observer.com Open in urlscan Pro
192.0.66.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://politicker.com/
Effective URL:
https://observer.com/politics/
Submission: On March 08 via api (March 8th 2024, 6:11:16 pm UTC) from US — Scanned from DE

Summary HTTP 134 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 36 domains to perform 134 HTTP transactions. The main IP is 192.0.66.160, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is observer.com. The Cisco Umbrella rank of the primary domain is 249807.
TLS certificate: Issued by R3 on February 9th 2024. Valid for: 3 months.

This is the only time observer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 49	192.0.66.160 192.0.66.160	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.27.39 13.32.27.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.112.45 18.66.112.45	16509 (AMAZON-02) (AMAZON-02)
1	52.222.200.60 52.222.200.60	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:7416::1	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e6:... 2606:4700:e6::ac40:cf09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:a07e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	18.239.83.98 18.239.83.98	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:ae00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1d::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c376	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
2	3.90.90.139 3.90.90.139	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223e:fa00:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
2	18.239.81.214 18.239.81.214	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2490:600:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	52.217.228.9 52.217.228.9	16509 (AMAZON-02) (AMAZON-02)
1	3.239.232.228 3.239.232.228	14618 (AMAZON-AES) (AMAZON-AES)
1	23.61.138.29 23.61.138.29	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	18.164.52.73 18.164.52.73	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:3800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7611	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
134	45

49 192.0.66.160 (San Francisco, United States) 3 redirects

ASN2635 (AUTOMATTIC, US)

politicker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
observer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-39.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-45.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.200.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-200-60.cdg50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

truculentrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cf09 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a07e (United States)

ASN13335 (CLOUDFLARENET, US)

sandbox.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.83.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-98.ams58.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:ae00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)

c2-sandbox.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.90.90.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-90-139.compute-1.amazonaws.com

overlay-track.sailthru.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:fa00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.81.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-81-214.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:600:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.228.9 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.239.232.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-228.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.61.138.29 (Curitiba, Brazil)

ASN16625 (AKAMAI-AS, US)
PTR: a23-61-138-29.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-73.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	observer.com 1 redirects observer.com — Cisco Umbrella Rank: 249807	330 KB
8	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 3160 api.permutive.com — Cisco Umbrella Rank: 2379	88 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	95 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 334	114 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 301 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 621 aax.amazon-adsystem.com — Cisco Umbrella Rank: 406	78 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2656 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	123 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	165 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 176	5 KB
3	gstatic.com fonts.gstatic.com	201 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
3	tinypass.com sandbox.tinypass.com — Cisco Umbrella Rank: 350030	118 KB
3	truculentrate.com truculentrate.com — Cisco Umbrella Rank: 140018	24 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 703 script.hotjar.com — Cisco Umbrella Rank: 882	59 KB
2	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9661 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5621	1 KB
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	26 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	239 B
2	sailthru.cloud overlay-track.sailthru.cloud — Cisco Umbrella Rank: 32279	422 B
2	google.de www.google.de — Cisco Umbrella Rank: 6744	515 B
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3363	2 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2760 pixel.wp.com — Cisco Umbrella Rank: 2744	3 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3084 p1.parsely.com — Cisco Umbrella Rank: 2334	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	184 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	7 KB
2	politicker.com 2 redirects politicker.com	422 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 541	304 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 256	697 B
1	prmutv.co 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co — Cisco Umbrella Rank: 406121	381 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1336	642 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1342	9 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3658	167 KB
1	piano.io c2-sandbox.piano.io — Cisco Umbrella Rank: 459621	2 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 673	483 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 8305	3 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3445	34 KB
1	htlbid.com htlbid.com — Cisco Umbrella Rank: 8320	136 KB
0	postrelease.com Failed jadserve.postrelease.com Failed
134	36

	Domain	Requested by
47	observer.com	1 redirects observer.com
7	api.permutive.com	cdn.permutive.com
7	www.google-analytics.com	observer.com www.google-analytics.com www.googletagmanager.com
6	cdn.cookielaw.org	observer.com cdn.cookielaw.org
4	sb.scorecardresearch.com	1 redirects observer.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com observer.com
3	connect.facebook.net	observer.com connect.facebook.net
3	sandbox.tinypass.com	observer.com sandbox.tinypass.com
3	truculentrate.com	observer.com truculentrate.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	www.facebook.com	observer.com
2	overlay-track.sailthru.cloud	ak.sail-horizon.com
2	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
2	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net
2	www.google.de	observer.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	www.googletagmanager.com	observer.com
2	fonts.googleapis.com	observer.com
2	politicker.com	2 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ib.adnxs.com	cdn.permutive.com
1	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co	cdn.permutive.com
1	cdn.permutive.com	observer.com
1	rules.quantcount.com	secure.quantserve.com
1	script.hotjar.com	static.hotjar.com
1	www.google.com
1	static.hotjar.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	s.ntv.io	observer.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	ams-pageview-public.s3.amazonaws.com	observer.com
1	d15kdpgjg3unno.cloudfront.net	htlbid.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	dyv1bugovvq1g.cloudfront.net	htlbid.com
1	c2-sandbox.piano.io	sandbox.tinypass.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.adsafeprotected.com	observer.com
1	pixel.wp.com	observer.com
1	p1.parsely.com	observer.com
1	www.npttech.com	observer.com
1	stats.wp.com	observer.com
1	cdn.parsely.com	observer.com
1	ak.sail-horizon.com	observer.com
1	htlbid.com	observer.com
0	jadserve.postrelease.com Failed	s.ntv.io
134	47

This site contains links to these domains. Also see Links.

Domain
www.observer.com
artobserved.observer.com
observermedia.com
www.facebook.com
twitter.com
www.linkedin.com
instagram.com
www.observermedia.com
privacyportal.onetrust.com
wpvip.com
onetrust.com

Subject Issuer	Validity	Valid
observer.com R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
truculentrate.com R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
npttech.com GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
api.sail-personalize.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2024-02-25` - `2024-12-31`	10 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.sailthru.cloud Amazon RSA 2048 M03	`2024-02-11` - `2025-03-11`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-19` - `2024-12-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2024-01-18` - `2024-12-28`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
*.prmutv.co R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
api.permutive.com R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://observer.com/politics/
Frame ID: 54ADAEEB556B7AD05DF39D3692EB2EA6
Requests: 134 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Latest Political News & Articles | ObserverBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://politicker.com/ HTTP 301
https://politicker.com/ HTTP 301
https://observer.com/politics HTTP 301
https://observer.com/politics/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

134
Requests

96 %
HTTPS

55 %
IPv6

36
Domains

47
Subdomains

45
IPs

5
Countries

2072 kB
Transfer

7246 kB
Size

31
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.observer.com/music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.observer.com/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: http://www.observer.com/
Title: About

Search URL Search Domain Scan URL

URL: https://artobserved.observer.com/home
Title: Events

Search URL Search Domain Scan URL

URL: https://observermedia.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.facebook.com/observer

Search URL Search Domain Scan URL

URL: https://twitter.com/observer

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/observer-media

Search URL Search Domain Scan URL

URL: https://instagram.com/observer

Search URL Search Domain Scan URL

URL: https://www.observermedia.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://observermedia.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/8bf444f2-ddd6-41ff-8e24-b69ac0176e05/19c22396-023a-465c-a9c0-d9f831d1d9cd
Title: Do not sell my data

Search URL Search Domain Scan URL

URL: https://wpvip.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=observer.com
Title: WordPress VIP

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://politicker.com/ HTTP 301
https://politicker.com/ HTTP 301
https://observer.com/politics HTTP 301
https://observer.com/politics/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://sb.scorecardresearch.com/cs/37161820/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

134 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
observer.com/politics/
Redirect Chain

http://politicker.com/
https://politicker.com/
https://observer.com/politics
https://observer.com/politics/

158 KB
28 KB

48ms
48ms

Document
text/html

192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

91213ab7118e309db20cea95c70de46777888533a1e5c5533f7a9661430d5cb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6632
cache-control: max-age=300, must-revalidate
content-encoding: br
content-length: 28102
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 18:11:08 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://observer.com/wp-json/>; rel="https://api.w.org/" <https://observer.com/wp-json/wp/v2/channel/423868943>; rel="alternate"; type="application/json"
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
vary: Accept-Encoding
x-cache: grace
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn2 96 185 443

Redirect headers

age: 6672
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 18:11:08 GMT
host-header: a9130478a60e5f9135f765b23f26593b
location: https://observer.com/politics/
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-cache: grace
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-redirect-by: WordPress
x-rq: hhn2 96 184 443

