sponsored.chronicle.com Open in urlscan Pro
18.64.79.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links2.newsletter.chronicle.com/u/click?_t=d6b85331c7f64991b3bfd8ac52407544&_m=906f6b77ed8d4c03805393326807fe41&_e=qMphYMlUB9XaE...
Effective URL:
https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Submission Tags: falconsandbox
Submission: On May 03 via api (May 3rd 2022, 11:30:42 pm UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 15 domains to perform 39 HTTP transactions. The main IP is 18.64.79.114, located in United States and belongs to AMAZON-02, US. The main domain is sponsored.chronicle.com.
TLS certificate: Issued by Amazon on November 30th 2021. Valid for: a year.

This is the only time sponsored.chronicle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.218.62.178 3.218.62.178	14618 (AMAZON-AES) (AMAZON-AES)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
16	18.64.79.114 18.64.79.114	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	99.86.4.107 99.86.4.107	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:df:... 2a02:26f0:df:3a5::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:205... 2600:9000:2057:f600:2:d36a:3700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	54.154.124.119 54.154.124.119	16509 (AMAZON-02) (AMAZON-02)
2	104.89.28.179 104.89.28.179	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	63.32.228.167 63.32.228.167	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	63.32.153.188 63.32.153.188	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	143.204.201.34 143.204.201.34	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
39	17

1 3.218.62.178 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-62-178.compute-1.amazonaws.com

links2.newsletter.chronicle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.64.79.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-114.txl50.r.cloudfront.net

sponsored.chronicle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-107.fra6.r.cloudfront.net

iframely.shorthand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:df:3a5::1e80 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:f600:2:d36a:3700:93a1 (United States)

ASN16509 (AMAZON-02, US)

analytics.shorthand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.124.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-124-119.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.28.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-179.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.228.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-228-167.eu-west-1.compute.amazonaws.com

thechronicleofhighereducation.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

thechronicleofhighereducation.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.153.188 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-153-188.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.201.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-34.fra53.r.cloudfront.net

gateway.shorthand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

931-eka-218.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	chronicle.com 1 redirects links2.newsletter.chronicle.com sponsored.chronicle.com	4 MB
4	shorthand.com iframely.shorthand.com — Cisco Umbrella Rank: 601367 analytics.shorthand.com gateway.shorthand.com — Cisco Umbrella Rank: 951626	15 KB
3	gstatic.com fonts.gstatic.com	38 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 283 thechronicleofhighereducation.demdex.net — Cisco Umbrella Rank: 603167	5 KB
2	omtrdc.net thechronicleofhighereducation.sc.omtrdc.net — Cisco Umbrella Rank: 524912	565 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6945	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 469	55 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3632	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 20	501 B
1	mktoresp.com 931-eka-218.mktoresp.com — Cisco Umbrella Rank: 586614	311 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	447 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1413	517 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	2 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4109	344 B
39	15

	Domain	Requested by
16	sponsored.chronicle.com	sponsored.chronicle.com
3	fonts.gstatic.com	fonts.googleapis.com
2	gateway.shorthand.com	analytics.shorthand.com
2	thechronicleofhighereducation.sc.omtrdc.net	assets.adobedtm.com sponsored.chronicle.com
2	munchkin.marketo.net	sponsored.chronicle.com munchkin.marketo.net
2	dpm.demdex.net	assets.adobedtm.com sponsored.chronicle.com
2	www.google-analytics.com	sponsored.chronicle.com www.google-analytics.com
2	assets.adobedtm.com	sponsored.chronicle.com assets.adobedtm.com
1	www.google.de	sponsored.chronicle.com
1	www.google.com	sponsored.chronicle.com
1	931-eka-218.mktoresp.com	munchkin.marketo.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.everesttech.net	1 redirects
1	thechronicleofhighereducation.demdex.net	assets.adobedtm.com
1	analytics.shorthand.com	sponsored.chronicle.com
1	iframely.shorthand.com	sponsored.chronicle.com
1	fonts.googleapis.com	sponsored.chronicle.com
1	bit.ly	1 redirects
1	links2.newsletter.chronicle.com	1 redirects
39	19

This site contains links to these domains. Also see Links.

Domain
www.chronicle.com
sites.rowan.edu
www.rowan.edu
today.rowan.edu
sjclimate.news
marketingsolutions.chronicle.com
shorthand.com

Subject Issuer	Validity	Valid
chronicle.com Amazon	`2021-11-30` - `2022-12-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
shorthand.com Amazon	`2021-10-29` - `2022-11-27`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Frame ID: 86258FBF467EA37C23E103AF6CF2B152
Requests: 44 HTTP requests in this frame

Frame: https://thechronicleofhighereducation.demdex.net/dest5.html?d_nsid=0
Frame ID: AB9BEF16DE7FE4A0C95CA482522BDD60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beyond the obvious

Page URL History Show full URLs

http://links2.newsletter.chronicle.com/u/click?_t=d6b85331c7f64991b3bfd8ac52407544&_m=906f6b77ed8d4c03805393326807f... HTTP 303
https://bit.ly/37P1dHs?wlbelineID=810273&utm_source=Iterable&utm_medium=email&utm_campaign=... HTTP 301
https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Page Statistics

