aafe7f4eaa5ce7afbfdb05b88c5189276bbd70d1a09ec76d3d44ac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
last-modified: Tue, 11 Jun 2024 14:13:47 GMT
server: nginx/1.18.0
etag: "66685b9b-1aec5"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 110277
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/237/ 213 KB
214 KB 580ms
129ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/237/thumbnail.jpg
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cc9f3170da7db49653b135abfdc4127f4b4e79571e7ae5eb1cf959ff74de65aa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 12 Jun 2024 21:12:57 GMT
Last-Modified: Wed, 12 Jun 2024 10:04:44 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DC8AC715BD0AB7
Content-Type: .jpg
x-ms-request-id: 9760f8dc-a01e-0033-3b0d-bd1a99000000
x-ms-version: 2009-09-19
Content-Length: 218572

GET
H2 200 classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 4 KB
2 KB 44ms
7ms Stylesheet
text/css 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
date: Wed, 12 Jun 2024 01:02:47 GMT
last-modified: Thu, 17 Dec 2015 16:52:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 72610
etag: W/"ae0fc9b84c30cada1784022044962394"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: PQhLQ3KLDWMXCW3qmIwILDUKGpfe2rzw3f7B5UGK9eQC3BQdgRq8eg==

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 352ms
128ms Script
application/javascript 52.217.87.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.87.134 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 21:12:58 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: C00GPK7R91GGSNWY
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: MYV3qz9j9juuJojymYUdQ/ENloxJDTHskStBRMF99ninIiAGQ551133Pat5dXcLGjDoTZLDRbDQ=

GET
H2 200 js_y57geBL-K47QfSLZFcl_jtxJKKl-i8yIkHt048E1tQc.js Show response
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/ 99 KB
34 KB 194ms
191ms Script
application/javascript 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/js_y57geBL-K47QfSLZFcl_jtxJKKl-i8yIkHt048E1tQc.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

cb9ee07812fe2b8ed07d22d915c97f8edc4928a97e8bcc88907b74e3c135b507

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 03 Jun 2024 15:33:31 GMT
server: nginx/1.18.0
etag: W/"665de24b-18a46"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 60ms
33ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7276
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"e346c2841e4abbb66ee259e9540abb61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xjq7QFbi12VLG54U%2Bjg5quy%2FqZWru17BHm6PirUOYF94VC2B7wKgRRo6Tq0MWiJPYNcOnO%2BzleFhfMH2CV3E8h8WUqGEd6QTErTt6AGLBVlmKbsyuCHSr1v00lL3d2%2BHGJuSTSjs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 892cd78bb9c5bb43-FRA

GET
H2 200 js_fuSCs3Gd0zKHZ_Wwseiqaem5HY2aOEwZFtYa2Ic7_aQ.js Show response
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/ 21 KB
7 KB 198ms
195ms Script
application/javascript 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/js_fuSCs3Gd0zKHZ_Wwseiqaem5HY2aOEwZFtYa2Ic7_aQ.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

7ee482b3719dd3328767f5b0b1e8aa69e9b91d8d9a384c1916d61ad8873bfda4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 03 Jun 2024 15:33:32 GMT
server: nginx/1.18.0
etag: W/"665de24c-537d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 146ms
74ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cc911f34a7255a5561294d2b003ebb5bf22e7a9298381c6ac4ec2957f9aeed34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30748
x-xss-protection: 0
server: cafe
etag: 675 / 19886 / m202406100101 / config-hash: 161663972246330142
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Jun 2024 21:12:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
95 KB 69ms
67ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SYDC818VDF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26466179-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c9f7a47d1b655e5fd2cfdc26b4a80220fddf5b08bf56819427ce7340d4dd2bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96775
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jun 2024 21:12:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 116ms
35ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26466179-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Jun 2024 19:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5513
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 12 Jun 2024 21:41:03 GMT