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 157ms
57ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d5e418b5750653e02058cfa67d6b8f6311359cb276229f2d7307ffa05b3f840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 18:11:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Mar 2024 18:11:09 GMT

GET
H2 200 jquery.min.js Show response
observer.com/wp-includes/js/jquery/ 86 KB
31 KB 47ms
47ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:01 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e7a0e5-15601"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 main.min.css
observer.com/wp-content/themes/newyorkobserver-2014/dist/css/ 75 KB
14 KB 46ms
46ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

08137d731439f76c8cd0193d46327d52c4502db4021386720da4be5137edcb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Fri, 26 Jan 2024 15:47:30 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65b3d412-12dc3"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 style.css
observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/ 48 KB
8 KB 47ms
46ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/style.css?ver=1.9.10-1709737759

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ec2818120cb1a39d50c97572970f5f86f0ad13c71438e4ff7672c25351f415d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 06 Mar 2024 15:09:19 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"65e8871f-c02e"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 amp-google-tag-manager-public.js Show response
observer.com/wp-content/plugins/amp-google-tag-manager/public/js/ 838 B
700 B 56ms
47ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/amp-google-tag-manager/public/js/amp-google-tag-manager-public.js?ver=1.0.0

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:08 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a60-346"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 readMore.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/js/ 872 B
646 B 56ms
48ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/js/readMore.js?ver=1.9.10

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87dbbfc4146fd6731ce7aeb4fa93284deee4df25e7d507e21b3a6e9cf7adb0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Jun 2023 20:33:11 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"64823b07-368"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 widget.subscribe.js Show response
observer.com/wp-content/plugins/sailthru-widget/js/ 2 KB
950 B 56ms
48ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/sailthru-widget/js/widget.subscribe.js?ver=6.4.3

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 17 Aug 2023 15:53:10 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64de4266-622"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 htlbid.js Show response
htlbid.com/v3/observer.com/ 572 KB
136 KB 657ms
447ms Script
application/javascript 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 702489e680eb95a49ce42a55449f5c04f135c521a8dd33668ae6b27b9b9cc2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:10 GMT
content-encoding: br
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Mar 2024 19:39:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"2559ec18088e329d098a1bc400415bca"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: E7KbvBxkiLtR78PB63_s817A_hLuyfhkZ6aaeVnQe-WUODvqv7VTIQ==

GET
H2 200 default.min.css
observer.com/wp-content/themes/newyorkobserver-2014/dist/css/ 66 KB
11 KB 116ms
109ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/default.min.css?ver=1.9.10

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2cbc6c13af45bc311311531d579cd7e529376564ba3eef9af1f50e02f0998db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a62-1097b"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 print.min.css
observer.com/wp-content/themes/newyorkobserver-2014/dist/css/ 143 B
376 B 116ms
109ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/print.min.css?ver=1.9.10

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c0eb09d747f4cb0d61057afe50609d7419873b0bdbc56f6965f3098a1cf6d975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 96 185 443
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
etag: "64075a62-8f"
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 143

GET
H2 200 mediaelementplayer-legacy.min.css
observer.com/wp-includes/js/mediaelement/ 11 KB
3 KB 115ms
109ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:01 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e7a0e5-2bf8"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 wp-mediaelement.min.css
observer.com/wp-includes/js/mediaelement/ 4 KB
1 KB 115ms
110ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:01 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e7a0e5-105a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 media-credit.min.css
observer.com/wp-content/plugins/media-credit/public/css/ 589 B
520 B 115ms
110ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/media-credit/public/css/media-credit.min.css?ver=4.3.0

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a7b23f357530667a4d5d574a7b9141f0858db9f3dc49ad1e676bd850b8093c22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:09 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a61-24d"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 lasso-live.css
observer.com/wp-content/plugins/lasso/admin/assets/css/ 26 KB
4 KB 115ms
110ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/lasso/admin/assets/css/lasso-live.css?v=1678203489&ver=253

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

36e24dc06e51fdd9b13497039bf3c286b61476669c715a274b9a6703b4000a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:09 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a61-698a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 amp-google-tag-manager-public.css
observer.com/wp-content/plugins/amp-google-tag-manager/public/css/ 98 B
330 B 115ms
110ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/amp-google-tag-manager/public/css/amp-google-tag-manager-public.css?ver=1.0.0

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 96 185 443
last-modified: Tue, 07 Mar 2023 15:38:08 GMT
server: nginx
etag: "64075a60-62"
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 98

GET
H2 200 widget.subscribe.css
observer.com/wp-content/plugins/sailthru-widget/css/ 2 KB
973 B 115ms
110ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/sailthru-widget/css/widget.subscribe.css?ver=6.4.3

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 17 Aug 2023 15:53:10 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"64de4266-9a1"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 jetpack.css
observer.com/wp-content/mu-plugins/jetpack-13.1/css/ 104 KB
19 KB 115ms
111ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/mu-plugins/jetpack-13.1/css/jetpack.css?ver=13.1.3

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

705110851e09c9f6cb085ea3f01e720444f320eab7499dcb5937af0c9ddeecad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 18:23:39 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e7632b-19fe8"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
94 KB 291ms
81ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0dd939ba44b5f736949846fc0e0ee411f12ca8b25e2416a938699e0120a236bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Mar 2024 18:11:09 GMT

GET
H2 200 GettyImages-1333624649.jpg
observer.com/wp-content/uploads/sites/2/2022/12/ 42 KB
43 KB 121ms
121ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2022/12/GettyImages-1333624649.jpg?quality=80&w=635

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

96521ecede9febf52a70cbe9447f4237ddd8b519557c21a3d6e49f94d6ce54cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 200 443
last-modified: Mon, 04 Mar 2024 03:26:56 GMT
server: nginx
etag: "c902399b6ca60883"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43258

GET
H2 200 GettyImages-1443736911.jpg
observer.com/wp-content/uploads/sites/2/2022/11/ 15 KB
15 KB 121ms
121ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2022/11/GettyImages-1443736911.jpg?quality=80&w=300

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b9e2466b31b350de239b426825d68c515a7988ede4de6c755e237e4525951668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 198 443
last-modified: Mon, 04 Mar 2024 03:26:56 GMT
server: nginx
etag: "ea5cf22530a1c1fe"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15466

GET
H2 200 California-state-house.jpg
observer.com/wp-content/uploads/sites/2/2022/10/ 12 KB
12 KB 57ms
48ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2022/10/California-state-house.jpg?quality=80&w=300

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

611a4a2dee3757663c70b8d67fe9c83a9d537270b13494b479da2102a7642b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 84 443
last-modified: Mon, 04 Mar 2024 03:26:55 GMT
server: nginx
etag: "20de8c0e0fdfb2ba"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12452

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 267ms
56ms Script
application/javascript 18.66.112.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:03:09 GMT
content-encoding: gzip
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 06:45:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 481
x-amz-server-side-encryption: AES256
etag: W/"6a90e37d3f128291a2aab5a6b31ac0a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: tcrV0W0pgdudDaO9I5bqTAHyZ3ym8BXJBDxrrWTSXUrytRHGVAw4_g==

GET
H2 200 sailthru.js Show response
observer.com/wp-content/plugins/hc-sailthru/assets/js/ 761 B
653 B 56ms
48ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/hc-sailthru/assets/js/sailthru.js?ver=20211026

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b6cf23ed282a5cb25c43c5923908a43cc8c4c9e92b23a1f73eb7b0af46ef6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:09 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a61-2f9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 wp-polyfill-inert.min.js Show response
observer.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 57ms
48ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:00 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e7a0e4-1feb"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 regenerator-runtime.min.js Show response
observer.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 57ms
49ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:00 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e7a0e4-19e1"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 hooks.min.js Show response
observer.com/wp-includes/js/dist/ 5 KB
2 KB 113ms
105ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:00 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e7a0e4-1213"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 i18n.min.js Show response
observer.com/wp-includes/js/dist/ 9 KB
4 KB 113ms
105ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:00 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"65e7a0e4-24e5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 loader.js Show response
observer.com/wp-content/mu-plugins/wp-parsely-3.13/build/ 3 KB
2 KB 113ms
105ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/mu-plugins/wp-parsely-3.13/build/loader.js?ver=f5c2d06f6755fda3f6d4

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

57298ae9c2168c3f86b4f4e67b9b6a222ce706ed3c8191f391c03d37760d253e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 18:23:40 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"65e7632c-bf9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 p.js Show response
cdn.parsely.com/keys/observer.com/ 56 KB
21 KB 266ms
60ms Script
application/javascript 52.222.200.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/observer.com/p.js?ver=3.13.3
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-60.cdg50.r.cloudfront.net
Software: nginx /
Resource Hash: c46b033d7688f2f46e87a04634a1389db91ceea1be9cb70d1ae9205819739a7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: public
date: Fri, 08 Mar 2024 01:47:15 GMT
content-encoding: gzip
via: 1.1 c55964596762daa758331d3e6fe008a8.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 17:02:52 GMT
server: nginx
x-amz-cf-pop: CDG50-P2
age: 59655
etag: W/"623ca43c-e05a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: IVXFpqUg7-HTx4sJ7Nl_z8jm8qB1ChS1ntRlRj9uVvuv2ZKel7GcMA==
expires: Sat, 09 Mar 2024 01:36:54 GMT