39
Requests

97 %
HTTPS

42 %
IPv6

15
Domains

19
Subdomains

17
IPs

6
Countries

4162 kB
Transfer

4906 kB
Size

16
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.chronicle.com/

Search URL Search Domain Scan URL

URL: https://sites.rowan.edu/catalysts/?utm_medium=ad&utm_source=che&utm_campaign=sustainability%20&utm_content=enhanced_sponsor_article
Title: Catalysts for Sustainability

Search URL Search Domain Scan URL

URL: https://www.rowan.edu/fossils/?utm_medium=ad&utm_source=che&utm_campaign=sustainability%20&utm_content=enhanced_sponsor_article
Title: Jean & Ric Edelman Fossil Park of Rowan University

Search URL Search Domain Scan URL

URL: https://today.rowan.edu/news/2021/10/rowan-breaks-ground-on-73-million-fossil-park-museum.html?utm_medium=ad&utm_source=che&utm_campaign=sustainability%20&utm_content=enhanced_sponsor_article
Title: $73 million museum and research facility

Search URL Search Domain Scan URL

URL: https://sjclimate.news/
Title: South Jersey Climate News

Search URL Search Domain Scan URL

URL: https://marketingsolutions.chronicle.com/branded-content/
Title: Find out more about paid content

Search URL Search Domain Scan URL

URL: https://www.chronicle.com/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.chronicle.com/account/newsletters
Title: Get Newsletters

Search URL Search Domain Scan URL

URL: https://www.chronicle.com/page/about-us/
Title: About The Chronicle

Search URL Search Domain Scan URL

URL: https://www.chronicle.com/page/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.chronicle.com/page/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://shorthand.com/?utm_source=sponsored.chronicle.com&utm_medium=referral&utm_campaign=footer&utm_term=built+with+shorthand&utm_content=EKE7OKpNqW
Title: Built with Shorthand

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links2.newsletter.chronicle.com/u/click?_t=d6b85331c7f64991b3bfd8ac52407544&_m=906f6b77ed8d4c03805393326807fe41&_e=qMphYMlUB9XaETdg4ymLO89oo__hGMYUFDs5wdQ1bo643NrE6-UZouqe_lqFC7hqy3QLrVCAf5tCFgV1-KQ0brBitfXgr7SVIx8KCZV_0bBBzKkRDlI3W98o9evoI_y2FfCj9o7HlUXMhcFN2ETEfYRzRv26Tv-9c4KM4RVsvWGm6Wbi2JD7IknvGWGukuJf_Ww7qXKi0ZxdEdsHaU5oa6bTYPpDgenLqCd9n1TteFynUWxd27jRdp8RnvJTzDUUBPF3rFrvF4abzGJjKnxWueH2bbKuNYtSyi3wbqPnWHyZz3pFmkKFIxmfBymzitgo_VJM1qIFT9GkV1legeLrz56c7bJ2seh054O9enfr4EIYj0dsrX3u0EviGXdwe4XydubKNr-8-ccSh_qP9fQ-n_TejjH_OgSvDn1Lk-Fmll9qGus9oyNSYAoXueyXFBeU HTTP 303
https://bit.ly/37P1dHs?wlbelineID=810273&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_4194179_nl_Academe-Today_date_20220503&cid=at&source=&sourceid= HTTP 301
https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://cm.everesttech.net/cm/dd?d_uuid=32322900173132454513243820420589454040 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnG7GwAAAHP3jgQz

39 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
sponsored.chronicle.com/beyond-the-obvious/
Redirect Chain

http://links2.newsletter.chronicle.com/u/click?_t=d6b85331c7f64991b3bfd8ac52407544&_m=906f6b77ed8d4c03805393326807fe41&_e=qMphYMlUB9XaETdg4ymLO89oo__hGMYUFDs5wdQ1bo643NrE6-UZouqe_lqFC7hqy3QLrVCAf5t...
https://bit.ly/37P1dHs?wlbelineID=810273&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_4194179_nl_Academe-Today_date_20220503&cid=at&source=&sourceid=
https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4

169 KB
34 KB

95ms
23ms

Document
text/html

18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1430167263f9f0397a1c4e8760f2b1ff7b804e21e84805a54efbb47fc5fca100

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52132
content-encoding: gzip
content-type: text/html
date: Tue, 03 May 2022 09:01:44 GMT
etag: W/"0062c1c7954b83093a379c16927a5b64"
last-modified: Mon, 18 Apr 2022 15:42:26 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
x-amz-cf-id: dUez82VAYo5F6E42gw7zTQsogm4IzVeiNX-mspEtOnYQzdl2j9rESA==
x-amz-cf-pop: TXL50-P2
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 199
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Tue, 03 May 2022 23:30:35 GMT
location: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 story.49349.min.css
sponsored.chronicle.com/beyond-the-obvious/static/ 132 KB
24 KB 23ms
22ms Stylesheet
text/css 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/static/story.49349.min.css
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77c48df5014d1b97e89ce9d86c00335c08ca3cbb722929979a0fe482e79ba694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:23 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 15:42:26 GMT
server: AmazonS3
age: 51373
etag: W/"81ce52ebd6157a77623f55ac4c8ab710"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: xjWthXCBSCwm1XOAQdKp24x4QURUSYaAUh3YiAtw_NObo64dCidKCA==