GET e687213560c8b
adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/ 0
0

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
Redirect Chain

https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2

3 KB
2 KB

37ms
8ms

Script
application/javascript

2600:9000:275b:9a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Server: 2600:9000:275b:9a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7fdac25f0cd198d58d3231db7e84b8a5c7529a01d1399c20b0134d8ba143d7c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 12 Jun 2024 21:12:29 GMT
content-encoding: br
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 08:53:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 29
x-amz-server-side-encryption: AES256
etag: W/"47b9cc47cc1b62252e0878884fd30056"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: yxM4ySKW1lWEK3Pf8lapId2QNuipSPSboOHn_wxrT-SQtUEMSDAc8A==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
date: Wed, 12 Jun 2024 21:12:18 GMT
via: 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 39
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 20:03:11 GMT
server: AmazonS3
etag: "408e9e32ff11d19e90e67eb67eb171dc"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: sL6bIxBKGEDIGI9YxQOWGG8aLqYnVX6-mwP9RhOrCfwn_YsyJoF3lQ==

GET
H2 200 loading.gif
www.thenewsobserver.com/themes/tiempos/images/ 59 KB
59 KB 194ms
194ms Image
image/gif 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsobserver.com/themes/tiempos/images/loading.gif
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.37.196.104.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 431b428df9a9cccde8d4de067400ee8fba8173e82787f3a05b5502d966b05d89

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
last-modified: Sun, 11 Sep 2022 19:16:30 GMT
server: nginx/1.18.0
etag: "631e340e-ea08"
content-type: image/gif
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 59912
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Petrona-VariableFont_wght.ttf
www.thenewsobserver.com/fonts/Petrona/ 211 KB
211 KB 178ms
176ms Font
application/octet-stream 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsobserver.com/fonts/Petrona/Petrona-VariableFont_wght.ttf
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.37.196.104.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: c5fb9773e1b7b1c8c078b650a644c6370a14d0e0ac67667d58ca8dbb027dcce3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://www.thenewsobserver.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
last-modified: Wed, 22 Mar 2023 16:43:11 GMT
server: nginx/1.18.0
etag: "641b301f-34b24"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 215844
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
www.thenewsobserver.com/libraries/fontawesome-free-6.4.2-web/webfonts/ 147 KB
147 KB 178ms
176ms Font
application/octet-stream 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/libraries/fontawesome-free-6.4.2-web/webfonts/fa-solid-900.woff2

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://www.thenewsobserver.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 02 Oct 2023 17:04:49 GMT
server: nginx/1.18.0
referrer-policy: no-referrer
etag: "651af831-24a04"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-default-cache: default_cache
accept-ranges: bytes
content-length: 150020
x-xss-protection: 1; mode=block

GET
H2 200 fa-brands-400.woff2
www.thenewsobserver.com/libraries/fontawesome-free-6.4.2-web/webfonts/ 107 KB
108 KB 287ms
287ms Font
application/octet-stream 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/libraries/fontawesome-free-6.4.2-web/webfonts/fa-brands-400.woff2

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://www.thenewsobserver.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:57 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 02 Oct 2023 17:04:49 GMT
server: nginx/1.18.0
referrer-policy: no-referrer
etag: "651af831-1acf0"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-default-cache: default_cache
accept-ranges: bytes
content-length: 109808
x-xss-protection: 1; mode=block

GET
H2 200 BP%20Project%20Chimps%202-WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/ 19 KB
19 KB 179ms
174ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/BP%20Project%20Chimps%202-WEB.jpg?itok=rGQGkpr2

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

cf8af5a9d7cad95e8ec9f3ba160b2f9e861000b9266f2687d1ffb418800321a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 19068
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 12 Jun 2024 12:39:12 GMT
server: nginx/1.18.0
etag: "666996f0-4a7c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GH%20TVA%205-WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/ 19 KB
20 KB 179ms
174ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/GH%20TVA%205-WEB.jpg?itok=np_hSoX1

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

3503cc7f5899f269107e6d0d9dee47c336276ec0d355b05f18e864cd5730dea7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 19656
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 12 Jun 2024 12:39:12 GMT
server: nginx/1.18.0
etag: "666996f0-4cc8"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BP%20Library%20Fireflies%201-WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/ 20 KB
20 KB 179ms
175ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/BP%20Library%20Fireflies%201-WEB.jpg?itok=PcwwfV2F

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

db3c352b415dd89cb11ec4884322e8ecbe274914a7359a2cc73e9b695a242892

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20162
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 12 Jun 2024 12:39:12 GMT
server: nginx/1.18.0
etag: "666996f0-4ec2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cougar%20logo-WEB%20copy.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/ 13 KB
14 KB 179ms
175ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/cougar%20logo-WEB%20copy.jpg?itok=VVh5kG2U