GET
H2 200 helpers.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 922 B
728 B 115ms
107ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/helpers.js?ver=1.9.10

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c0472ab03b5cc819b6f3a01c3d0519af30215aed943bd77a11d9625f93b4ab55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a62-39a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 jquery.flexslider.min.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/ 21 KB
7 KB 115ms
108ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/jquery.flexslider.min.js?ver=2.2.2

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a62-5429"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 theme.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 7 KB
3 KB 115ms
108ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/theme.js?ver=1.9.10.04282045

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e256a180025855d8521b1aeacc337c5bc34f88865bbd09680c9f7192c937553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"64075a62-1c48"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 sailthru-widget.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 1 KB
772 B 115ms
108ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/sailthru-widget.js?ver=1.9.10

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

756dd7203be6457d7dd15085b51cb7fcee2efdc6e1e46792c7a5272775a82243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a62-431"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 delay-load.js Show response
observer.com/wp-content/plugins/xcurrent/assets/js/ 3 KB
1 KB 116ms
108ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/xcurrent/assets/js/delay-load.js?ver=8f7693010179fc5007dacef632d329a6

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ef5f8d6a9ea52bd9b20497b837b74bde31586062d5b0e16be75f8bbdffc29840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:09 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a61-b50"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 lazy-load.js Show response
observer.com/wp-content/plugins/xcurrent/assets/js/ 8 KB
4 KB 116ms
109ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/xcurrent/assets/js/lazy-load.js?ver=6bd186b35f60946321703040eae7bccf

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6c05e433ca10b433edfc856fd903cb5f2da848a54e4507642a48981deed8bb05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:09 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a61-214a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 e-202410.js Show response
stats.wp.com/ 7 KB
3 KB 253ms
48ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202410.js
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402358485.9985
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sun, 02 Mar 2025 16:44:32 GMT

GET
H2 200 script-queue.js Show response
observer.com/wp-content/plugins/xcurrent/assets/js/ 3 KB
2 KB 116ms
109ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a384a78bc8bee6afceab3ff107315b1bdcc0fd2622246826d16b503e742a8cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:09 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"64075a61-dd9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 255ms
47ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Mar 2024 17:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 08 Mar 2024 19:48:08 GMT

GET
H2 200 22bdf0221b6555de6cdadcba Show response
truculentrate.com/scripts/3f92345fab9c/ 68 KB
24 KB 267ms
59ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://truculentrate.com/scripts/3f92345fab9c/22bdf0221b6555de6cdadcba

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca65ebc4d40a7ffdbbff592acfbfff744ef1c2e785bf293f4778d29f978d547d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 08 Mar 2024 18:11:09 GMT
x-datacenter: gce-europe-west1
etag: "4803bdd35549962c7cbb6c49f02afc5c011fe28775e4345735edcb6b90ca8d1a"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-06pp
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1205290244
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 469ms
79ms Script
application/javascript 2606:4700:e6::ac40:cf09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GHRRBHC6YGTAVGT1
age: 7113
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LJPUveXPCGf/g+bCgJyd4ulh80b+uAanK0VBavwez1SfTUBv7K4WTawxBvF332X2EEs2iPgU63o=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKHKvDjBXXuJahPCwahUhgqpV4jZRb2VREAyLlPfroXYxzEgGaJDFCat0WHJEeMcrvmRJmlgF7f4KzTlSYEOmnRLXd8RF%2B4y0g8Lxsgn7PueFYw4j5Dm03spcMuVA5dm7kEdltHPATZP61aFv6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 8614c9409bef65b1-FRA

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 load Show response
sandbox.tinypass.com/xbuilder/experience/ 4 KB
1 KB 271ms
65ms Script
application/javascript 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d55f7c21f317b20841033125e19ef280ff06aba9c8cb5ee2d6065220d8e5a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Mar 2024 17:57:48 GMT
server: cloudflare
age: 801
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 8614c93f7ca79bdc-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: ngpql93tlf
expires: Fri, 08 Mar 2024 18:41:09 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/37161820/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

138ms
134ms

Script
application/javascript

18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 06:06:21 GMT
content-encoding: gzip
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 43545
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: xiacIFhjkcboAPPv7td3Q3eJYv54FvKVJwymChKVrOiLXfOQuEG1WQ==

Redirect headers

date: Fri, 08 Mar 2024 18:11:09 GMT
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: xor8jtzlcoBcHywHwBo721q4zw9NJz2eK-fRBJgTojXU6pdPPWYJmA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 491ms
107ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Mar 2024 18:11:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 8lnb0SyIi9kmyJ91EjyuQVC+hRKdVq6V5XiWQSVFg4DZ/Z+Ggmm/tv3gM2j4l/cFZr7CdJUhcFrvHQSYQFqx7g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 search-ffffff.svg
observer.com/wp-content/themes/newyorkobserver-2014/images/ 2 KB
1 KB 114ms
111ms Image
image/svg+xml 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/images/search-ffffff.svg

Requested by

Host: observer.com
URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"64075a62-960"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000

GET
H2 200 observer-logo-white-2015.png
observer.com/wp-content/themes/newyorkobserver-2014/images/ 3 KB
3 KB 114ms
111ms Image
image/png 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/images/observer-logo-white-2015.png

Requested by

Host: observer.com
URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 96 185 443
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
etag: "64075a62-b7d"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2941

GET
H2 200 source-serif-pro-v11-latin-regular.woff2
observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/ 19 KB
20 KB 111ms
111ms Font
application/font-woff2 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/source-serif-pro-v11-latin-regular.woff2

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

97816b3ca3d676b5241a16fd6fb3f3e4050a3b99c914f0a66f0bcc074617ba80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://observer.com/politics/
Origin: https://observer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 96 185 443
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
etag: "64075a62-4df4"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19956

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 28 KB
28 KB 232ms
49ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://observer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:52:50 GMT
x-content-type-options: nosniff
age: 292699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28224
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:52:50 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 10 KB
2 KB 154ms
151ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 01e8ea224688d6d4a25454f3665dce849bde309bc2d9aff9df884c4b52373286

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer eddd21a32bf5284abd9bc8ac7ddeec34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://observer.com/
x-referring-url: https://observer.com/politics/

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
expires: -1

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 591ms
345ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1709921469430&plid=88777654&idsite=observer.com&url=https%3A%2F%2Fobserver.com%2Fpolitics%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fobserver.com%2Fpolitics%2F&sref=&sts=1709921469429&slts=0&title=Latest+Political+News+%26+Articles+%7C+Observer&date=Fri+Mar+08+2024+19%3A11%3A09+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=26590398&u=pid%3D2f0ce20f745e524215423813b86b5092
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 18:11:09 GMT
Cache-Control: no-cache
Last-Modified: Friday, 08-Mar-2024 18:11:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 56ms
56ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=168679389&post=0&tz=-5&srv=observer.com&hp=vip&j=1%3A13.1.3&host=observer.com&ref=&fcp=1070&rand=0.6832493643309407
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 18:11:09 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 135 KB
53 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NXSTMDF&cid=1579311052.1709921469

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e91d78778c750d0c648be55486083cb48eb0691e4b2df83c7a512f04079da6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53546
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Mar 2024 18:11:09 GMT

GET
H2 200 tinypass.min.js Show response
sandbox.tinypass.com/api/ 391 KB
116 KB 96ms
96ms Script
application/javascript 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/api/tinypass.min.js

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f7b5a0fd24fe0cd33e20015e96ce7d9d6bc111be5c89e947b696a82faf00e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
x-amz-version-id: Ol2ZRyyTzIKJuIm7pItzKqYdHFpczDja
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: ERAE8F8RH9DVEFB4
age: 1672
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1odWSuv1+Eu4wPpPO/s8AWovx2sbciX+Lz8RY7QKldYJDVcOaFxycU52CR7KqrGGrbSxsRcNWxR+Qmxt/PwDBQ==
last-modified: Tue, 05 Mar 2024 11:26:41 GMT
server: cloudflare
etag: W/"258a96bd10a4f70b88ac289aac793f04"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8614c9405dcb9bdc-FRA
expires: Fri, 08 Mar 2024 22:11:09 GMT