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,700|Source+Sans+Pro:300,300i,400,400i,700,700i

Requested by

Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

565caa49a2066c2d5da060191c1bc72db2cb3126837a0a6ac0743b6d4496a6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 May 2022 23:30:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 03 May 2022 23:30:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 May 2022 23:30:35 GMT

GET
H2 200 head.49349.min.js Show response
sponsored.chronicle.com/beyond-the-obvious/static/ 16 KB
6 KB 26ms
25ms Script
application/javascript 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/static/head.49349.min.js
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b5f3bbaa5cb7e6531d72babb2caefdaec1008265afa36f4946ba2df36ab3418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:23 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 15:42:26 GMT
server: AmazonS3
age: 51373
etag: W/"2d7bfb7cfbd293a19c02cf06df7ca7a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: d_7jWiPliS-B966x1cPcoSj5gfJpv0Cx-UMr6vsMhrBtAEt3SkZHew==

GET
H2 200 embed.js Show response
iframely.shorthand.com/ 23 KB
8 KB 60ms
7ms Script
application/javascript 99.86.4.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iframely.shorthand.com/embed.js?api_key=4c0a0c5255344f2050a6c4f0a0e0ba98
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-107.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: f34c2ac2f58b1d4f59f086c6a78b35372a7e7c0347172e0716e8df712c5fe3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 03:42:13 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 18:33:07 GMT
server: nginx
age: 71375
etag: W/"626adde3-5c6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: vUo-27ta_H07jMr89RUTKuZX6RPoo-K-T2_InYKDKGlPaPBvr4JtRQ==
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)

GET
H2 200 satelliteLib-d44b5c0ba3e615fdd1f061ed8c41f7e3540f0076.js Show response
assets.adobedtm.com/5d3b73b561ff4b1306f917ba09b12a1c7ee00521/ 133 KB
41 KB 91ms
22ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5d3b73b561ff4b1306f917ba09b12a1c7ee00521/satelliteLib-d44b5c0ba3e615fdd1f061ed8c41f7e3540f0076.js
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2a4a4eacf030157c67bc471ad09531049fe9651c58662083fb9aef976bd8a8a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 23:30:35 GMT
content-encoding: gzip
last-modified: Wed, 11 Sep 2019 19:53:55 GMT
server: AkamaiNetStorage
etag: "bc0daffe071487c0970aea5744c716b0:1568231634.814001"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://sponsored.chronicle.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 41921
expires: Wed, 04 May 2022 00:30:35 GMT

GET
H2 200 logo.svg
sponsored.chronicle.com/beyond-the-obvious/assets/ 33 KB
13 KB 24ms
22ms Image
image/svg+xml 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/logo.svg
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16e008ff114c109b98f2d1c5f82393be828638ac06edc099dec9e947d2f48cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:24 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 15:42:25 GMT
server: AmazonS3
age: 51372
etag: W/"f412dfbe35424edfff2932fc6f1cfa7c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: IfKOT4QItHfz717V-4qJAqChDHqceegFcX1ReGT7SzcxDerzOfp1Mw==

GET
H2 200 logo-sm.png
sponsored.chronicle.com/beyond-the-obvious/assets/ 745 B
1 KB 24ms
22ms Image
image/png 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/logo-sm.png
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51a0d2426de60c5b936df6c897df45b8a2c42459ae7cf09c8485826a4eddda77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:24 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:25 GMT
server: AmazonS3
age: 51372
etag: "11024e706944bab2c5d151c92694170f"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL50-P2
content-length: 745
x-amz-cf-id: xBzl527oeC6cblS0PR8rCTJ0ytE7GUidSSRuvF4Nq59rxzHI3D9cVg==

GET
H2 200 paid.png
sponsored.chronicle.com/beyond-the-obvious/assets/ 6 KB
6 KB 25ms
24ms Image
image/png 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/paid.png
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9aec0ff8720f0381423be4b7bd2af61cb5ecf47f21e1893e98fcfe38a02961ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:24 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:26 GMT
server: AmazonS3
age: 51372
etag: "103f717ac3e364222694d00916c552a1"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL50-P2
content-length: 5963
x-amz-cf-id: 5-2rbKccMSraovhWoIk15mHjlbOGPECvD12PI24BC3GydK9_OavtQA==

GET
H2 200 rowan_logo_horizontal_rgb-4096x980.png
sponsored.chronicle.com/beyond-the-obvious/assets/swpf7zLdDi/ 109 KB
110 KB 26ms
25ms Image
image/png 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/swpf7zLdDi/rowan_logo_horizontal_rgb-4096x980.png
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f40cee1ea496443d72414dfd19a9076bbb3265083e043aa68de3eff24f806abb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:24 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:26 GMT
server: AmazonS3
age: 51372
etag: "eae373cb4b86c8dab0277c2920a3271e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL50-P2
content-length: 112009
x-amz-cf-id: 30ZN-KtxnKsTNj-dKRBuuObH-eGaZI92VK9bRpYfBXs9N7Uz8_x8mQ==