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

d264f688c36b9eac0a58d154801a51e79e913739dbab747f87ec75bace799343

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 13530
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 05 Jun 2024 12:00:10 GMT
server: nginx/1.18.0
etag: "6660534a-34da"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Girls%20team-WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/ 20 KB
20 KB 179ms
175ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-06/Girls%20team-WEB.jpg?itok=-DvM1uG9

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

7f525fac1151e7f12f3016b256402f44ad77486bc281b338babbd0dfc645e5b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20230
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 05 Jun 2024 12:00:10 GMT
server: nginx/1.18.0
etag: "6660534a-4f06"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CB%20District-web.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-05/ 23 KB
24 KB 179ms
175ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-05/CB%20District-web.jpg?itok=J2rae_V1

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

2f3ded13eaac0aee0aaf741cd3153317ef1b2cba692c0f8cae556be6a38fd52c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 23439
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 May 2024 12:39:34 GMT
server: nginx/1.18.0
etag: "6644ad06-5b8f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Kenneth%20boring_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/ 18 KB
18 KB 180ms
176ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/Kenneth%20boring_WEB.jpg?itok=TevLouh9

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

ab309d4dbe24aa0f4a0e5e4d7aeec790196fbdda107857c4360508eb64d0a296

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 18214
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 Jan 2023 11:56:10 GMT
server: nginx/1.18.0
etag: "63d118da-4726"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Holly%20Fehrmann_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/ 16 KB
16 KB 180ms
176ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/Holly%20Fehrmann_WEB.jpg?itok=kJNKetAd

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

cc3534cb92be2761fe3c31ea4db7283a0e92cabedf9c0bb3d61444cd871421a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16144
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 Jan 2023 11:56:10 GMT
server: nginx/1.18.0
etag: "63d118da-3f10"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Ervin%20Thomason_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/ 13 KB
13 KB 180ms
177ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/Ervin%20Thomason_WEB.jpg?itok=Xv25_Uw4

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

6f35e32c7f68087ef5f05cd02aa7b27a216a8a72963b1cec026cca3f64ad0bed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 12886
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 Jan 2023 11:56:10 GMT
server: nginx/1.18.0
etag: "63d118da-3256"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IP%20Front%20Cover%202024.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-05/ 50 KB
51 KB 180ms
177ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-05/IP%20Front%20Cover%202024.jpg?itok=yiAA1eyW

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

a5f4cf8b17c953cca348c89ee14aca46e96f831f2ece55f43cc66eca2770c554

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:56 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 51186
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 May 2024 10:46:32 GMT
server: nginx/1.18.0
etag: "664dcd08-c7f2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Spring%20Wlecome%2024%20copy.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-03/ 37 KB
38 KB 290ms
287ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-03/Spring%20Wlecome%2024%20copy.jpg?itok=ZMCAOr1V

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

786bd36b244f878f272d810d1acc99135e1d089445e33a906f6fffd88cb17e87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:57 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 38281
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 15 Mar 2024 18:45:47 GMT
server: nginx/1.18.0
etag: "65f4975b-9589"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Healthcare%202024%20Cover.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-02/ 24 KB
25 KB 290ms
287ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-02/Healthcare%202024%20Cover.jpg?itok=ObvLfKMM

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

caf14f53c0e44d6e358de6fa00677c3403d6ce2a04e5674b6396ce70f9472b0a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:57 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 24919
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 20 Feb 2024 14:58:22 GMT
server: nginx/1.18.0
etag: "65d4be0e-6157"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 New%20Year%202024%20Welcome%20Cover.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-01/ 37 KB
38 KB 290ms
288ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-01/New%20Year%202024%20Welcome%20Cover.jpg?itok=XmeWXoL9

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

b22f1d135e937eb0b200aecbe035cd646cb463146f027699d4895e5a18a9da8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:57 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 37917
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 18 Jan 2024 16:14:35 GMT
server: nginx/1.18.0
etag: "65a94e6b-941d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/53/ 167 KB
44 KB 8ms
8ms Script
text/javascript 2600:9000:275b:9a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:30:25 GMT
content-encoding: br
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 114152
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 03 Jun 2024 09:45:41 GMT
server: AmazonS3
etag: W/"db6c513b7a9d1bf38b36047c185655a2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: snuu2onhERKTOhJpcFq-EKTMASHovi-Il2O-XEaezBM8DhEYH7C4mw==