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ 0
0 479ms
140ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://observer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://observer.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Fri, 08 Mar 2024 18:11:09 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 164ms
52ms Image
image/gif 2600:9000:223f:ae00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=fealy_728x90_
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7605686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Tb52L43Ldg_c3kaREPtVXgp-fUMx7C7jWjA3yvhjerMaV6Ow47QwgQ==

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 61ms
61ms Image
text/plain 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=37161820&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1709921469529&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2Fpolitics%2F&c8=Latest%20Political%20News%20%26%20Articles%20%7C%20Observer&c9=
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: 0W8-pcir-ZuGhgsFKD_MrutUSOxtl2t9TeQwsgMYPOQGGf5-LKccng==
x-cache: Miss from cloudfront

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 527ms
118ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T9PLB60R8S&gtm=45je4360v878262212za220&_p=1709921469118&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1579311052.1709921469&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709921469&sct=1&seg=0&dl=https%3A%2F%2Fobserver.com%2Fpolitics%2F&dt=Latest%20Political%20News%20%26%20Articles%20%7C%20Observer&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1529
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 219ms
72ms Ping
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T9PLB60R8S&cid=1579311052.1709921469&gtm=45je4360v878262212za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 223ms
76ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T9PLB60R8S&cid=1579311052.1709921469&gtm=45je4360v878262212za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1985231995

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GettyImages-1242603571-2.jpg
observer.com/wp-content/uploads/sites/2/2022/08/ 18 KB
18 KB 66ms
65ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2022/08/GettyImages-1242603571-2.jpg?quality=80&w=300&h=225&crop=1

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f9b2e3c3df725ecde25317780b02ea8db16d24ee22e6b95c09483cc34d65ff7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 195 443
last-modified: Mon, 04 Mar 2024 03:27:08 GMT
server: nginx
etag: "8471edcbb87a1db8"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18008

GET
H2 200 GettyImages-1435082544.jpg
observer.com/wp-content/uploads/sites/2/2022/10/ 4 KB
4 KB 58ms
58ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2022/10/GettyImages-1435082544.jpg?quality=80&w=300&h=225&crop=1

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6bd68050c8bdc6f12d6924e49ea78dbe0bbcb74599c20897067a4b8f602fac70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 32 443
last-modified: Mon, 04 Mar 2024 03:27:11 GMT
server: nginx
etag: "9d2aecfd84f3b608"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4280

POST
H3 200 3f3d4ea775630ed63bf865464aea28826fa13d343ef194e175c9 Show response
truculentrate.com/send/ 303 B
330 B 162ms
70ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://truculentrate.com/send/3f3d4ea775630ed63bf865464aea28826fa13d343ef194e175c9

Requested by

Host: truculentrate.com
URL: https://truculentrate.com/scripts/3f92345fab9c/22bdf0221b6555de6cdadcba

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d181fd14e2a5df3052bac534a65f311a39b3a0e57d45f4494f09e3bf26d94c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 08 Mar 2024 18:11:09 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
x-hostname: fen-hoothoot-europe-west1-06pp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 08 Mar 2024 18:11:08 GMT

POST
H2 200 execute Show response
c2-sandbox.piano.io/xbuilder/experience/ 2 KB
2 KB 301ms
179ms XHR
application/json 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-sandbox.piano.io/xbuilder/experience/execute?aid=CMrLcDjZsu

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8691a65cf2c9040198ec2d6bb43438453c2a62f517f7ce31c16b0b807caec31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 08 Mar 2024 18:11:10 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: fo68yvn21d
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8614c943f84471c7-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
29 KB 284ms
165ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cff7dc31231b75241d9abb8ed83f0d36852601fe879120b9d4a62072077f823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28702
x-xss-protection: 0
server: cafe
etag: 862 / 19790 / m202403050101 / config-hash: 11199280441447852477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 18:11:10 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 274ms
59ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 17:41:58 GMT
content-encoding: gzip
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 21:59:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 1753
x-amz-server-side-encryption: AES256
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: F36ZVJpl2Up4as0JI6oMIBbtivV7fcasU1aMcGoqUhgVatu67DBZzw==

POST
H3 200 6eda584f7c6dc41bcefac5b756d8895bec2020530340189179ce Show response
truculentrate.com/ 3 B
29 B 59ms
58ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://truculentrate.com/6eda584f7c6dc41bcefac5b756d8895bec2020530340189179ce

Requested by

Host: truculentrate.com
URL: https://truculentrate.com/scripts/3f92345fab9c/22bdf0221b6555de6cdadcba

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 08 Mar 2024 18:11:10 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
x-hostname: fen-hoothoot-europe-west1-06pp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 08 Mar 2024 18:11:09 GMT

GET
H2 200 618909876214345 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 131ms
130ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/618909876214345?v=2.9.148&r=stable&domain=observer.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb1c67bd3d406f42adb73e25f115571446ca9ed318938380bdeeed9b3b4b1bd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Mar 2024 18:11:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: pBw/eG21o9xPfTjOKNfM8A8HyNicLJs+1f+Ied9b8jaYLlR625/i8Uh98ls44CpWWbG2neeG8C584SpMbqw9kQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H/1.1 200
OK view
overlay-track.sailthru.cloud/v1/overlay/ 0
0 604ms
127ms Preflight
text/plain 3.90.90.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://overlay-track.sailthru.cloud/v1/overlay/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.90.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-90-139.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version
Access-Control-Request-Method: POST
Origin: https://observer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 13
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://observer.com
access-control-max-age: 1800
allow: POST,OPTIONS
content-type: text/plain
date: Fri, 08 Mar 2024 18:11:10 GMT
server: envoy
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK view Show response
overlay-track.sailthru.cloud/v1/overlay/ 17 B
422 B 135ms
135ms Fetch
application/json 3.90.90.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://overlay-track.sailthru.cloud/v1/overlay/view
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.90.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-90-139.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 5f4871b277dbebec4d8490673a48154537dc6f1969140f67c333e85704b50564

Request headers

Accept: application/json
Referer: https://observer.com/
X-Lib-Version: v1.0.1
accept-language: de-DE,de;q=0.9
Authorization: Bearer eddd21a32bf5284abd9bc8ac7ddeec34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Mar 2024 18:11:10 GMT
allowedorigins: *
server: envoy
vary: Origin
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 17

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 150ms
45ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=618909876214345&ev=PageView&dl=https%3A%2F%2Fobserver.com%2Fpolitics%2F&rl=&if=false&ts=1709921470243&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709921470241.2093498153&ler=empty&cdl=API_unavailable&it=1709921469994&coo=false&rqm=GET

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 08 Mar 2024 18:11:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/ 432 KB
136 KB 51ms
44ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8990aa15eac245af6c6e1659e307d87319e360dfb7841984e17aac14bc583c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 17:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1971
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139160
x-xss-protection: 0
server: cafe
etag: 12239114432611093980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 08 Mar 2025 17:38:19 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 159ms
58ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
date: Fri, 08 Mar 2024 05:05:01 GMT
x-amz-cf-pop: FRA2-C1
age: 47170
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 9L2RepAyL10GTQ0QS_CXqoONMuFQCtccrU0Vy6RijpThmH-rgaZwgg==

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/79/observer.com/politics/ 478 B
820 B 563ms
430ms Fetch
application/json 2600:9000:223e:fa00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/79/observer.com/politics/.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:fa00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fdb0ab9a2d0640a5c9e03dd65b72211661555c507f783a25cf5568b30064018

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:11:12 GMT
content-encoding: gzip
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 176
x-amz-expiration: expiry-date="Wed, 08 May 2024 00:00:00 GMT", rule-id="cleanup"
last-modified: Fri, 08 Mar 2024 05:06:34 GMT
server: AmazonS3
etag: "ad9a1ca1614d634462274f811e60cc4e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 3oJ2maaKLmnWbZCO_JNaSGsvrBPbhfStw11rQWTpmZVQ9hSRTuTlsA==

GET
H2 200 30787d05-7895-471e-9cdf-d931d7b5ea5d Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 162ms
46ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: d960ec924eb69e567c94f9ba13ed16056553c7ae133c0c489a5805307e04e3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:03:26 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 464
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: rVYdhPH9mBnIYMVWKg1UG1wwsP_LFlAI2JZ4fIdm17Qd2lkKnKXW1w==

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
354 B 193ms
100ms XHR
text/javascript 18.239.81.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fobserver.com%2Fpolitics%2F&pid=1I92Ww5ffQJis&cb=0&ws=1600x1200&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_leaderboard_atf%22%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_right_rail%22%7D%2C%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_right_rail_2%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1010%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.81.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-81-214.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:10 GMT
via: 1.1 0d3372129d548b57c62777e24b79e514.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: A-yvV2vJHQeqdZ1QJyFrPmcq5tiIn04qh7hbUuQlKmDtMUP7S7Q1Ig==