GET
H2 200 fossil_research_lab_022-2161x1438.webp
sponsored.chronicle.com/beyond-the-obvious/assets/cu2kJ77Op4/ 221 KB
222 KB 64ms
62ms Image
image/webp 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/cu2kJ77Op4/fossil_research_lab_022-2161x1438.webp
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6bc2786f71ccff0b2644a1e22a79852054c9b340e858177fc62f76856b7f8e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:22:09 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:25 GMT
server: AmazonS3
age: 50906
etag: "cc709f8c618d8776ca8e16b6bee86c72"
x-cache: Hit from cloudfront
content-type: image/webp
x-amz-cf-pop: TXL50-P2
content-length: 226270
x-amz-cf-id: N6aqMKYY4zDUpJuyTPyE38fPuZ8mk_a2tAo_AD3cY5rD4VyYIgiCxg==

GET
H2 200 logo-black-no-text.svg
sponsored.chronicle.com/beyond-the-obvious/assets/ 1 KB
1 KB 26ms
25ms Image
image/svg+xml 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/logo-black-no-text.svg
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11fbff526786dbfbc833b0770c3bf21de8c99cffd461c1456337bfc1c5959640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:24 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 15:42:25 GMT
server: AmazonS3
age: 51372
etag: W/"ce61ec3dd0f999f8888adcb7d787e4f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: kz6eIGcQsDB44unG-hzz0TxXLUDXUCx2WBuEk9cWRl2p4sztXpoaFQ==

GET
H2 200 story.49349.min.js Show response
sponsored.chronicle.com/beyond-the-obvious/static/ 385 KB
108 KB 23ms
23ms Script
application/javascript 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/static/story.49349.min.js
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0a92168f0d8ce6b723f0ebbcbf28bc7b9fa61b9b2a526977307a8584eba03b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:23 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 15:42:26 GMT
server: AmazonS3
age: 51373
etag: W/"7983558548619357799a1a991546cf15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: ncGMnTWB450SyXjfccqggSqnxnJz3uh5S0Vb1RrXW8q2aHqyMLQt2w==

GET
H2 200 analytics_4.js Show response
analytics.shorthand.com/ 21 KB
7 KB 279ms
7ms Script
application/javascript 2600:9000:2057:f600:2:d36a:3700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.shorthand.com/analytics_4.js
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:f600:2:d36a:3700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24d1f200af93a052d10f19d9de3b592115308ef9bab620a0358d9ca8e61b39cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: MLz6_vwG3QbDXncrHYPX4wA77THbAGka
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 02:35:12 GMT
server: AmazonS3
age: 79287
etag: W/"de25f638af11e8beb149afc1f19b4992"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
date: Tue, 03 May 2022 01:29:09 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: C9IM5tn7A9OnZsAhw5EHsWBG3JKnF5PJLePc0TWOuTPPRrBs_bpH-w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4286
date: Tue, 03 May 2022 22:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 04 May 2022 00:19:09 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 388 B
1 KB 129ms
32ms XHR
application/json 54.154.124.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=2E27401053DB4FE50A490D4C%40AdobeOrg&d_nsid=0&ts=1651620635563

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5d3b73b561ff4b1306f917ba09b12a1c7ee00521/satelliteLib-d44b5c0ba3e615fdd1f061ed8c41f7e3540f0076.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.124.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-124-119.eu-west-1.compute.amazonaws.com

Software

Resource Hash

16356553b2e689220c46943b025b6b6c757bc41d85d391aa0498b6a0a2be0775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sponsored.chronicle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v031-0f46fb2c8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: j3GjGPjoTSM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://sponsored.chronicle.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 324
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 40ms
9ms Script
application/x-javascript 104.89.28.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-179.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 23:30:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53724d3b7b02a32164e8eced6ddd6fef09dd633c5cbb47e94c53b55e54d1d674

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ed8a8a4d81d8da4cc27081ecd250c1163656f5f107bf5adcf9702269e31721c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 38ms
12ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,700|Source+Sans+Pro:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sponsored.chronicle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 533135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,700|Source+Sans+Pro:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sponsored.chronicle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:23:45 GMT
x-content-type-options: nosniff
age: 533210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:23:45 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 37ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,700|Source+Sans+Pro:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sponsored.chronicle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:39:57 GMT
x-content-type-options: nosniff
age: 532238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:39:57 GMT