GET
H2 200 geoip Show response
cmp.inmobi.com/ 58 B
343 B 23ms
8ms XHR
application/json 2600:9000:275b:9a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ac52aa47022e892411dd0d4c540b2caabac7e4f252b79cfd2294f27b5580b7f2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:57 GMT
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 58
x-amz-cf-id: r66M38LDy94HgPwZY_M6uLr-kNEbgOgHfDhV_0Fw2hq_-WDZDF6LDQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 50ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SYDC818VDF&gtm=45je46a0v893268615za200&_p=1718226776653&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=243705859.1718226777&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718226777&sct=1&seg=0&dl=https%3A%2F%2Fwww.thenewsobserver.com%2F&dt=The%20News%20Observer%2C%20Blue%20Ridge%2C%20Georgia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=933
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYDC818VDF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 21:12:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 19 KB
4 KB 7ms
7ms XHR
application/json 2600:9000:275b:9a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4a1d33dc01bd24cd86383e3397c3f0e9da16d19bf63b954bd3ea7033009cdad

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:00:44 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 65534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 12 Jun 2024 03:00:42 GMT
server: AmazonS3
etag: W/"36a5f9390f3bee7bf94ea645e907f5fe"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: HcsIuXXSNMehWSfhETkfSRTAAEMXAhbPs8-X9taCD8YkVwGwUiYjmw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 43ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=144966946&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewsobserver.com%2F&ul=de-de&de=UTF-8&dt=The%20News%20Observer%2C%20Blue%20Ridge%2C%20Georgia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2099858118&gjid=2047635998&cid=243705859.1718226777&tid=UA-26466179-22&_gid=513510219.1718226777&_r=1&gtm=457e46a0h1za200&gcd=13l3l3l2l3&dma_cps=sypham&dma=1&tag_exp=0&did=dMDhkMT&gdid=dMDhkMT&npa=1&z=1348248098

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 21:12:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/53/ 297 KB
72 KB 8ms
7ms Script
text/javascript 2600:9000:275b:9a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:30:25 GMT
content-encoding: br
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 114153
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Mon, 03 Jun 2024 09:45:44 GMT
server: AmazonS3
etag: W/"991fbc793ffbdf15116c0458b5a2027a"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: mCeY-p3ee1CITorQrySuurpx_3Mhxdlz1gs8niiqKakvChiBzQFilA==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 592 KB
65 KB 9ms
9ms XHR
application/json 2600:9000:275b:9a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ad69868a415840ee004b263f8eb1efc8b4bc9e8a78e80a26660ce1501acd938

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:59:24 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 76413
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 06 Jun 2024 23:59:18 GMT
server: AmazonS3
etag: W/"c79596ca9657b2734bba748b22c4d86f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: MOczoMBhPLKzhKc-URYsEDK05trU98YTelJGi37bT3hp9TpoRKLm7w==

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 142 KB
33 KB 15ms
15ms XHR
application/json 2600:9000:275b:9a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a5c2a665e9bc10d5d1da5e0ce1acecabecaf4313c86f33d223cf7ae8581e74b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:00:26 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 65551
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 12 Jun 2024 03:00:25 GMT
server: AmazonS3
etag: W/"f300e89defd25e7183942f8457ae4170"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Qczit_1LFXzrLrNLGdtrGwxkaligp35LYU6uuEqfgpeDDDf2rVOI8g==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/ 463 KB
144 KB 36ms
36ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 20:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2276
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147345
x-xss-protection: 0
server: cafe
etag: 14651848665127099269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 12 Jun 2025 20:35:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
72 B 148ms
69ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thenewsobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6522e7b9d66b02945de1fe9d7b15acd12f920998cc8a9588ada23dc6cf894a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
x-xss-protection: 0
expires: Wed, 12 Jun 2024 21:12:57 GMT

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 35ms
7ms XHR
text/plain 18.157.128.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.thenewsobserver.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22x0zxUTtv48%2FwZzgVhnTIZQ%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1718226777110%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-8re7tg6snzhrc71cm6is%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.128.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-128-118.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 12 Jun 2024 21:12:57 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 geoip Show response
cmp.inmobi.com/ 58 B
341 B 11ms
10ms XHR
application/json 2600:9000:275b:9a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ac52aa47022e892411dd0d4c540b2caabac7e4f252b79cfd2294f27b5580b7f2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:57 GMT
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 58
x-amz-cf-id: e2PJI8QoRQlYk7W3Ik8N9UwBj4t09iMsv9F8VoVitt2xXgzuSzjZFg==