GET
H2 200 22133348250 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 421ms
93ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22133348250?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8989e4104a89fa84eb086dd735cfe9d0077dbd5887eff9b5e788dc43b99293d5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VkpOaX5i5fhlhfJqajkJgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VkpOaX5i5fhlhfJqajkJgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtHikmII1JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ4-tLJgkgVgPiHT4eLHzrprOqALHm-umsgUAc83w6awoQO6XPYA0AYp_6GaxRQNx68xzrZCAW4ubYv3LtejaBFefWqwMAwrI2Ug"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
355 B 120ms
99ms XHR
text/javascript 18.239.81.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fobserver.com%2Fpolitics%2F&pid=1I92Ww5ffQJis&cb=1&ws=1600x1200&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-5-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_article%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1010%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.81.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-81-214.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:10 GMT
via: 1.1 0d3372129d548b57c62777e24b79e514.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 61a-kuI4Tp8KOtSNz4SFpuDs-WrEXfcnnpT_7KykzSCcBAFGOaNHAg==

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 107 KB
25 KB 208ms
96ms Script
text/javascript 2600:9000:2490:600:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:600:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6bd82ce11691967331ab445c196243e9df898ee6e7984791ec21beed5a8b96d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 19:19:29 GMT
x-amz-version-id: GFodeMMfdeA7DY2aJXJWmwQVxGhTqJnn
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 19:19:22 GMT
server: AmazonS3
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"41c18a16092082409f04960b60b20fa0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
age: 82303
x-amz-cf-id: dRBqCCjaiwteXk_TBpwbIfDC2XS36VKB6bdQ-0bKxSY-M0HV0S7LKg==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 427ms
147ms Image
image/png 52.217.228.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1e511584efcb
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.228.9 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 18:11:12 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: 0TMKKMTAD63QESKD
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: 0Xo6lX9w087JJIjMtu7AxNTdOaT/UeumNmfjeUTs4nuMmTyOAatXViG5F82+Q3KsvRGIUYiFxt0=

GET
H2 200 AGSKWxXoSPVh-X8sgzF7802MgVq7L2jxm6z2TwQopfe_N9RWTvLxhQAH6z5wzNgkEmkGiHFJXbxyWKdb17XAUtcXQNYzVKNWQMYtQGA-LBY9ZwYD0QCwHWYcpnBJd3zhKxga5L5zMK4xBQ== Show response
fundingchoicesmessages.google.com/f/ 401 KB
61 KB 154ms
153ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXoSPVh-X8sgzF7802MgVq7L2jxm6z2TwQopfe_N9RWTvLxhQAH6z5wzNgkEmkGiHFJXbxyWKdb17XAUtcXQNYzVKNWQMYtQGA-LBY9ZwYD0QCwHWYcpnBJd3zhKxga5L5zMK4xBQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5OTIxNDcxLDIzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9vYnNlcnZlci5jb20vcG9saXRpY3MvIixudWxsLFtbOCwiYndyTWNzNlpjWWciXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMwNURGaIuyf7Kfb-fYhTUpeA0gP-A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3b08474cde3cdf017abb5ad4e3603e5124378cd71466908c78241752fabbb31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cFuz8CC4wuLPiMTFJcqwxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-cFuz8CC4wuLPiMTFJcqwxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonj60smCSBWA-IdPh4sfOums6oAseb66ayBQBzzfDprChA7pc9gDQBin_oZrFFA3HrzHOtkIBbi4di_cu16NoEFP5pWMQIAjTcxrA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 559ms
127ms XHR
text/xml 3.239.232.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D79%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.239.232.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-239-232-228.compute-1.amazonaws.com
Software: /
Resource Hash: db5e2c2b0b16f37a177e90cd5eb27ea273b1e3d45bf8d7ef716229e5fc0e1402

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Fri, 08 Mar 2024 18:11:11 GMT
connection: keep-alive
x-amzn-RequestId: f7e6469f-8387-58e0-87c7-18fad5785209
Content-Length: 378
Content-Type: text/xml

GET
H2 200 css
fonts.googleapis.com/ 107 KB
6 KB 68ms
63ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bwrMcs6ZcYg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy2ukk25RwUogYtR9HMJzWQbSj4Ww/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Mar 2024 18:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 18:11:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Mar 2024 18:11:11 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 56ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observer.com/
Origin: https://observer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 321618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 00:50:53 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 103ms
103ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observer.com/
Origin: https://observer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 05:34:50 GMT
x-content-type-options: nosniff
age: 218181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 05:34:50 GMT

POST
H3 204 AGSKWxXFcsuDhWoExwdE0kJWzowDDPM1of25mTVHKjrcg0XIbn8H8CSvtoMwnGdEeCkELoNrxDsFHijHk4O42eZKnCKat_h5xc21UR_znzuTklnaslEppiD2X2YuXJCDD343vSyN-ljivQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 173ms
62ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXFcsuDhWoExwdE0kJWzowDDPM1of25mTVHKjrcg0XIbn8H8CSvtoMwnGdEeCkELoNrxDsFHijHk4O42eZKnCKat_h5xc21UR_znzuTklnaslEppiD2X2YuXJCDD343vSyN-ljivQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ezuQoZNf6-XfThsubeGKOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ezuQoZNf6-XfThsubeGKOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsX_l2vVsAhum79nKBACMARFa"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://observer.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CDC.jpg
observer.com/wp-content/uploads/sites/2/2022/06/ 9 KB
9 KB 44ms
44ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2022/06/CDC.jpg?quality=80&w=300&h=225&crop=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a1434becee72b5abad8fd9e5eae43cbd258fcf5e7d5b6dab31df4f9ed07ff2ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 84 443
last-modified: Fri, 08 Mar 2024 10:45:08 GMT
server: nginx
etag: "5492c87d9eb528d0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9300

GET
H2 200 underscore.min.js Show response
observer.com/wp-includes/js/ 18 KB
8 KB 55ms
54ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/underscore.min.js

Requested by

Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:01 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"65e7a0e5-4991"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 api-request.min.js Show response
observer.com/wp-includes/js/ 1023 B
825 B 55ms
55ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/api-request.min.js

Requested by

Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:01 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"65e7a0e5-3ff"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 backbone.min.js Show response
observer.com/wp-includes/js/ 24 KB
8 KB 48ms
48ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/backbone.min.js

Requested by

Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90554181b9d143453475bb69bbce45d406f2d2119409db9b71da8552536681a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:01 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e7a0e5-5e4c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 GettyImages-1404257121.jpg
observer.com/wp-content/uploads/sites/2/2022/07/ 12 KB
12 KB 43ms
43ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2022/07/GettyImages-1404257121.jpg?quality=80&w=300&h=225&crop=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1320340a92c586506168e30c21c161c9c1f9abc3c3d38448b83afe7c502b673f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 139 443
last-modified: Thu, 07 Mar 2024 12:14:50 GMT
server: nginx
etag: "9b231b52d7e7b2fa"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12392

GET
H2 200 wp-api.min.js Show response
observer.com/wp-includes/js/ 14 KB
4 KB 43ms
43ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/wp-api.min.js

Requested by

Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 22:47:01 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e7a0e5-395a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 / Show response
observer.com/wp-json/wp/v2/ 301 KB
12 KB 44ms
44ms XHR
application/json 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-json/wp/v2/

Requested by

Host: observer.com
URL: https://observer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

70395edaa5645777e2f69d3ecf545d8923dc26df6d2d17dad63b907ec8b5297a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://observer.com/politics/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;includeSubdomains;preload
age: 101
x-cache: grace
content-length: 11369
x-rq: hhn2 96 184 443
server: nginx
allow: GET
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex
link: <https://observer.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 639 KB
167 KB 1239ms
418ms Script
application/x-javascript 23.61.138.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js?ver=1.0.0
Requested by: Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.61.138.29 Curitiba, Brazil, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-61-138-29.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ad3bedba9a0f0d52093942c2b0107f7cb212147092bed09c6ae73591d1811dfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 18:11:13 GMT
Content-Encoding: gzip
x-amz-request-id: Z8EN0SWJG6C8XDW4
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 7llA5A5rQgK/Fois8RsA6nRyiBn3KYK3EyqWAy6wLVdgVwlDf1GSpYL5AOieyZt7ZPWiA0ARYOc=
Last-Modified: Wed, 06 Mar 2024 16:32:07 GMT
Server: AmazonS3
ETag: "4319e23872947b66c478ff5916acc848"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 284 KB
91 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4c3088deffa9aa3344847044fddeff6de731f573b28ce5620a252e49929d191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Mar 2024 18:11:13 GMT