GET
DATA 200
OK truncated
/ 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f74fef553100d7986f1c33572ea440d067151e28956e52f56b566e84e8b861b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 133 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95a9aa45dcf75e1a72ea6ca391e9445d93c9eb8d549bfac0de014d95c8409eac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f60173c35de24aa8fa450995988c57f267c471bcb3c98c4847e7bf85cbe9727f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 133 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8035009b7662b302ef0397b82a2c15cc16276e4996a1906962e283f29fb256a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK dest5.html Show response
thechronicleofhighereducation.demdex.net/ Frame AB9B 7 KB
3 KB 122ms
30ms Document
text/html 63.32.228.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thechronicleofhighereducation.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5d3b73b561ff4b1306f917ba09b12a1c7ee00521/satelliteLib-d44b5c0ba3e615fdd1f061ed8c41f7e3540f0076.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.228.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-228-167.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sponsored.chronicle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v031-0c619e68c.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: DvhB/hyvTDI=
content-encoding: gzip
date: Tue, 3 May 2022 23:30:35 GMT
last-modified: Wed, 27 Apr 2022 09:29:29 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
thechronicleofhighereducation.sc.omtrdc.net/ 2 B
321 B 65ms
19ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thechronicleofhighereducation.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=2E27401053DB4FE50A490D4C%40AdobeOrg&mid=32294222955237533863246547426297820793&ts=1651620635738

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5d3b73b561ff4b1306f917ba09b12a1c7ee00521/satelliteLib-d44b5c0ba3e615fdd1f061ed8c41f7e3540f0076.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sponsored.chronicle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 03 May 2022 23:30:35 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-b4b698fcd-n8gvs
vary: Origin
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://sponsored.chronicle.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YnG7GwAAAHP3jgQz
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=32322900173132454513243820420589454040
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnG7GwAAAHP3jgQz

42 B
945 B

34ms
33ms

Image
image/gif

54.154.124.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnG7GwAAAHP3jgQz

Requested by

Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4

Protocol

HTTP/1.1

Server

54.154.124.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-124-119.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v031-07265f57c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Tgy9DTGCQRw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnG7GwAAAHP3jgQz
Date: Tue, 03 May 2022 23:30:35 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 7ms
7ms Script
application/x-javascript 104.89.28.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-179.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 23:30:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Thu, 11 Aug 2022 23:30:35 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 15ms
15ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1162194588&t=pageview&_s=1&dl=https%3A%2F%2Fsponsored.chronicle.com%2Fbeyond-the-obvious%2Findex.html%3Fcid%3Dche_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4&ul=en-us&de=UTF-8&dt=Beyond%20the%20obvious&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1932251105&gjid=945145884&cid=1120103717.1651620636&tid=UA-42055132-13&_gid=1239165514.1651620636&_r=1&_slc=1&cd1=EKE7OKpNqW&cd2=gYWtfdUqRF&z=168077191

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sponsored.chronicle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 May 2022 23:30:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sponsored.chronicle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rowanuniversity_logo6-432x200.jpeg
sponsored.chronicle.com/beyond-the-obvious/assets/14QC6yFLIt/ 14 KB
14 KB 380ms
379ms Image
image/jpeg 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/14QC6yFLIt/rowanuniversity_logo6-432x200.jpeg
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 378af471022f6f9f79c402c17a25b46f3c12ba650ed5ecfa28f7c2dcc2557cfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 23:30:37 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:25 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P2
etag: "7d045592567db90ffb177068ea6fd6cc"
x-cache: Miss from cloudfront
content-type: image/jpeg
content-length: 14185
x-amz-cf-id: SwzyTV_qNa77-8qnJo8iVLhBMZTrosoTjWFHDPJo0kuOcUVnsBvVLQ==

GET
H2 200 fossildigtour_2015_104-2034x1354.webp
sponsored.chronicle.com/beyond-the-obvious/assets/mkTcja0uqM/ 561 KB
562 KB 46ms
45ms Image
image/webp 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/mkTcja0uqM/fossildigtour_2015_104-2034x1354.webp
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 376cd000fc697733ef5e8748c90dd4cf4ef0a6302b334d4d181859f28a079426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:22:10 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:25 GMT
server: AmazonS3
age: 50905
etag: "c05e6ccf858c5739b54485628faf3dd6"
x-cache: Hit from cloudfront
content-type: image/webp
x-amz-cf-pop: TXL50-P2
content-length: 574314
x-amz-cf-id: 1Zni1bNIWWu7gyN6_vngCBcyJwFILVjnub5J9JEIN92-r9oKU1IBwA==

GET
H2 200 fossildigtour_2015_065-edit-2206x1468.webp
sponsored.chronicle.com/beyond-the-obvious/assets/dC3ZXy5VdA/ 590 KB
591 KB 241ms
241ms Image
image/webp 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/dC3ZXy5VdA/fossildigtour_2015_065-edit-2206x1468.webp
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9289d6fd706c7cd74c8518e44edabac084fdd070ae0388978317397b8de0b12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:22:11 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:25 GMT
server: AmazonS3
age: 50905
etag: "34a031ab68c3dd42e402bb518f7bf41e"
x-cache: Hit from cloudfront
content-type: image/webp
x-amz-cf-pop: TXL50-P2
content-length: 603794
x-amz-cf-id: 9H9dfY0MnBRWjcliQaQjfqK929gr3ZaWwb-2YpjNn8Ms2TVZaivn8A==