GET
H2 200 loadView.html
cdnres.willyweather.com/widget/ Frame 23E7 0
0 712ms
673ms Document
text/html 151.101.195.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnres.willyweather.com/widget/loadView.html?id=114747
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.46 (IUS) / PHP/7.4.33
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=60, public
content-encoding: gzip
content-length: 826
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 21:12:58 GMT
server: Apache/2.4.46 (IUS)
vary: Accept-Encoding,User-Agent
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-powered-by: PHP/7.4.33
x-served-by: cache-fra-eddf8230119-FRA
x-timer: S1718226778.514762,VS0,VE667

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame ED14 0
0 35ms
23ms Document
text/html 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 9283
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 892cd78f5806a061-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 12 Jun 2024 21:12:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zCNMjjTjli1WgYxEyhtrixoL4df0cpXfj3ujNAiBX18FGqbN%2Ffx4XQrqpsosm%2B0q%2BvoWfP%2BOLFo%2F4kFbPkLGxi62FAJxQeQ0R%2BjHEMF%2BmlRy1JMue9V76yMqPL17m2rBSb5HtO3e"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.BRQnzO8v.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 73ms
60ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://www.thenewsobserver.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"25da5432b1057724b8210f17e9b9db05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQVG1Brj860FQlV5wBpPFaUmBP%2Fiqg9xZTLINHIkP6Im77XoTOaA%2BNAOK0oj2njG6rfQaq4s0XM1odOxiNqqFUfPu6d0tUtZh3IBvVIkyP3TphW5x20evvaF3oSqY3y1eQhc%2Btn0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 892cd78f5fa34d61-FRA

GET
H2 200 new-favicon.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/ 2 KB
2 KB 180ms
179ms Other
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/new-favicon.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.37.196.104.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 2f59d9b294c4a4d9119f49171936df9f45e5ba70083b9a781516a3fd5a95f31c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:12:58 GMT
last-modified: Fri, 13 Sep 2019 19:13:51 GMT
server: nginx/1.18.0
etag: "5d7bea6f-8a0"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2208
expires: Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adatoolbar.com
URL: https://adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/e687213560c8b

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thenewsobserver.com/	1970-01-21 06:53:06	Name: _ga_SYDC818VDF Value: GS1.1.1718226777.1.0.1718226777.0.0.0
.thenewsobserver.com/	1970-01-21 06:53:06	Name: _ga Value: GA1.2.243705859.1718226777
.thenewsobserver.com/	1970-01-20 21:18:33	Name: _gid Value: GA1.2.513510219.1718226777
.thenewsobserver.com/	1970-01-20 21:17:06	Name: _gat_gtag_UA_26466179_22 Value: 1
.www.thenewsobserver.com/	1970-01-21 06:38:42	Name: usprivacy Value: 1N--