GET
H3 200 sdk-runtime-config.js Show response
sandbox.tinypass.com/api/v3/anon/assets/ 266 B
514 B 120ms
72ms XHR
application/json 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=CMrLcDjZsu

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc51cf5a47eefc936a19c6a34480275a043c455c9e293404e6b8e66002b6ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:13 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11766
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Svra1asJL0U
wn: sandbox-vx-dash-10-13-3-230
last-modified: Fri, 08 Mar 2024 14:55:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.009
cache-control: public, max-age=14400
cf-ray: 8614c9582d075be5-FRA
expires: Fri, 08 Mar 2024 22:11:13 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 172ms
52ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:13 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 15 Mar 2024 18:11:13 GMT

GET
H2 200 hotjar-3537567.js Show response
static.hotjar.com/c/ 9 KB
4 KB 150ms
53ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3537567.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

08a4cf25a6bc0f46d331a77225603d5b9b02dbff2afad2c5300dc9fddc715b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Mar 2024 18:11:13 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d4ac5b92a044c0942688597c264a6c8b
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: sN6fXim103rgpuHH0z9k_El7drAdg7DQz0613W5Bho1-CtplFXEHYg==

GET
H3 200 832096553515722 Show response
connect.facebook.net/signals/config/ 29 KB
5 KB 101ms
101ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/832096553515722?v=2.9.148&r=stable&domain=observer.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

574257158f8975391edb5a888bb212822ef3402b4985fca24da3a1e56e419169

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Mar 2024 18:11:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: MXYaihTByvBXE4a6eWy/KwW3JJRTQ1jfKHBh/52ExcS+RcxqkZsieAV9pFxj0mFxAgjJi37AQo8eSaZTZ2ibrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 56ms
56ms Script
application/javascript 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:45:07 GMT
content-encoding: gzip
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 59217
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 66f9Bw9DAF8p3YK53pZtvrWwl7yl_XOTT4SltBUkVfmq7CzLr2ilbw==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
722 B 60ms
59ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 17:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Mar 2024 18:51:30 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Mar 2024 17:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1385
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 08 Mar 2024 19:48:08 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 57ms
57ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 58ms
57ms XHR
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1212249-1&cid=1579311052.1709921469&jid=1690318596&uid=1579311052.1709921469&gjid=952785920&_gid=1225133792.1709921469&npa=1&_u=aGDAgUAjQAAAAEAEK~&z=1005623247

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 08 Mar 2024 18:11:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 112ms
112ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 55ms
53ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 49ms
48ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=832096553515722&ev=PageView&dl=https%3A%2F%2Fobserver.com%2Fpolitics%2F&rl=&if=false&ts=1709921473447&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709921470241.2093498153&ler=empty&cdl=API_unavailable&cs_est=true&it=1709921469994&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 08 Mar 2024 18:11:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 189ms
87ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1212249-1&cid=1579311052.1709921469&jid=1690318596&npa=1&_u=aGDAgUAjQAAAAEAEK~&z=1217323671

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 73ms
71ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1212249-1&cid=1579311052.1709921469&jid=1690318596&npa=1&_u=aGDAgUAjQAAAAEAEK~&z=1217323671

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.a4fd7e5489291affcf56.js Show response
script.hotjar.com/ 220 KB
55 KB 181ms
66ms Script
application/javascript 18.164.52.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a4fd7e5489291affcf56.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3537567.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-73.cdg50.r.cloudfront.net

Software

Resource Hash

c3c24d578a72dcc6aed7b6927169623dac1af2c44c3a39436d764b9be81760ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 009b28dd2e1a33c65de17468676b9c46.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 29707
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55553
last-modified: Fri, 08 Mar 2024 09:55:51 GMT
etag: "739599f44296537096534936ee9c2d0d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dvJHbb-vxflsM8ZTfQuB7N2lT_Ey0Dq0kiZXvYyXGxHmGqoWtgnuuA==

GET
H2 200 rules-p-UtaLhd9K6h6Mf.js Show response
rules.quantcount.com/ 160 B
642 B 155ms
51ms Script
application/javascript 2600:9000:223c:3800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UtaLhd9K6h6Mf.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3afad7944608ccb8f39bb022444e73be0d7d2bc03ade1aebd436d17c3c2eefc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 17:22:29 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2997
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:57:38 GMT
server: AmazonS3
etag: "5e639fe6c85b0bcfca5ebb1b7d3b3dec"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 1_vav975iQdmzV3MPad1AEYky5v9azFPvc3qdeahdeHCkwTdbMAMdQ==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 183ms
69ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: observer.com
URL: https://observer.com/politics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 18:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /RTAD1TAPuPWblD15GN1pg==
age: 34763
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6842
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 20:52:31 GMT
server: cloudflare
etag: 0x8DC3EE8820BCF86
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b581cd2d-601e-0006-2605-710a3c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8614c95c3cd7bb3d-FRA

GET
H2 200 3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Show response
cdn.permutive.com/ 365 KB
87 KB 205ms
76ms Script
application/javascript 2606:4700::6811:7611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Requested by: Host: observer.com
URL: https://observer.com/politics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39727f9b7aca589784dccb043e74ad342e0e12d51574a6c56805258391383019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:13 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d
age: 0
x-guploader-uploadid: ABPtcPqXZzJgYTyBqhDed5uqnFo2DxAS1CjzCkUh5V2M3l7kK4OX4dMQuR46VAWttub4BNLEfR8
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
content-length: 88221
last-modified: Mon, 04 Dec 2023 18:06:56 GMT
server: cloudflare
etag: "7f7c522a45dee2d28cc83565b3c530ae"
vary: Accept-Encoding
x-goog-generation: 1701713216013437
content-type: application/javascript
x-goog-hash: crc32c=SOUSNA==, md5=f3xSKkXe4tKMyDVls8Uwrg==
cache-control: public, max-age=900
x-goog-stored-content-length: 88221
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8614c95c497b371d-FRA
expires: Fri, 08 Mar 2024 18:26:13 GMT

GET
H2 200 6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json Show response
cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/ 3 KB
2 KB 166ms
71ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc8f8f131774a8405d79658e64366f7044e6f439cfccaf977aecf0deb4c052e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 18:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 810
content-md5: 0CCuNb2oi4MBXRI3Igqd4w==
content-length: 1135
x-ms-lease-status: unlocked
last-modified: Thu, 12 Nov 2020 16:47:25 GMT
server: cloudflare
etag: 0x8D8872AA28370D2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9ad88797-901e-0094-7055-148eea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8614c95d9ec81e5b-FRA
expires: Sat, 09 Mar 2024 18:11:14 GMT

GET
H2 200 pxid Show response
3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/ 46 B
381 B 422ms
51ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/pxid?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 215dd4d81ddc1349b0199e534ebcf13f35af2d77eb2ee9e7185ab4590f158613

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:11:14 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
697 B 753ms
114ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 18:11:15 GMT
an-x-request-uuid: 98eb5160-9b03-450c-91ef-9e91601fdfac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 291ms
186ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8614c9601e0190ef-FRA
access-control-allow-headers: Content-Type

GET
BLOB 200
OK a89148b7-0861-427e-993b-a87b99d36662
https://observer.com/ 76 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://observer.com/a89148b7-0861-427e-993b-a87b99d36662
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0c89ae1b6ee5da942accbbf66c5853d64ff32b0d08247ebb4fb5fd025bc843

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 78105
Content-Type

GET
BLOB 200
OK ceef2696-f7d0-464f-a166-e087c3aa24b5
https://observer.com/ 76 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://observer.com/ceef2696-f7d0-464f-a166-e087c3aa24b5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0c89ae1b6ee5da942accbbf66c5853d64ff32b0d08247ebb4fb5fd025bc843

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 78105
Content-Type

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 209 B
328 B 417ms
52ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:11:14 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 333 B
293 B 420ms
56ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 47e1a8eebfcf1720a3c06340e5da3fc09dedc52d436f0c79806c0373b3bd8008

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:11:14 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.9.0/ 341 KB
74 KB 64ms
64ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 18:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
age: 34467
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75725
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
server: cloudflare
etag: 0x8D88D721D404CB2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 037c5acf-b01e-0083-4e54-2327e1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8614c960ab3ebb3d-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/ 73 KB
13 KB 68ms
68ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c724c4cb202cda5ac3fc5dd433b3403995f9c2ddd9b45f52713de38a62deedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 18:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 79951
content-md5: EBsOpg7Elu1REC0UgglQbw==
content-length: 12888
x-ms-lease-status: unlocked
last-modified: Thu, 12 Nov 2020 16:47:33 GMT
server: cloudflare
etag: 0x8D8872AA6D573E5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 276d6e86-b01e-0058-7432-0de1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8614c9615d6d1e5b-FRA
expires: Sat, 09 Mar 2024 18:11:14 GMT