GET
H2 200 efp-quarry-view-1674x1070.webp
sponsored.chronicle.com/beyond-the-obvious/assets/roaFdyfpwn/ 539 KB
540 KB 217ms
216ms Image
image/webp 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/roaFdyfpwn/efp-quarry-view-1674x1070.webp
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241e865e6e4a6cabb11f3329d785b13923b57b720ea4bbd232102ac4a5e365c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 23:27:23 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:26 GMT
server: AmazonS3
age: 193
etag: "f21cf39e5f8a44a8991ac54a54fcab33"
x-cache: Hit from cloudfront
content-type: image/webp
x-amz-cf-pop: TXL50-P2
content-length: 552224
x-amz-cf-id: _TUB6iZ53peLW9TMr1wQ_pW65jR6EZfN35aNlMS02QfjT-FGZq9ZYw==

GET
H2 200 discovery-hall-kss-c-halkinmasonphotography-10262021_04-2521x1891.webp
sponsored.chronicle.com/beyond-the-obvious/assets/gwYJlbIRJO/ 789 KB
790 KB 87ms
87ms Image
image/webp 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/gwYJlbIRJO/discovery-hall-kss-c-halkinmasonphotography-10262021_04-2521x1891.webp
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 873dddbb1a8d5494e5636305c402371264bb887be2072ccc35cb9c54586e47ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:22:11 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:25 GMT
server: AmazonS3
age: 50905
etag: "dca6252ce06052b4503d1de31b5ec1de"
x-cache: Hit from cloudfront
content-type: image/webp
x-amz-cf-pop: TXL50-P2
content-length: 808034
x-amz-cf-id: _JzxsfcFsz9OqHraD7z19-s5WMQkeADMUjXiHfpzLMTjvcWRXL-FiQ==

GET
H2 200 north-campus-07202021_33-2278x1516.webp
sponsored.chronicle.com/beyond-the-obvious/assets/XGL0CIseRF/ 996 KB
998 KB 72ms
72ms Image
image/webp 18.64.79.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sponsored.chronicle.com/beyond-the-obvious/assets/XGL0CIseRF/north-campus-07202021_33-2278x1516.webp
Requested by: Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c196982e028940672ef43a6bac454b520850d5533fb71ecaeaaec337801fcc00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:22:11 GMT
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 15:42:26 GMT
server: AmazonS3
age: 50905
etag: "28df280eb664986e667b29b47ba4f287"
x-cache: Hit from cloudfront
content-type: image/webp
x-amz-cf-pop: TXL50-P2
content-length: 1020012
x-amz-cf-id: svXHJhQikhaWfBCLEiTXyZnnedTahnC5nX_gIkPNXecrJ7X2PSC2vQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42055132-13&cid=1120103717.1651620636&jid=1932251105&gjid=945145884&_gid=1239165514.1651620636&_u=YEBAAAAAAAAAAC~&z=1673537617

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sponsored.chronicle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 May 2022 23:30:35 GMT
content-type: text/plain
access-control-allow-origin: https://sponsored.chronicle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 story
gateway.shorthand.com/analytics/ Frame 0
0 370ms
290ms Preflight
application/json 143.204.201.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.shorthand.com/analytics/story
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-34.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sponsored.chronicle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 03 May 2022 23:30:36 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-apigw-id: RkosbEmToAMFnAA=
x-amz-cf-id: EsruCGKAr_m7Dg26MzvlEmV630FeMDAPbj7GzJPgH6tqeARtDEPMPA==
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: c4c209dd-6977-44f7-b77a-80aaffe914d5
x-amzn-trace-id: Root=1-6271bb1c-6d421f0c768ce4283e68e6dd
x-cache: Miss from cloudfront

POST
H2 200 story Show response
gateway.shorthand.com/analytics/ 257 B
618 B 306ms
305ms Fetch
application/json 143.204.201.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.shorthand.com/analytics/story
Requested by: Host: analytics.shorthand.com
URL: https://analytics.shorthand.com/analytics_4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-34.fra53.r.cloudfront.net
Software: /
Resource Hash: a6bc8f5917f38d896d2475968211fe3ff56e9a273dbae6941216244d18800430

Request headers

Referer: https://sponsored.chronicle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 03 May 2022 23:30:36 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 15a6439a-ddd8-42db-ab2d-4fcca8679636
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6271bb1c-3508a5eb2ecc137373587d25
x-amz-apigw-id: RkoseFKlIAMF5jQ=
content-length: 257
x-amz-cf-id: kL8JwkgIyExxwrmYinOIYP3q9Z8vByXPYz40gI6K3XK8LiikVO_5Sw==