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.thenewsobserver.com/ Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security	error	URL: https://www.thenewsobserver.com/(Line 246) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security	error	URL: https://www.thenewsobserver.com/(Line 246) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
javascript	error	URL: https://www.thenewsobserver.com/ Message: Access to script at 'https://adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/e687213560c8b' from origin 'https://www.thenewsobserver.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/e687213560c8b Message: Failed to load resource: net::ERR_FAILED
security	error	URL: about:blank Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security	error	URL: https://static.addtoany.com/menu/page.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:; frame-src 'unsafe-inline' https: data:; frame-ancestors 'unsafe-inline' https: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adatoolbar.com
api.cmp.inmobi.com
cdn-images.mailchimp.com
cdnres.willyweather.com
cmp.inmobi.com
cmp.quantcast.com
etypeproductionstorage1.blob.core.windows.net
region1.google-analytics.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.addtoany.com
www.google-analytics.com
www.googletagmanager.com
www.thenewsobserver.com
adatoolbar.com
104.196.37.2
142.250.186.66
151.101.195.52
172.67.39.148
18.157.128.118
18.172.112.27
18.245.86.62
20.150.38.36
2001:4860:4802:32::36
2600:9000:275b:9a00:1b:cadc:ef40:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:813::2008
52.217.87.134
2a5c2a665e9bc10d5d1da5e0ce1acecabecaf4313c86f33d223cf7ae8581e74b
2f3ded13eaac0aee0aaf741cd3153317ef1b2cba692c0f8cae556be6a38fd52c
2f59d9b294c4a4d9119f49171936df9f45e5ba70083b9a781516a3fd5a95f31c
3503cc7f5899f269107e6d0d9dee47c336276ec0d355b05f18e864cd5730dea7
3f534671568fe35349189914762706679cf8fd5e83b2cc8683800dfebc9f16b1
431b428df9a9cccde8d4de067400ee8fba8173e82787f3a05b5502d966b05d89
479869b8d6acf4973961042c49d4fcaa4f9efea38e8e9706e87cc8adf95b2698
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c9f7a47d1b655e5fd2cfdc26b4a80220fddf5b08bf56819427ce7340d4dd2bd
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
6522e7b9d66b02945de1fe9d7b15acd12f920998cc8a9588ada23dc6cf894a02
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
6f35e32c7f68087ef5f05cd02aa7b27a216a8a72963b1cec026cca3f64ad0bed
706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207
752d55c576fa27805d9277c3f5f06dab0d21620d765512218eb87ca82dedb2e1
786bd36b244f878f272d810d1acc99135e1d089445e33a906f6fffd88cb17e87
7ad69868a415840ee004b263f8eb1efc8b4bc9e8a78e80a26660ce1501acd938
7ee482b3719dd3328767f5b0b1e8aa69e9b91d8d9a384c1916d61ad8873bfda4
7f525fac1151e7f12f3016b256402f44ad77486bc281b338babbd0dfc645e5b7
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8a9fabb522aafe7f4eaa5ce7afbfdb05b88c5189276bbd70d1a09ec76d3d44ac
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
a4a1d33dc01bd24cd86383e3397c3f0e9da16d19bf63b954bd3ea7033009cdad
a5f4cf8b17c953cca348c89ee14aca46e96f831f2ece55f43cc66eca2770c554
a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd
a8261541cc25cff6e5bfdaf24188a89116c818c6b9ef5d03b3a6c2eb116e5fbf
ab309d4dbe24aa0f4a0e5e4d7aeec790196fbdda107857c4360508eb64d0a296
ac52aa47022e892411dd0d4c540b2caabac7e4f252b79cfd2294f27b5580b7f2
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b22f1d135e937eb0b200aecbe035cd646cb463146f027699d4895e5a18a9da8b
c5fb9773e1b7b1c8c078b650a644c6370a14d0e0ac67667d58ca8dbb027dcce3
c7fdac25f0cd198d58d3231db7e84b8a5c7529a01d1399c20b0134d8ba143d7c
caf14f53c0e44d6e358de6fa00677c3403d6ce2a04e5674b6396ce70f9472b0a
cb9ee07812fe2b8ed07d22d915c97f8edc4928a97e8bcc88907b74e3c135b507
cc3534cb92be2761fe3c31ea4db7283a0e92cabedf9c0bb3d61444cd871421a4
cc911f34a7255a5561294d2b003ebb5bf22e7a9298381c6ac4ec2957f9aeed34
cc9f3170da7db49653b135abfdc4127f4b4e79571e7ae5eb1cf959ff74de65aa
cf8af5a9d7cad95e8ec9f3ba160b2f9e861000b9266f2687d1ffb418800321a3
d264f688c36b9eac0a58d154801a51e79e913739dbab747f87ec75bace799343
db3c352b415dd89cb11ec4884322e8ecbe274914a7359a2cc73e9b695a242892
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea165e7fbfe49eb97b3446b21401c357d063cabc5775fb5244acaca367f523da
f2dc6ae2692b07a7ddddb9162fdf3ed4b12aabe017d0a46e66d90f793a0b61e0
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

www.thenewsobserver.com Open in urlscan Pro 104.196.37.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

31 %IPv6

12 Domains

14 Subdomains

13 IPs

2 Countries

2072 kBTransfer

4271 kBSize

5 Cookies

10 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thenewsobserver.com Open in urlscan Pro
104.196.37.2 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

31 %
IPv6

12
Domains

14
Subdomains

13
IPs

2
Countries

2072 kB
Transfer

4271 kB
Size

5
Cookies

51 HTTP transactions
0 data transactions