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 36 B
91 B 73ms
73ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 95ad89143c22c60442bfab4646c8a5e85cef5f091e0f26405a160e2197f73706

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 18:11:14 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
content-type: application/json

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 13 KB
4 KB 65ms
65ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 18:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nLr4hEi4fuLY/p0DQsLcMA==
age: 79951
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3343
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D721792550E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5b42768b-401e-004c-1da4-0ba9b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8614c961de481e5b-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 62 KB
15 KB 66ms
66ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 18:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ue/MTNcIjSCNWtleQfbrzg==
age: 79951
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14986
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D7217E98574
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0a5af3cd-701e-0025-5690-1390ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8614c961de4b1e5b-FRA

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 127ms
72ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 609c9bb16ecf73c3c4ca27f735e96f7decb1c2c4278b64fe6e76f7fc824e6cda

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:11:15 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

POST
H3 200 audiences Show response
api.permutive.com/audience-matching/v1/id/ccfa8385-1591-4faa-873a-6b598fa025d3/ 12 B
25 B 124ms
124ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/ccfa8385-1591-4faa-873a-6b598fa025d3/audiences?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 18:11:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
128 B 202ms
201ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 908a336975f71cf1df289c88c1a6c8495101e2325be2be2f5ae764c4c39e2a10

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Mar 2024 18:11:15 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110

GET t
jadserve.postrelease.com/ 0
0

GET
H2 200 app.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 5 KB
2 KB 45ms
45ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/app.js?ver=1.9.10

Requested by

Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7b56af893358318f9825834c44e15ba72af5dd08fda34a56c0bd7b6ef1d9f355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Mar 2023 15:38:10 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"64075a62-15f6"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 infinite-scroll.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 2 KB
1 KB 45ms
45ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/infinite-scroll.js

Requested by

Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7e05e9d46bf40f5680785219923194ea26309a765e5ef4e9c8c89b21e496912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observer.com/politics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 18:11:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 05 Mar 2024 16:57:23 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"65e74ef3-6c6"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 92ms
91ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 18:11:15 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET posts
observer.com/wp-json/wp/v2/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fobserver.com%2Fpolitics%2F&ntv_mvi

Domain: observer.com
URL: https://observer.com/wp-json/wp/v2/posts?page=2&channel=423868943&source=infinite-scroll&queried_term_id=423868943&offset=21