GET
H2 200 s-code-contents-467642f62384eed404e72c5b66f7a996a2d00378.js Show response
assets.adobedtm.com/5d3b73b561ff4b1306f917ba09b12a1c7ee00521/ 36 KB
14 KB 31ms
29ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5d3b73b561ff4b1306f917ba09b12a1c7ee00521/s-code-contents-467642f62384eed404e72c5b66f7a996a2d00378.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5d3b73b561ff4b1306f917ba09b12a1c7ee00521/satelliteLib-d44b5c0ba3e615fdd1f061ed8c41f7e3540f0076.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6f7c82862519e526ebb34df4ef6c15ac6cb55a732f3bc162ddd46ef1a5db3576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 23:30:35 GMT
content-encoding: gzip
last-modified: Wed, 11 Sep 2019 19:53:55 GMT
server: AkamaiNetStorage
etag: "ab9119b3840996e6421fecd8e0bfcd8c:1568231635.404902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://sponsored.chronicle.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 13950
expires: Wed, 04 May 2022 00:30:35 GMT

POST
H/1.1 200
OK visitWebPage
931-eka-218.mktoresp.com/webevents/ 2 B
311 B 383ms
96ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://931-eka-218.mktoresp.com/webevents/visitWebPage?_mchNc=1651620635892&_mchCn=&_mchId=931-EKA-218&_mchTk=_mch-chronicle.com-1651620635891-41161&_mchHo=sponsored.chronicle.com&_mchPo=&_mchRu=%2Fbeyond-the-obvious%2Findex.html&_mchPc=https%3A&_mchVr=161&_mchEcid=2E27401053DB4FE50A490D4C%40AdobeOrg%3A6%3A32294222955237533863246547426297820793&_mchHa=&_mchRe=&_mchQp=cid%3Dche_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 23:30:36 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: f2f8aa99-04c4-4716-b76b-e5e876467043

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 40ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42055132-13&cid=1120103717.1651620636&jid=1932251105&_u=YEBAAAAAAAAAAC~&z=1495750405

Requested by

Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 23:30:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 40ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42055132-13&cid=1120103717.1651620636&jid=1932251105&_u=YEBAAAAAAAAAAC~&z=1495750405

Requested by

Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 23:30:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s74288756284649
thechronicleofhighereducation.sc.omtrdc.net/b/ss/chroneduchesponsoredprod/1/JS-2.17.0-D7QN/ 43 B
244 B 17ms
17ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thechronicleofhighereducation.sc.omtrdc.net/b/ss/chroneduchesponsoredprod/1/JS-2.17.0-D7QN/s74288756284649?AQB=1&ndh=1&pf=1&t=3%2F4%2F2022%2023%3A30%3A36%202%200&D=D%3D&mid=32294222955237533863246547426297820793&aamlh=6&ce=UTF-8&pageName=chesponsored%3A%2Fbeyond-the-obvious%2Findex.html&g=https%3A%2F%2Fsponsored.chronicle.com%2Fbeyond-the-obvious%2Findex.html%3Fcid%3Dche_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4&cc=USD&server=sponsored.chronicle.com&v0=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v11=chesponsored%3A%2Fbeyond-the-obvious%2Findex.html&c51=2019-09-11%2019%3A53%3A50%20UTC&c52=production&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=2E27401053DB4FE50A490D4C%40AdobeOrg&AQE=1

Requested by

Host: sponsored.chronicle.com
URL: https://sponsored.chronicle.com/beyond-the-obvious/index.html?cid=che_3p_nl_ba_1_esc_beyondtheobvious_rowan_22-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sponsored.chronicle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 23:30:36 GMT
x-content-type-options: nosniff
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 04 May 2022 23:30:36 GMT
server: jag
xserver: anedge-b4b698fcd-bnd5s
etag: 3546828308621656064-4619832376580589870
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 02 May 2022 23:30:36 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chronicle.com/	1970-01-20 11:32:36	Name: iterableEndUserId Value: meagan.roach%40usu.edu
.chronicle.com/	1970-01-20 02:48:27	Name: iterableEmailCampaignId Value: 4194179
.chronicle.com/	1970-01-20 02:48:27	Name: iterableTemplateId Value: 5708956
.chronicle.com/	1970-01-20 02:48:27	Name: iterableMessageId Value: 906f6b77ed8d4c03805393326807fe41
links2.newsletter.chronicle.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: f0eba0311cf6b4bef2bdeb43706361c87bf3166f-1651620635039-01ea93c96d437a23d577f2f7
.bit.ly/	1970-01-20 07:06:12	Name: _bit Value: m43nuz-0ea8c1fb978a297d3b-00Q
.demdex.net/	1970-01-20 07:06:12	Name: demdex Value: 32322900173132454513243820420589454040
.chronicle.com/	1969-12-31 23:59:59	Name: AMCVS_2E27401053DB4FE50A490D4C%40AdobeOrg Value: 1
.sponsored.chronicle.com/	1970-01-20 20:18:12	Name: _ga Value: GA1.3.1120103717.1651620636
.sponsored.chronicle.com/	1970-01-20 02:48:27	Name: _gid Value: GA1.3.1239165514.1651620636
.sponsored.chronicle.com/	1970-01-20 02:47:00	Name: _gat_shorthand Value: 1
.chronicle.com/	1970-01-20 20:18:12	Name: _mkto_trk Value: id:931-EKA-218&token:_mch-chronicle.com-1651620635891-41161
.everesttech.net/	1970-01-20 11:32:36	Name: everest_g_v2 Value: g_surferid~YnG7GwAAAHP3jgQz
.dpm.demdex.net/	1970-01-20 07:06:12	Name: dpm Value: 32322900173132454513243820420589454040
.chronicle.com/	1970-01-20 20:19:39	Name: AMCV_2E27401053DB4FE50A490D4C%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19116%7CMCMID%7C32294222955237533863246547426297820793%7CMCAAMLH-1652225435%7C6%7CMCAAMB-1652225435%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1651627835s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19123%7CvVersion%7C4.4.0
.chronicle.com/	1969-12-31 23:59:59	Name: s_cc Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

931-eka-218.mktoresp.com
analytics.shorthand.com
assets.adobedtm.com
bit.ly
cm.everesttech.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
gateway.shorthand.com
iframely.shorthand.com
links2.newsletter.chronicle.com
munchkin.marketo.net
sponsored.chronicle.com
stats.g.doubleclick.net
thechronicleofhighereducation.demdex.net
thechronicleofhighereducation.sc.omtrdc.net
www.google-analytics.com
www.google.com
www.google.de
104.89.28.179
143.204.201.34
15.236.176.210
18.64.79.114
192.28.144.124
2600:9000:2057:f600:2:d36a:3700:93a1
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a02:26f0:df:3a5::1e80
3.218.62.178
54.154.124.119
63.32.153.188
63.32.228.167
67.199.248.11
99.86.4.107
11fbff526786dbfbc833b0770c3bf21de8c99cffd461c1456337bfc1c5959640
1430167263f9f0397a1c4e8760f2b1ff7b804e21e84805a54efbb47fc5fca100
16356553b2e689220c46943b025b6b6c757bc41d85d391aa0498b6a0a2be0775
16e008ff114c109b98f2d1c5f82393be828638ac06edc099dec9e947d2f48cee
241e865e6e4a6cabb11f3329d785b13923b57b720ea4bbd232102ac4a5e365c6
24d1f200af93a052d10f19d9de3b592115308ef9bab620a0358d9ca8e61b39cb
2a4a4eacf030157c67bc471ad09531049fe9651c58662083fb9aef976bd8a8a4
2ed8a8a4d81d8da4cc27081ecd250c1163656f5f107bf5adcf9702269e31721c
376cd000fc697733ef5e8748c90dd4cf4ef0a6302b334d4d181859f28a079426
378af471022f6f9f79c402c17a25b46f3c12ba650ed5ecfa28f7c2dcc2557cfb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4f74fef553100d7986f1c33572ea440d067151e28956e52f56b566e84e8b861b
51a0d2426de60c5b936df6c897df45b8a2c42459ae7cf09c8485826a4eddda77
53724d3b7b02a32164e8eced6ddd6fef09dd633c5cbb47e94c53b55e54d1d674
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
565caa49a2066c2d5da060191c1bc72db2cb3126837a0a6ac0743b6d4496a6da
6f7c82862519e526ebb34df4ef6c15ac6cb55a732f3bc162ddd46ef1a5db3576
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
77c48df5014d1b97e89ce9d86c00335c08ca3cbb722929979a0fe482e79ba694
7b5f3bbaa5cb7e6531d72babb2caefdaec1008265afa36f4946ba2df36ab3418
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873dddbb1a8d5494e5636305c402371264bb887be2072ccc35cb9c54586e47ec
95a9aa45dcf75e1a72ea6ca391e9445d93c9eb8d549bfac0de014d95c8409eac
9aec0ff8720f0381423be4b7bd2af61cb5ecf47f21e1893e98fcfe38a02961ce
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a6bc2786f71ccff0b2644a1e22a79852054c9b340e858177fc62f76856b7f8e0
a6bc8f5917f38d896d2475968211fe3ff56e9a273dbae6941216244d18800430
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c196982e028940672ef43a6bac454b520850d5533fb71ecaeaaec337801fcc00
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a92168f0d8ce6b723f0ebbcbf28bc7b9fa61b9b2a526977307a8584eba03b2
f34c2ac2f58b1d4f59f086c6a78b35372a7e7c0347172e0716e8df712c5fe3b4
f40cee1ea496443d72414dfd19a9076bbb3265083e043aa68de3eff24f806abb
f60173c35de24aa8fa450995988c57f267c471bcb3c98c4847e7bf85cbe9727f
f8035009b7662b302ef0397b82a2c15cc16276e4996a1906962e283f29fb256a
f9289d6fd706c7cd74c8518e44edabac084fdd070ae0388978317397b8de0b12

sponsored.chronicle.com Open in urlscan Pro 18.64.79.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

42 %IPv6

15 Domains

19 Subdomains

17 IPs

6 Countries

4162 kBTransfer

4906 kBSize

16 Cookies

12 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sponsored.chronicle.com Open in urlscan Pro
18.64.79.114 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

42 %
IPv6

15
Domains

19
Subdomains

17
IPs

6
Countries

4162 kB
Transfer

4906 kB
Size

16
Cookies

39 HTTP transactions
7 data transactions