Verdicts & Comments Add Verdict or Comment

254 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
observer.com/	1970-01-21 04:34:41	Name: hcpermutive_uuid Value: b556f565-a4fc-49ba-b20f-ab9c7df69818
observer.com/	1970-01-20 18:58:43	Name: sailthru_pageviews Value: 1
.observer.com/	1970-01-20 18:58:43	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://observer.com/politics/%22%2C%22sref%22:%22%22%2C%22sts%22:1709921469429%2C%22slts%22:0}
.observer.com/	1970-01-21 04:28:05	Name: _parsely_visitor Value: {%22id%22:%22pid=2f0ce20f745e524215423813b86b5092%22%2C%22session_count%22:1%2C%22last_session_ts%22:1709921469429}
.observer.com/	1970-01-20 19:00:07	Name: _gid Value: GA1.2.1225133792.1709921469
.observer.com/	1970-01-21 04:34:41	Name: _ga_T9PLB60R8S Value: GS1.1.1709921469.1.0.1709921469.60.0.0
observer.com/	1970-01-20 18:58:41	Name: __adblocker Value: false
.observer.com/	1970-01-21 04:27:25	Name: _pcid Value: %7B%22browserId%22%3A%22ltiz3e7kxcao6ese%22%7D
.observer.com/	1970-01-21 04:27:25	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
observer.com/	1970-01-20 21:08:13	Name: __pnahc Value: 0
.observer.com/	1970-01-21 04:27:29	Name: _awl Value: 2.1709921469.5-1497e3b06a93e527389852fe4b10d2ad-6763652d6575726f70652d7765737431-0
observer.com/	1970-01-21 03:44:17	Name: sailthru_visitor Value: 95901a65-ee7e-4f9e-8a21-e068b675232c
observer.com/	1970-01-20 19:00:07	Name: userVisitTime Value: 1709921470071
observer.com/	1970-01-20 18:58:43	Name: sailthru_overlays Value: b1adba21-b19e-44b6-ae1f-9721d100122e
.piano.io/	1970-01-20 18:58:43	Name: __cf_bm Value: .6I2tcZPTNuiA.WCp8lvq3y9RTjlOrzcZorDIzs.fGY-1709921470-1.0.1.1-MZmkZubYmYxHrt6Gf7xl9O0d2EO4XOPKWVeT1mA8ScSarzKsD8a6YoIhBzOOC.PAvKa7itmhN1J8S3_cO6v6kw
.observer.com/	1970-01-21 04:34:41	Name: __tbc Value: %7Bkpex%7DPSpehOKIQorPBi7T-rM3wwbMsOiknn5ueGrk1J2wiiJQ5UnP7_LkxLABlshujTYy
.observer.com/	1970-01-20 19:41:49	Name: __pat Value: -18000000
.observer.com/	1970-01-20 19:00:07	Name: __pvi Value: eyJpZCI6InYtMjAyNC0wMy0wOC0xOS0xMS0wOS05MDktdlcxTjhGNjdYSm5WOFhXQS1iYzlmOTQyZDVlNTBiYTY0MzJiNjg2YzQ1YzVlNmRjOCIsImRvbWFpbiI6Ii5vYnNlcnZlci5jb20iLCJ0aW1lIjoxNzA5OTIxNDcwMjI3fQ%3D%3D
.observer.com/	1970-01-21 04:27:25	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.observer.com/	1970-01-21 04:34:41	Name: xbc Value: %7Bkpex%7DuhEyalkr26EULyw184ji--dMdr4HH4tOiXjyGJtE1Cg
.observer.com/	1970-01-20 21:08:17	Name: _fbp Value: fb.1.1709921470241.2093498153
.observer.com/	1970-01-20 19:08:46	Name: sharedid Value: b06ee987-aa59-4199-b6e2-a7abd1640ad4
.observer.com/	1970-01-20 19:08:46	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
.observer.com/	1970-01-21 04:34:41	Name: _ga Value: GA1.2.1579311052.1709921469
.observer.com/	1970-01-20 18:58:41	Name: _dc_gtm_UA-1212249-1 Value: 1
.observer.com/	1970-01-21 03:44:17	Name: _hjSessionUser_3537567 Value: eyJpZCI6ImFkMWViNmVlLWE2NTUtNTQ4Ny05NGU4LTM2ZGQyNjQ1N2YxNyIsImNyZWF0ZWQiOjE3MDk5MjE0NzM4MTMsImV4aXN0aW5nIjpmYWxzZX0=
.observer.com/	1970-01-20 18:58:43	Name: _hjSession_3537567 Value: eyJpZCI6IjVkZWM1MjY5LTg4Y2ItNDBjNi05MjY2LTI3YjBjMWE0NzIwNiIsImMiOjE3MDk5MjE0NzM4MTMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.observer.com/	1970-01-20 23:23:35	Name: permutive-id Value: ccfa8385-1591-4faa-873a-6b598fa025d3
.3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/	1970-01-20 21:11:10	Name: pxid Value: 30398599-5f14-4adc-9c50-9cb8a9980136
.observer.com/	1970-01-21 03:44:17	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Mar+08+2024+19%3A11%3A14+GMT%2B0100+(Central+European+Standard+Time)&version=6.9.0&hosts=&landingPath=https%3A%2F%2Fobserver.com%2Fpolitics%2F&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1
.adnxs.com/	1970-01-21 04:34:41	Name: receive-cookie-deprecation Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/618909876214345?v=2.9.148&r=stable&domain=observer.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://observer.com/politics/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://observer.com/politics/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d' from origin 'https://observer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://observer.com/politics/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co
aax.amazon-adsystem.com
ak.sail-horizon.com
ams-pageview-public.s3.amazonaws.com
api.permutive.com
api.sail-personalize.com
c.amazon-adsystem.com
c2-sandbox.piano.io
cdn.cookielaw.org
cdn.parsely.com
cdn.permutive.com
config.aps.amazon-adsystem.com
connect.facebook.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geolocation.onetrust.com
htlbid.com
ib.adnxs.com
jadserve.postrelease.com
observer.com
overlay-track.sailthru.cloud
p1.parsely.com
pixel.wp.com
politicker.com
region1.analytics.google.com
rules.quantcount.com
s.ntv.io
sandbox.tinypass.com
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
stats.wp.com
truculentrate.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.npttech.com
c.amazon-adsystem.com
jadserve.postrelease.com
observer.com
13.224.186.120
13.32.27.39
18.164.52.73
18.239.81.214
18.239.83.98
18.66.112.45
18.66.97.10
185.89.210.82
192.0.66.160
192.0.76.3
2001:4860:4802:34::36
23.61.138.29
2600:1901:0:7416::1
2600:9000:223c:3800:6:44e3:f8c0:93a1
2600:9000:223e:fa00:5:82fd:2500:21
2600:9000:223f:ae00:8:48e:53c0:93a1
2600:9000:2490:600:11:b309:9100:21
2606:4700:4400::ac40:9b77
2606:4700::6811:7611
2606:4700::6811:c376
2606:4700::6812:82ec
2606:4700::6812:a07e
2606:4700:e6::ac40:cf09
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c1d::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.239.232.228
3.90.90.139
34.107.254.252
35.241.9.51
52.217.228.9
52.222.200.60
54.155.18.159
75.2.40.13
99.86.4.128
01e8ea224688d6d4a25454f3665dce849bde309bc2d9aff9df884c4b52373286
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08137d731439f76c8cd0193d46327d52c4502db4021386720da4be5137edcb54
08a4cf25a6bc0f46d331a77225603d5b9b02dbff2afad2c5300dc9fddc715b91
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
0dd939ba44b5f736949846fc0e0ee411f12ca8b25e2416a938699e0120a236bc
1320340a92c586506168e30c21c161c9c1f9abc3c3d38448b83afe7c502b673f
1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cff7dc31231b75241d9abb8ed83f0d36852601fe879120b9d4a62072077f823
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
215dd4d81ddc1349b0199e534ebcf13f35af2d77eb2ee9e7185ab4590f158613
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2cbc6c13af45bc311311531d579cd7e529376564ba3eef9af1f50e02f0998db0
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e256a180025855d8521b1aeacc337c5bc34f88865bbd09680c9f7192c937553
2f0c89ae1b6ee5da942accbbf66c5853d64ff32b0d08247ebb4fb5fd025bc843
2f7b5a0fd24fe0cd33e20015e96ce7d9d6bc111be5c89e947b696a82faf00e25
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
36e24dc06e51fdd9b13497039bf3c286b61476669c715a274b9a6703b4000a2b
39727f9b7aca589784dccb043e74ad342e0e12d51574a6c56805258391383019
3afad7944608ccb8f39bb022444e73be0d7d2bc03ade1aebd436d17c3c2eefc4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
47e1a8eebfcf1720a3c06340e5da3fc09dedc52d436f0c79806c0373b3bd8008
4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
57298ae9c2168c3f86b4f4e67b9b6a222ce706ed3c8191f391c03d37760d253e
574257158f8975391edb5a888bb212822ef3402b4985fca24da3a1e56e419169
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5c724c4cb202cda5ac3fc5dd433b3403995f9c2ddd9b45f52713de38a62deedd
5d55f7c21f317b20841033125e19ef280ff06aba9c8cb5ee2d6065220d8e5a30
5f4871b277dbebec4d8490673a48154537dc6f1969140f67c333e85704b50564
609c9bb16ecf73c3c4ca27f735e96f7decb1c2c4278b64fe6e76f7fc824e6cda
611a4a2dee3757663c70b8d67fe9c83a9d537270b13494b479da2102a7642b41
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
6bd68050c8bdc6f12d6924e49ea78dbe0bbcb74599c20897067a4b8f602fac70
6c05e433ca10b433edfc856fd903cb5f2da848a54e4507642a48981deed8bb05
6fdb0ab9a2d0640a5c9e03dd65b72211661555c507f783a25cf5568b30064018
702489e680eb95a49ce42a55449f5c04f135c521a8dd33668ae6b27b9b9cc2c2
70395edaa5645777e2f69d3ecf545d8923dc26df6d2d17dad63b907ec8b5297a
705110851e09c9f6cb085ea3f01e720444f320eab7499dcb5937af0c9ddeecad
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0
756dd7203be6457d7dd15085b51cb7fcee2efdc6e1e46792c7a5272775a82243
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7b56af893358318f9825834c44e15ba72af5dd08fda34a56c0bd7b6ef1d9f355
7cc8f8f131774a8405d79658e64366f7044e6f439cfccaf977aecf0deb4c052e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8691a65cf2c9040198ec2d6bb43438453c2a62f517f7ce31c16b0b807caec31c
87dbbfc4146fd6731ce7aeb4fa93284deee4df25e7d507e21b3a6e9cf7adb0b4
8989e4104a89fa84eb086dd735cfe9d0077dbd5887eff9b5e788dc43b99293d5
8990aa15eac245af6c6e1659e307d87319e360dfb7841984e17aac14bc583c11
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
90554181b9d143453475bb69bbce45d406f2d2119409db9b71da8552536681a7
908a336975f71cf1df289c88c1a6c8495101e2325be2be2f5ae764c4c39e2a10
91213ab7118e309db20cea95c70de46777888533a1e5c5533f7a9661430d5cb4
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591
95ad89143c22c60442bfab4646c8a5e85cef5f091e0f26405a160e2197f73706
96521ecede9febf52a70cbe9447f4237ddd8b519557c21a3d6e49f94d6ce54cd
97816b3ca3d676b5241a16fd6fb3f3e4050a3b99c914f0a66f0bcc074617ba80
9d5e418b5750653e02058cfa67d6b8f6311359cb276229f2d7307ffa05b3f840
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b
a1434becee72b5abad8fd9e5eae43cbd258fcf5e7d5b6dab31df4f9ed07ff2ff
a384a78bc8bee6afceab3ff107315b1bdcc0fd2622246826d16b503e742a8cdf
a6bd82ce11691967331ab445c196243e9df898ee6e7984791ec21beed5a8b96d
a7b23f357530667a4d5d574a7b9141f0858db9f3dc49ad1e676bd850b8093c22
ad3bedba9a0f0d52093942c2b0107f7cb212147092bed09c6ae73591d1811dfe
afc51cf5a47eefc936a19c6a34480275a043c455c9e293404e6b8e66002b6ec2
b3b08474cde3cdf017abb5ad4e3603e5124378cd71466908c78241752fabbb31
b6cf23ed282a5cb25c43c5923908a43cc8c4c9e92b23a1f73eb7b0af46ef6534
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8
b9e2466b31b350de239b426825d68c515a7988ede4de6c755e237e4525951668
bb1c67bd3d406f42adb73e25f115571446ca9ed318938380bdeeed9b3b4b1bd8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0472ab03b5cc819b6f3a01c3d0519af30215aed943bd77a11d9625f93b4ab55
c0eb09d747f4cb0d61057afe50609d7419873b0bdbc56f6965f3098a1cf6d975
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c3c24d578a72dcc6aed7b6927169623dac1af2c44c3a39436d764b9be81760ea
c46b033d7688f2f46e87a04634a1389db91ceea1be9cb70d1ae9205819739a7e
c4c3088deffa9aa3344847044fddeff6de731f573b28ce5620a252e49929d191
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca65ebc4d40a7ffdbbff592acfbfff744ef1c2e785bf293f4778d29f978d547d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87
d181fd14e2a5df3052bac534a65f311a39b3a0e57d45f4494f09e3bf26d94c0a
d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348
d960ec924eb69e567c94f9ba13ed16056553c7ae133c0c489a5805307e04e3d0
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db5e2c2b0b16f37a177e90cd5eb27ea273b1e3d45bf8d7ef716229e5fc0e1402
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91d78778c750d0c648be55486083cb48eb0691e4b2df83c7a512f04079da6ab
ec2818120cb1a39d50c97572970f5f86f0ad13c71438e4ff7672c25351f415d9
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5f8d6a9ea52bd9b20497b837b74bde31586062d5b0e16be75f8bbdffc29840
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7e05e9d46bf40f5680785219923194ea26309a765e5ef4e9c8c89b21e496912
f9b2e3c3df725ecde25317780b02ea8db16d24ee22e6b95c09483cc34d65ff7f
fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

observer.com Open in urlscan Pro 192.0.66.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

96 %HTTPS

55 %IPv6

36 Domains

47 Subdomains

45 IPs

5 Countries

2072 kBTransfer

7246 kBSize

31 Cookies

14 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

observer.com Open in urlscan Pro
192.0.66.160 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

96 %
HTTPS

55 %
IPv6

36
Domains

47
Subdomains

45
IPs

5
Countries

2072 kB
Transfer

7246 kB
Size

31
Cookies

134 HTTP transactions
2 data transactions